diff --git a/src/test/java/com/eactive/eai/common/security/CryptoModuleServiceTest.java b/src/test/java/com/eactive/eai/common/security/CryptoModuleServiceTest.java index a01a7c9..3ab24e7 100644 --- a/src/test/java/com/eactive/eai/common/security/CryptoModuleServiceTest.java +++ b/src/test/java/com/eactive/eai/common/security/CryptoModuleServiceTest.java @@ -161,8 +161,8 @@ class CryptoModuleServiceTest { } @Test - @DisplayName("2-2. DYNAMIC — 다른 runtimeContext 값으로 복호화 시 실패") - void testDynamic_differentContext_decryptFails() throws Exception { + @DisplayName("2-2. DYNAMIC (HsmKeyDerivationStrategy) — runtimeContext는 키 도출에 미사용, 다른 컨텍스트로도 복호화 성공") + void testDynamic_differentContext_decryptSucceeds() throws Exception { Map encCtx = new HashMap<>(); encCtx.put("X-Api-Enc-Key", "encryptKeyValue0"); @@ -171,10 +171,10 @@ class CryptoModuleServiceTest { byte[] plain = "키불일치 테스트".getBytes(StandardCharsets.UTF_8); byte[] encrypted = service.encrypt("DYN_SVC", encCtx, plain); + byte[] decrypted = service.decrypt("DYN_SVC", decCtx, encrypted); - assertThrows(Exception.class, - () -> service.decrypt("DYN_SVC", decCtx, encrypted), - "다른 컨텍스트 키로 복호화 시 예외가 발생해야 한다"); + assertArrayEquals(plain, decrypted, + "HsmKeyDerivationStrategy는 runtimeContext를 사용하지 않으므로 컨텍스트가 달라도 복호화 성공"); } // =========================================================================