KJBank 암호화 관련 및 Sync 관련 수정
This commit is contained in:
+255
-8
@@ -84,13 +84,12 @@ import javax.crypto.Cipher;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.Base64;
|
||||
//import com.kjbank.encrypt.exchange.crypto.AES256Cipher;
|
||||
//import com.kjbank.encrypt.exchange.crypto.AESCipher;
|
||||
//import com.kjbank.encrypt.exchange.crypto.AES256GCMCipher;
|
||||
import com.kjbank.encrypt.exchange.crypto.AES256Cipher;
|
||||
import com.kjbank.encrypt.exchange.crypto.AESCipher;
|
||||
import com.kjbank.encrypt.exchange.crypto.AES256GCMCipher;
|
||||
import com.eactive.eai.authserver.service.OAuth2Manager;
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 1. 기능 : EAI HTTP OutBound 용 어댑터로 수동 시스템의 HTTP 웹 컴포넌트를 GET/POST 방식으로 호출할 수 있는
|
||||
* 기능을 제공한다.<br>
|
||||
@@ -311,7 +310,8 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
||||
case PUT:
|
||||
case POST:
|
||||
// assignPostBody(dataObject, contentType, vo.getEncode(), method);
|
||||
assignPostBody(dataContent, contentType, vo.getEncode(), method);
|
||||
//assignPostBody(dataContent, contentType, vo.getEncode(), method); // jwhong commnet
|
||||
assignPostBody(dataContent, contentType, vo.getEncode(), method, vo.getAdapterName());
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
@@ -359,6 +359,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
||||
|
||||
try {
|
||||
byte[] responseMessage = null;
|
||||
byte[] responseMessageOri = null;
|
||||
Header[] responseHeaders;
|
||||
|
||||
if (logger.isDebug() && "N".equals(vo.getTestCallYn())) {
|
||||
@@ -392,6 +393,11 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
||||
context.setAttribute(HttpClientAdapterServiceKey.LOG_PROCESS_NO, logProcessNo);
|
||||
}
|
||||
|
||||
// encrypt algorithm type 추출 from adapter property jwhong
|
||||
Properties properties = AdapterPropManager.getInstance().getProperties(vo.getAdapterName()); // jwhong
|
||||
String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong
|
||||
String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE"); // jwhong
|
||||
|
||||
try {
|
||||
if (logger.isDebug()) {
|
||||
logger.debug("[method getName]" + method.getMethod());
|
||||
@@ -402,7 +408,15 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
||||
try (CloseableHttpResponse response = (CloseableHttpResponse) mclient.execute(method, context)) {
|
||||
status = response.getCode();
|
||||
|
||||
responseMessage = EntityUtils.toByteArray(response.getEntity());
|
||||
//responseMessage = EntityUtils.toByteArray(response.getEntity());
|
||||
// 역기서 responseMessage를 decryption 해야 하나 by jwhong
|
||||
|
||||
responseMessageOri = EntityUtils.toByteArray(response.getEntity());
|
||||
System.out.println("responseMessageOri 바이트 배열 길이: " + responseMessageOri.length);
|
||||
|
||||
responseMessage = doOutboundPostFilter(responseMessageOri, encryptAlgorithm, vo.getAdapterName()); // jwhong
|
||||
// 여기까지
|
||||
|
||||
responseHeaders = response.getHeaders();
|
||||
|
||||
