+ // TODO make it XA compatible
+ SecretKey oldSecretKey = getSecretKey(oldPassword);
+ SecretKey newSecretKey = getSecretKey(newPassword);
+ Session session = session();
+ try {
+ NodeIterator encryptedNodes = session.getWorkspace().getQueryManager()
+ .createQuery("select * from [argeo:encrypted]", Query.JCR_SQL2).execute().getNodes();
+ while (encryptedNodes.hasNext()) {
+ Node node = encryptedNodes.nextNode();
+ InputStream in = decrypt(oldSecretKey, createCipher(), node);
+ encrypt(newSecretKey, createCipher(), node, in);
+ if (log.isDebugEnabled())
+ log.debug("Converted keyring encrypted value of " + node.getPath());
+ }
+ } catch (GeneralSecurityException e) {
+ throw new RuntimeException("Cannot change JCR keyring password", e);
+ } catch (RepositoryException e) {
+ throw new JcrException("Cannot change JCR keyring password", e);
+ } finally {
+ JcrUtils.logoutQuietly(session);
+ }