+/*
+ * Copyright (C) 2007-2012 Mathieu Baudier
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.argeo.jcr.security;
import java.io.ByteArrayInputStream;
import org.apache.commons.io.IOUtils;
import org.argeo.ArgeoException;
+import org.argeo.jcr.ArgeoJcrUtils;
import org.argeo.jcr.ArgeoNames;
import org.argeo.jcr.ArgeoTypes;
import org.argeo.jcr.JcrUtils;
if (notYetSavedKeyring.get() != null)
return true;
- Node userHome = JcrUtils.getUserHome(session);
+ Node userHome = ArgeoJcrUtils.getUserHome(session);
return userHome.hasNode(ARGEO_KEYRING);
} catch (RepositoryException e) {
throw new ArgeoException("Cannot check whether keyring is setup", e);
Binary binary = null;
InputStream in = null;
try {
- Node userHome = JcrUtils.getUserHome(session);
+ Node userHome = ArgeoJcrUtils.getUserHome(session);
if (userHome.hasNode(ARGEO_KEYRING))
throw new ArgeoException("Keyring already setup");
Node keyring = userHome.addNode(ARGEO_KEYRING);
@Override
protected void handleKeySpecCallback(PBEKeySpecCallback pbeCallback) {
try {
- Node userHome = JcrUtils.getUserHome(session);
+ Node userHome = ArgeoJcrUtils.getUserHome(session);
Node keyring;
if (userHome.hasNode(ARGEO_KEYRING))
keyring = userHome.getNode(ARGEO_KEYRING);
}
}
- /** The node must already exist at this path */
+ /** The node must already exist at this path. Session is saved. */
@Override
- protected void encrypt(String path, InputStream unencrypted) {
+ protected synchronized void encrypt(String path, InputStream unencrypted) {
// should be called first for lazy initialization
SecretKey secretKey = getSecretKey();
Cipher cipher = createCipher();
if (!session.nodeExists(path))
throw new ArgeoException("No node at " + path);
+ if (session.hasPendingChanges())
+ session.save();
Node node = session.getNode(path);
node.addMixin(ArgeoTypes.ARGEO_ENCRYPTED);
SecureRandom random = new SecureRandom();
in = new CipherInputStream(unencrypted, cipher);
binary = session.getValueFactory().createBinary(in);
node.setProperty(Property.JCR_DATA, binary);
+ session.save();
} catch (Exception e) {
throw new ArgeoException("Cannot encrypt", e);
} finally {
}
@Override
- protected InputStream decrypt(String path) {
+ protected synchronized InputStream decrypt(String path) {
// should be called first for lazy initialization
SecretKey secretKey = getSecretKey();
protected Cipher createCipher() {
try {
- Node userHome = JcrUtils.getUserHome(session);
+ Node userHome = ArgeoJcrUtils.getUserHome(session);
if (!userHome.hasNode(ARGEO_KEYRING))
throw new ArgeoException("Keyring not setup");
Node keyring = userHome.getNode(ARGEO_KEYRING);
}
}
- public void changePassword(char[] oldPassword, char[] newPassword) {
- // TODO Auto-generated method stub
-
+ public synchronized void changePassword(char[] oldPassword,
+ char[] newPassword) {
+ // TODO decrypt with old pw / encrypt with new pw all argeo:encrypted
}
- public Session getSession() {
+ public synchronized Session getSession() {
return session;
}
- public void setSession(Session session) {
+ public synchronized void setSession(Session session) {
this.session = session;
}