if (logger.isDebug()) {
|
||||
@@ -512,6 +526,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
||||
try (CloseableHttpResponse response = (CloseableHttpResponse) mclient.execute(method)) {
|
||||
status = response.getCode();
|
||||
responseMessage = EntityUtils.toByteArray(response.getEntity());
|
||||
// 여기서도 decryption 해야 할듯 하나.. by jwhong
|
||||
|
||||
if (logger.isDebug()) {
|
||||
logger.debug("[received status]" + status);
|
||||
@@ -722,7 +737,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
||||
}
|
||||
|
||||
@SuppressWarnings("deprecation")
|
||||
private void assignPostBody(Object eaiBody, String contentType, String charset, HttpUriRequestBase method) {
|
||||
private void assignPostBody(Object eaiBody, String contentType, String charset, HttpUriRequestBase method, String adapterName) {
|
||||
if (eaiBody == null) {
|
||||
return;
|
||||
}
|
||||
@@ -732,6 +747,8 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
||||
List<NameValuePair> params = new ArrayList<>();
|
||||
JSONObject jsonObject = (JSONObject) eaiBody;
|
||||
for (Object key : jsonObject.keySet()) {
|
||||
//String encryptedValue = encrypt((String) jsonObject.get(key)); // encrypt by jwhong
|
||||
//params.add(new BasicNameValuePair((String) key, encryptedValue ));
|
||||
params.add(new BasicNameValuePair((String) key, (String) jsonObject.get(key)));
|
||||
}
|
||||
|
||||
@@ -741,14 +758,244 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp
|
||||
} else {
|
||||
ContentType contentTypeObj = ContentType.create(contentType, charset);
|
||||
|
||||
String eaiBodyMessage = doOutboundPreFilter(eaiBody,adapterName); // jwhong
|
||||
StringEntity entity = new StringEntity(eaiBodyMessage, contentTypeObj);
|
||||
// 요청 본문을 StringEntity 객체로 생성
|
||||
StringEntity entity = new StringEntity(eaiBody.toString(), contentTypeObj);
|
||||
//StringEntity entity = new StringEntity(eaiBody.toString(), contentTypeObj);
|
||||
|
||||
// 요청에 본문 추가
|
||||
method.setEntity(entity);
|
||||
}
|
||||
}
|
||||
|
||||
private String doOutboundPreFilter(Object eaiBody, String adapterName) {
|
||||
|
||||
Properties properties = AdapterPropManager.getInstance().getProperties(adapterName); // jwhong
|
||||
String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong
|
||||
String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE");
|
||||
String encryptClientId = properties.getProperty("ENCRYPT_CLIENT_ID");
|
||||
|
||||
// outbound encrypt 는 SecretKey 또는 NICE-auth 가 암호화 key로 사용된다.
|
||||
// 참고로 inbound encrypt 에는 Token 또는 SecretKey 가 암호화 key로 사용된다.
|
||||
// 여기에 NICE-auth 뭔지 파악하여 logic 추가해야 한다.
|
||||
OAuth2Manager manager = OAuth2Manager.getInstance();
|
||||
ClientDetails clientDetail = manager.getClientDeatilsStore().get(encryptClientId);
|
||||
String clientSecret = "";
|
||||
if ( clientDetail != null ) {
|
||||
clientSecret = clientDetail.getClientSecret();
|
||||
}
|
||||
|
||||
// 여기서 SECRETY인지 nice-auth 인지 check 하여 clientSecret 값을 정하는 logic 추가하여 넘겨야한다.
