From 399bd9c58d05cc569fc34b2bbaa0b8c5412f0487 Mon Sep 17 00:00:00 2001 From: Rinjae Date: Mon, 22 Jun 2026 16:29:45 +0900 Subject: [PATCH] =?UTF-8?q?Damo=20=EC=A0=81=EC=9A=A9=20=EC=A4=80=EB=B9=84?= =?UTF-8?q?=20=EC=BD=94=EB=93=9C=20-=20KjbNotRnnoJpaAttributeConverter=20?= =?UTF-8?q?=EC=82=AD=EC=A0=9C=20=EB=B0=8F=20PersonalDataEncryptConverter?= =?UTF-8?q?=20=EC=B6=94=EA=B0=80=20-=20damo-manager=20=EC=A7=80=EC=9B=90?= =?UTF-8?q?=EC=9D=84=20=EC=9C=84=ED=95=9C=20JSP=20=EC=B6=94=EA=B0=80=20?= =?UTF-8?q?=EB=B0=8F=20=EB=A0=88=EA=B1=B0=EC=8B=9C=20=EC=95=94=ED=98=B8?= =?UTF-8?q?=ED=99=94=20=EB=A7=88=EC=9D=B4=EA=B7=B8=EB=A0=88=EC=9D=B4?= =?UTF-8?q?=EC=85=98=20=EC=BB=A8=ED=8A=B8=EB=A1=A4=EB=9F=AC=20=EA=B5=AC?= =?UTF-8?q?=ED=98=84=20-=20=EA=B8=B0=EC=A1=B4=20=EC=97=94=ED=8B=B0?= =?UTF-8?q?=ED=8B=B0=20=EC=95=94=ED=98=B8=ED=99=94=20=EB=A1=9C=EC=A7=81=20?= =?UTF-8?q?=EB=B3=80=EA=B2=BD=20=EB=B0=8F=20build.gradle=EC=97=90=20damo-m?= =?UTF-8?q?anager=20=EC=9D=98=EC=A1=B4=EC=84=B1=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- WebContent/damo.jsp | 170 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 170 insertions(+) create mode 100644 WebContent/damo.jsp diff --git a/WebContent/damo.jsp b/WebContent/damo.jsp new file mode 100644 index 0000000..6cac785 --- /dev/null +++ b/WebContent/damo.jsp @@ -0,0 +1,170 @@ +<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8" %> +<%@ page import="java.lang.reflect.Method" %> +<%@ page import="org.apache.commons.lang3.StringUtils" %> +<%@ page import="com.eactive.eai.rms.common.login.SessionManager" %> +<%! + // 최소 HTML 이스케이프 (진단 페이지 XSS 방지) + private String esc(String s) { + if (s == null) return ""; + StringBuilder b = new StringBuilder(s.length() + 16); + for (int i = 0; i < s.length(); i++) { + char c = s.charAt(i); + switch (c) { + case '&': b.append("&"); break; + case '<': b.append("<"); break; + case '>': b.append(">"); break; + case '"': b.append("""); break; + case '\'': b.append("'"); break; + default: b.append(c); + } + } + return b.toString(); + } +%> +<% + // 로그인 사용자만 접근 — real 모드에서 운영 키 암복호화 오라클이 되지 않도록 보호 + if (StringUtils.isBlank(SessionManager.getUserId(request)) + && StringUtils.isBlank(SessionManager.getRoleIdString(request))) { + response.sendRedirect(request.getContextPath() + "/loginForm.do"); + return; + } + + response.setHeader("Pragma", "No-cache"); + response.setHeader("Cache-Control", "no-cache"); + response.setHeader("Expires", "0"); + request.setCharacterEncoding("utf-8"); + + String op = request.getParameter("op"); + String input = request.getParameter("input"); + boolean run = request.getParameter("run") != null; + if (op == null) op = "encrypt"; + if (input == null) input = ""; + + String mode = "UNKNOWN"; + String revision = "-"; + String returnCode = "-"; + String result = ""; + String error = ""; + boolean loaded = false; + + try { + Class cls = Class.forName("com.eactive.ext.djb.DamoManager"); + Object damo = cls.getMethod("getInstance").invoke(null); + loaded = true; + + boolean bypass = (Boolean) cls.getMethod("isBypassMode").invoke(damo); + boolean fake = (Boolean) cls.getMethod("isFakeMode").invoke(damo); + mode = bypass ? "BYPASS" : (fake ? "FAKE" : "REAL"); + revision = String.valueOf(cls.getMethod("getRevision").invoke(damo)); + returnCode = String.valueOf(cls.getMethod("getReturnCode").invoke(damo)); + + if (run) { + if ("encrypt".equals(op)) { + result = (String) cls.getMethod("encrypt", String.class).invoke(damo, input); + } else if ("decrypt".equals(op)) { + result = (String) cls.getMethod("decrypt", String.class).invoke(damo, input); + } else if ("sha256".equals(op)) { + int t = cls.getField("SHA256").getInt(null); + result = (String) cls.getMethod("hash", int.class, String.class).invoke(damo, t, input); + } else if ("sha512".equals(op)) { + int t = cls.getField("SHA512").getInt(null); + result = (String) cls.getMethod("hash", int.class, String.class).invoke(damo, t, input); + } else { + error = "알 수 없는 op: " + op; + } + } + } catch (ClassNotFoundException e) { + error = "com.eactive.ext.djb.DamoManager 클래스를 찾을 수 없습니다. " + + "damo-manager.jar 를 WAS lib (운영) 또는 WEB-INF/lib 에 배포하세요."; + } catch (Throwable t) { + // require-real fail-fast(ExceptionInInitializerError) 또는 초기화 실패(NoClassDefFoundError) 포함 + Throwable c = (t.getCause() != null) ? t.getCause() : t; + error = c.toString(); + if (c instanceof NoClassDefFoundError + || error.contains("require-real") + || error.contains("Could not initialize")) { + error += " (※ -Ddamo-manager.require-real=true 인데 scpdb 가 없어 기동에 실패했을 수 있습니다. " + + "scpdb 를 갖추거나 옵션을 내리세요.)"; + } + } + + String badgeColor = "REAL".equals(mode) ? "#1a7f37" + : "BYPASS".equals(mode) ? "#9a3412" + : "FAKE".equals(mode) ? "#9a6700" : "#6e7781"; +%> + + + + + +DamoManager 테스트 + + + +

DamoManager 테스트

+
웹에서 encrypt / decrypt / hash 동작을 즉시 확인 (eapim-admin)
+ +
+
+ <% if (loaded) { %> + <%= mode %> MODE + revision=<%= esc(revision) %> · returnCode=<%= esc(returnCode) %> + <% } else { %> + NOT LOADED + damo-manager.jar 미배포 + <% } %> +
+ +
+
+
+ + +
+
+ + + + + + +
+ + <% if (run || error.length() > 0) { %> +
+ +
"><%= error.length() > 0 ? esc(error) : esc(result) %>
+
+ <% } %> + +
+ 모드 의미 — BYPASS: 무변환 원문 통과(기본값, 옵션 없음) · FAKE: Base64/JRE 해시(-Ddamo-manager.enabled=true, scpdb 없음) · REAL: penta scpdb 실 암복호화(enabled=true + scpdb).
+ BYPASS 모드에서는 encrypt/decrypt/hash 모두 입력을 그대로 반환합니다.
+ 운영은 -Ddamo-manager.require-real=true 로 real 강제(아니면 기동 실패). CLI 로도 동일 확인: java -jar damo-manager.jar enc <text> +
+
+ +