X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=server%2Fruntime%2Forg.argeo.server.jcr%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fjcr%2Fsecurity%2FJcrKeyring.java;h=a35bbd2724a878f30bc8cdd0a3d15f6b25d67d57;hb=2134dd19734711b05710c1250b665c32fbe7263c;hp=c09209a7cd22b45a148bfb287c9d22dd395de602;hpb=1d5afdce3e91054f07ddd3c98309c363b4cf1d46;p=lgpl%2Fargeo-commons.git

diff --git a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/JcrKeyring.java b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/JcrKeyring.java
index c09209a7c..a35bbd272 100644
--- a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/JcrKeyring.java
+++ b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/JcrKeyring.java
@@ -34,6 +34,7 @@ import org.argeo.ArgeoException;
 import org.argeo.jcr.ArgeoNames;
 import org.argeo.jcr.ArgeoTypes;
 import org.argeo.jcr.JcrUtils;
+import org.argeo.jcr.UserJcrUtils;
 import org.argeo.util.crypto.AbstractKeyring;
 import org.argeo.util.crypto.PBEKeySpecCallback;
 
@@ -62,7 +63,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 			if (notYetSavedKeyring.get() != null)
 				return true;
 
-			Node userHome = JcrUtils.getUserHome(session);
+			Node userHome = UserJcrUtils.getUserHome(session);
 			return userHome.hasNode(ARGEO_KEYRING);
 		} catch (RepositoryException e) {
 			throw new ArgeoException("Cannot check whether keyring is setup", e);
@@ -74,7 +75,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 		Binary binary = null;
 		InputStream in = null;
 		try {
-			Node userHome = JcrUtils.getUserHome(session);
+			Node userHome = UserJcrUtils.getUserHome(session);
 			if (userHome.hasNode(ARGEO_KEYRING))
 				throw new ArgeoException("Keyring already setup");
 			Node keyring = userHome.addNode(ARGEO_KEYRING);
@@ -125,7 +126,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 	@Override
 	protected void handleKeySpecCallback(PBEKeySpecCallback pbeCallback) {
 		try {
-			Node userHome = JcrUtils.getUserHome(session);
+			Node userHome = UserJcrUtils.getUserHome(session);
 			Node keyring;
 			if (userHome.hasNode(ARGEO_KEYRING))
 				keyring = userHome.getNode(ARGEO_KEYRING);
@@ -149,9 +150,9 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 		}
 	}
 
-	/** The node must already exist at this path */
+	/** The node must already exist at this path. Session is saved. */
 	@Override
-	protected void encrypt(String path, InputStream unencrypted) {
+	protected synchronized void encrypt(String path, InputStream unencrypted) {
 		// should be called first for lazy initialization
 		SecretKey secretKey = getSecretKey();
 
@@ -164,6 +165,8 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 			Cipher cipher = createCipher();
 			if (!session.nodeExists(path))
 				throw new ArgeoException("No node at " + path);
+			if (session.hasPendingChanges())
+				session.save();
 			Node node = session.getNode(path);
 			node.addMixin(ArgeoTypes.ARGEO_ENCRYPTED);
 			SecureRandom random = new SecureRandom();
@@ -194,6 +197,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 			in = new CipherInputStream(unencrypted, cipher);
 			binary = session.getValueFactory().createBinary(in);
 			node.setProperty(Property.JCR_DATA, binary);
+			session.save();
 		} catch (Exception e) {
 			throw new ArgeoException("Cannot encrypt", e);
 		} finally {
@@ -206,7 +210,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 	}
 
 	@Override
-	protected InputStream decrypt(String path) {
+	protected synchronized InputStream decrypt(String path) {
 		// should be called first for lazy initialization
 		SecretKey secretKey = getSecretKey();
 
@@ -246,7 +250,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 
 	protected Cipher createCipher() {
 		try {
-			Node userHome = JcrUtils.getUserHome(session);
+			Node userHome = UserJcrUtils.getUserHome(session);
 			if (!userHome.hasNode(ARGEO_KEYRING))
 				throw new ArgeoException("Keyring not setup");
 			Node keyring = userHome.getNode(ARGEO_KEYRING);
@@ -258,16 +262,16 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 		}
 	}
 
-	public void changePassword(char[] oldPassword, char[] newPassword) {
-		// TODO Auto-generated method stub
-
+	public synchronized void changePassword(char[] oldPassword,
+			char[] newPassword) {
+		// TODO decrypt with old pw / encrypt with new pw all argeo:encrypted
 	}
 
-	public Session getSession() {
+	public synchronized Session getSession() {
 		return session;
 	}
 
-	public void setSession(Session session) {
+	public synchronized void setSession(Session session) {
 		this.session = session;
 	}