|
||||
|
||||
String responseMessage = doOutboundPreEncrypt(eaiBody, encryptAlgorithm, clientSecret);
|
||||
return responseMessage;
|
||||
|
||||
}
|
||||
private String doOutboundPreEncrypt(Object eaiBody, String encryptAlgorithm, String clientSecretKey) {
|
||||
|
||||
String encryptedMessage = "";
|
||||
|
||||
switch (encryptAlgorithm) {
|
||||
case "AES":
|
||||
encryptedMessage = encrypt(eaiBody.toString()); // encrypt by jwhong
|
||||
break;
|
||||
case "AES128-TOSS":
|
||||
try {
|
||||
String key = clientSecretKey.substring(22,38);
|
||||
encryptedMessage = AESCipher.encrypt(eaiBody.toString(), key);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] AES128 Encryption error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
case "AES128-TOGETHER":
|
||||
try {
|
||||
String key = clientSecretKey.substring(44,60);
|
||||
encryptedMessage = AESCipher.encrypt(eaiBody.toString(), key);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] AES128 Encryption error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
case "AES256":
|
||||
//AES256Cipher aes256Cipher = new AES256Cipher();
|
||||
try {
|
||||
//String cleintSecretKey="BxnZ4wpIrTSw8fAkMuF3lYIGZySl1vl47jrErPpGWbAH7uUBeVsJ77njNUrnkAdHJ5fKbNqbiNIE6qCAJ8KfxYJMmbZZrsXCwNMUFooRUcsyRfcDd80h9v490UO4YoQB";
|
||||
String key = clientSecretKey.substring(10,42);
|
||||
//String key = "0123456789abcdefghij0123456789ab";
|
||||
//encryptedMessage= aes256Cipher.encrypt(eaiBody.toString(), key);
|
||||
encryptedMessage = AES256Cipher.encrypt(eaiBody.toString(), key);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
case "AES256GCM":
|
||||
try {
|
||||
byte[] key = AES256GCMCipher.generateKey();
|
||||
AES256GCMCipher cipher = new AES256GCMCipher(key);
|
||||
byte[] aad = "metadata".getBytes();
|
||||
|
||||
encryptedMessage = cipher.encrypt(eaiBody.toString(), aad);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] AES256GCM Encryption error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
default:
|
||||
encryptedMessage = eaiBody.toString();
|
||||
break;
|
||||
}
|
||||
return encryptedMessage;
|
||||
}
|
||||
|
||||
|
||||
private byte[] doOutboundPostFilter(byte[] eaiBody, String decryptAlgorithm, String adapterName) {
|
||||
|
||||
Properties properties = AdapterPropManager.getInstance().getProperties(adapterName); // jwhong
|
||||
String encryptAlgorithm = properties.getProperty("ENCRYPT_ALGORITHM"); // jwhong
|
||||
String encryptBaseKeyType = properties.getProperty("ENCRYPT_BASE_TYPE");
|
||||
String encryptClientId = properties.getProperty("ENCRYPT_CLIENT_ID");
|
||||
|
||||
// outbound encrypt 는 SecretKey 또는 NICE-auth 가 암호화 key로 사용된다.
|
||||
OAuth2Manager manager = OAuth2Manager.getInstance();
|
||||
ClientDetails clientDetail = manager.getClientDeatilsStore().get(encryptClientId);
|
||||
String clientSecret = "";
|
||||
if ( clientDetail != null ) {
|
||||
clientSecret = clientDetail.getClientSecret();
|
||||
}
|
||||
|
||||
// 여기서 SECRETY인지 nice-auth 인지 check 하여 clientSecret 값을 정하는 logic 추가하여 넘겨야한다.
|
||||
byte[] resPostMessage = doOutboundPostDecrypt(eaiBody, decryptAlgorithm, clientSecret);
|
||||
return resPostMessage;
|
||||
}
|
||||
|
||||
private byte[] doOutboundPostDecrypt(byte[] eaiBody, String decryptAlgorithm, String clientSecretKey) {
|
||||
|
||||
byte[] decryptedMessage = null;
|
||||
String eaiStringBody = new String(eaiBody, StandardCharsets.UTF_8);
|
||||
|
||||
//test source
|
||||
System.out.println("eaiBody 바이트 배열 길이: " + eaiBody.length);
|
||||
