Fix keyring

git-svn-id: https://svn.argeo.org/commons/trunk@9111 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/org.argeo.security.ui/META-INF/spring/osgi.xml b/org.argeo.security.ui/META-INF/spring/osgi.xml
index a3b8e5fdf54451b6e29d887ac5799019e240437b..500efd1df90052b03e5110fd3244c98a6b465d52 100644 (file)
--- a/org.argeo.security.ui/META-INF/spring/osgi.xml
+++ b/org.argeo.security.ui/META-INF/spring/osgi.xml
@@ -12,7 +12,7 @@
                cardinality="0..1" />\r
 \r
        <reference id="nodeRepository" interface="javax.jcr.Repository"\r
-               filter="(argeo.jcr.repository.alias=node)" />\r
+               filter="(argeo.jcr.repository.alias=home)" />\r
 \r
        <reference id="defaultCallbackHandler" interface="javax.security.auth.callback.CallbackHandler" />\r
 \r

diff --git a/org.argeo.server.jcr/src/org/argeo/jcr/security/JcrKeyring.java b/org.argeo.server.jcr/src/org/argeo/jcr/security/JcrKeyring.java
index b43c5d6c60e49d12ed5ab44786b2d7cc5255d743..8ab6ed3556ec64288dd7c964e22a1616913c5db0 100644 (file)
--- a/org.argeo.server.jcr/src/org/argeo/jcr/security/JcrKeyring.java
+++ b/org.argeo.server.jcr/src/org/argeo/jcr/security/JcrKeyring.java
@@ -19,6 +19,7 @@ import java.io.ByteArrayInputStream;
 import java.io.CharArrayReader;
 import java.io.InputStream;
 import java.io.Reader;
+import java.security.Provider;
 import java.security.SecureRandom;
 
 import javax.crypto.Cipher;
@@ -119,12 +120,11 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                        // TODO check if algo and key length are available, use DES if not
                        keyring.setProperty(ARGEO_SECRET_KEY_FACTORY, secreteKeyFactoryName);
                        keyring.setProperty(ARGEO_KEY_LENGTH, secreteKeyLength);
-                       keyring.setProperty(ARGEO_SECRET_KEY_ENCRYPTION,
-                                       secreteKeyEncryption);
+                       keyring.setProperty(ARGEO_SECRET_KEY_ENCRYPTION, secreteKeyEncryption);
                        keyring.setProperty(ARGEO_CIPHER, cipherName);
 
-                       //keyring.getSession().save();
-                       
+                       // keyring.getSession().save();
+
                        // encrypted password hash
                        // IOUtils.closeQuietly(in);
                        // JcrUtils.closeQuietly(binary);
@@ -155,13 +155,11 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                        else
                                throw new ArgeoJcrException("Keyring not setup");
 
-                       pbeCallback.set(keyring.getProperty(ARGEO_SECRET_KEY_FACTORY)
-                                       .getString(), JcrUtils.getBinaryAsBytes(keyring
-                                       .getProperty(ARGEO_SALT)),
+                       pbeCallback.set(keyring.getProperty(ARGEO_SECRET_KEY_FACTORY).getString(),
+                                       JcrUtils.getBinaryAsBytes(keyring.getProperty(ARGEO_SALT)),
                                        (int) keyring.getProperty(ARGEO_ITERATION_COUNT).getLong(),
                                        (int) keyring.getProperty(ARGEO_KEY_LENGTH).getLong(),
-                                       keyring.getProperty(ARGEO_SECRET_KEY_ENCRYPTION)
-                                                       .getString());
+                                       keyring.getProperty(ARGEO_SECRET_KEY_ENCRYPTION).getString());
 
                        if (notYetSavedKeyring.get() != null)
                                notYetSavedKeyring.remove();
@@ -228,10 +226,8 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 
                                Node node = session.getNode(path);
                                if (node.hasProperty(ARGEO_IV)) {
-                                       byte[] iv = JcrUtils.getBinaryAsBytes(node
-                                                       .getProperty(ARGEO_IV));
-                                       cipher.init(Cipher.DECRYPT_MODE, secretKey,
-                                                       new IvParameterSpec(iv));
+                                       byte[] iv = JcrUtils.getBinaryAsBytes(node.getProperty(ARGEO_IV));
+                                       cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
                                } else {
                                        cipher.init(Cipher.DECRYPT_MODE, secretKey);
                                }
@@ -255,17 +251,20 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                        if (!userHome.hasNode(ARGEO_KEYRING))
                                throw new ArgeoJcrException("Keyring not setup");
                        Node keyring = userHome.getNode(ARGEO_KEYRING);
-                       Cipher cipher = Cipher.getInstance(keyring
-                                       .getProperty(ARGEO_CIPHER).getString(),
-                                       getSecurityProvider());
+                       String cipherName = keyring.getProperty(ARGEO_CIPHER).getString();
+                       Provider securityProvider = getSecurityProvider();
+                       Cipher cipher;
+                       if (securityProvider == null)// TODO use BC?
+                               cipher = Cipher.getInstance(cipherName);
+                       else
+                               cipher = Cipher.getInstance(cipherName, securityProvider);
                        return cipher;
                } catch (Exception e) {
                        throw new ArgeoJcrException("Cannot get cipher", e);
                }
        }
 
-       public synchronized void changePassword(char[] oldPassword,
-                       char[] newPassword) {
+       public synchronized void changePassword(char[] oldPassword, char[] newPassword) {
                // TODO decrypt with old pw / encrypt with new pw all argeo:encrypted
        }