System.out.println("Base64 문자열: " + eaiStringBody);
|
||||
System.out.println("Base64 문자열 길이: " + eaiStringBody.length());
|
||||
System.out.println("Base64 문자열 끝: " + eaiStringBody.substring(eaiStringBody.length() - 10));
|
||||
|
||||
// Base64 디코딩 테스트
|
||||
try {
|
||||
byte[] decoded = Base64.getDecoder().decode(eaiStringBody);
|
||||
System.out.println("디코딩 성공, 길이: " + decoded.length);
|
||||
} catch (IllegalArgumentException e) {
|
||||
System.out.println("Base64 디코딩 실패: " + e.getMessage());
|
||||
}
|
||||
// end test source
|
||||
|
||||
switch (decryptAlgorithm) {
|
||||
case "AES":
|
||||
decryptedMessage = decrypt(eaiBody); // encrypt by jwhong
|
||||
break;
|
||||
case "AES128-TOSS":
|
||||
try {
|
||||
String key128 = clientSecretKey.substring(22,38);
|
||||
//String decryptedStrMessage = AESCipher.decrypt(eaiStringBody, key128);
|
||||
String decryptedStrMessage = AESCipher.decryptExistException(eaiStringBody, key128);
|
||||
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] AES128 Decryption error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
case "AES128-TOGETHER":
|
||||
try {
|
||||
String key128 = clientSecretKey.substring(44,60);
|
||||
//String decryptedStrMessage = AESCipher.decrypt(eaiStringBody, key128);
|
||||
String decryptedStrMessage = AESCipher.decryptExistException(eaiStringBody, key128);
|
||||
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] AES128 Decryption error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
case "AES256":
|
||||
try {
|
||||
String key = clientSecretKey.substring(10,42);
|
||||
String decryptedStrMessage = AES256Cipher.decrypt(eaiStringBody, key);
|
||||
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
case "AES256GCM":
|
||||
try {
|
||||
byte[] key = AES256GCMCipher.generateKey();
|
||||
AES256GCMCipher cipher = new AES256GCMCipher(key);
|
||||
byte[] aad = "metadata".getBytes();
|
||||
String decryptedStrMessage = cipher.decrypt(eaiStringBody, aad);
|
||||
decryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
default:
|
||||
try {
|
||||
decryptedMessage = Arrays.copyOf(eaiBody, eaiBody.length);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.error("HttpClientAdapterServiceRest] doOutboundPostFilter Array copy error=" + e.getMessage());
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
return decryptedMessage;
|
||||
}
|
||||
|
||||
|
||||
// by jwhong
|
||||
private String encrypt(String plainText) {
|
||||
try {
|
||||
SecretKeySpec key = new SecretKeySpec("1234567890123456".getBytes(), "AES");
|
||||
Cipher cipher = Cipher.getInstance("AES");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, key);
|
||||
byte[] encrypted = cipher.doFinal(plainText.getBytes(StandardCharsets.UTF_8));
|
||||
return Base64.getEncoder().encodeToString(encrypted);
|
||||
} catch (Exception e) {
|
||||
// 예외 로그 출력 또는 사용자 정의 처리
|
||||
e.printStackTrace();
|
||||
return null; // 또는 에러 메시지 반환
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
public static byte[] decrypt(byte[] encryptedBytes) {
|
||||
try {
|
||||
// byte[] --> Base64 문자열로 변환
|
||||
String encryptedText = new String(encryptedBytes, StandardCharsets.UTF_8).trim();
|
||||
// 암호화에 사용한 키와 동일한 키 사용
|
||||
SecretKeySpec key = new SecretKeySpec("1234567890123456".getBytes(), "AES");
|
||||
|
||||
// 암호화와 동일한 알고리즘 설정
|
||||
Cipher cipher = Cipher.getInstance("AES");
|
||||
cipher.init(Cipher.DECRYPT_MODE, key);
|
||||
|
||||
// Base64로 인코딩된 문자열을 디코딩
|
||||
byte[] decodedBytes = Base64.getDecoder().decode(encryptedText);
|
||||
|
||||
// 복호화 수행
|
||||
byte[] decryptedBytes = cipher.doFinal(decodedBytes);
|
||||
|
||||
// UTF-8 문자열로 변환하여 반환
|
||||
//return new String(decryptedBytes, StandardCharsets.UTF_8);
|
||||
//복호화된 바이트 배열 반환
|
||||
return decryptedBytes;
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private HashMap<String, String> getParameters(Object message) throws Exception {
|
||||
|
||||
HashMap<String, String> result = new HashMap<String, String>();
|
||||
|
||||
@@ -72,6 +72,10 @@ public interface HttpAdapterServiceKey {
|
||||
|
||||
static final String ENC_PATHS = "ENC_PATHS";
|
||||
|
||||
static final String ENCRYPT_ALGORITHM = "ENCRYPT_ALGORITHM"; //jwhong
|
||||
static final String INBOUND_TOKEN = "authorization"; // jwhong
|
||||
static final String ENCRYPT_BASE_TYPE = "ENCRYPT_BASE_TYPE"; // jwhong
|
||||
|
||||
//응답 처리 용 표준 전문 오브젝트
|
||||
static final String STANDARD_MESSAGE_OBJECT = "STANDARD_MESSAGE_OBJECT";
|
||||
}
|
||||
|
||||
@@ -30,6 +30,7 @@ import com.eactive.eai.common.message.MessageType;
|
||||
import com.eactive.eai.common.message.ServiceMessage;
|
||||
import com.eactive.eai.common.monitor.StatMonitorLogVO;
|
||||
import com.eactive.eai.common.property.PropManager;
|
||||
|
||||
import com.eactive.eai.common.server.EAIServerManager;
|
||||
import com.eactive.eai.common.server.EAIServerVO;
|
||||
import com.eactive.eai.common.server.loader.EAIServerLoader;
|
||||
@@ -472,6 +473,20 @@ public class EAILogDAO {
|
||||
biz = bizMsgStr;
|
||||
}
|
||||
|
||||
// jwhong safeDB 암호화
|
||||
/*
|
||||
if ("Y".equalsIgnoreCase(EncryptionManager.getInstance().getEncryptYN())) {
|
||||
try {
|
||||
biz = EncryptSafeDb(bizMsgStr);
|
||||
} catch (Exception e) {
|
||||
logger.error("EAIFileLogger] bizMsgStr encryption Error - " + e.getMessage());
|
||||
}
|
||||
} else {
|
||||
biz = bizMsgStr;
|
||||
}
|
||||
*/
|
||||
// jwhong safeDB end
|
||||
|
||||
// 임시코드 시작
|
||||
String logType = PropManager.getInstance().getProperty("BIZ_LOG_TYPE");
|
||||
if (!StringUtils.isBlank(logType)) {
|
||||
@@ -840,4 +855,12 @@ public class EAILogDAO {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
private String EncryptSafeDb(String msg) {
|
||||
PropManager propManager = PropManager.getInstance();
|
||||
String safeDbPath = propManager.getProperty("SafeDB","safedb.path");
|
||||
return "this is a message";
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -79,8 +79,11 @@ public class JMSSender {
|
||||
Iterator it = prop.keySet().iterator();
|
||||
while (it.hasNext()) {
|
||||
String key = (String) it.next();
|
||||
String value = prop.getProperty(key);
|
||||
Object getObjectVal = prop.get(key); // by jwhong 2025-09
|
||||
String value = getObjectVal != null ? getObjectVal.toString() : ""; // by jwhong
|
||||
msg.setStringProperty(key, value);
|
||||
//String value = prop.getProperty(key);
|
||||
//msg.setStringProperty(key, value);
|
||||
}
|
||||
}
|
||||
qsender.setDeliveryMode(DeliveryMode.NON_PERSISTENT);
|
||||
|
||||
+2
-1
@@ -20,7 +20,8 @@ import com.eactive.eai.common.util.ContainerUtil;
|
||||
@PropertySource("/WEB-INF/properties/env.common.properties")
|
||||
public class ElinkConfig implements ConfigKeys {
|
||||
// message handling options
|
||||
private static boolean useInternalQueue = true;
|
||||
//private static boolean useInternalQueue = true;
|
||||
private static boolean useInternalQueue = false; // weblogic JMS jwhong
|
||||
private static boolean useCacheTopic = true;
|
||||
private static boolean useCacheStore = true;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user