거래데이터 DB 암호화 DAMO 모듈 적용
- DB 거래로그 : EAILogDAO.java - FILE 거래로그 : EAIFileLogger.java - 미확인(Unkown) 로그 : InboundErrorInfoDAO.java
This commit is contained in:
@@ -3,8 +3,6 @@ package com.eactive.eai.common.logger;
|
||||
import java.nio.charset.Charset;
|
||||
import java.util.Properties;
|
||||
|
||||
import com.eactive.eai.authserver.service.OAuth2Manager;
|
||||
import com.eactive.eai.authserver.vo.ClientVO;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
@@ -14,13 +12,10 @@ import org.springframework.transaction.annotation.Transactional;
|
||||
import com.eactive.eai.adapter.AdapterGroupVO;
|
||||
import com.eactive.eai.adapter.AdapterManager;
|
||||
import com.eactive.eai.agent.encryption.EncryptionManager;
|
||||
import com.eactive.eai.authserver.service.OAuth2Manager;
|
||||
import com.eactive.eai.authserver.vo.ClientVO;
|
||||
import com.eactive.eai.common.dao.DAOException;
|
||||
import com.eactive.eai.common.exception.ExceptionUtil;
|
||||
import com.eactive.eai.common.logger.EAILogLogger;
|
||||
import com.eactive.eai.common.logger.StatAdapterLogLogger;
|
||||
import com.eactive.eai.common.logger.StatLogLogger;
|
||||
import com.eactive.eai.common.logger.StatTranLogLogger;
|
||||
import com.eactive.eai.common.logger.SubMessageLogLogger;
|
||||
import com.eactive.eai.common.logger.mapper.StatAdapterLogMapper;
|
||||
import com.eactive.eai.common.logger.mapper.StatLogMapper;
|
||||
import com.eactive.eai.common.logger.mapper.StatTranLogMapper;
|
||||
@@ -30,7 +25,6 @@ import com.eactive.eai.common.message.MessageType;
|
||||
import com.eactive.eai.common.message.ServiceMessage;
|
||||
import com.eactive.eai.common.monitor.StatMonitorLogVO;
|
||||
import com.eactive.eai.common.property.PropManager;
|
||||
|
||||
import com.eactive.eai.common.server.EAIServerManager;
|
||||
import com.eactive.eai.common.server.EAIServerVO;
|
||||
import com.eactive.eai.common.server.loader.EAIServerLoader;
|
||||
@@ -55,11 +49,10 @@ import com.eactive.eai.transformer.layout.Item;
|
||||
import com.eactive.eai.transformer.layout.Layout;
|
||||
import com.eactive.eai.transformer.transform.Transform;
|
||||
import com.eactive.eai.transformer.transform.TransformManager;
|
||||
import com.eactive.eai.util.HexaConverter;
|
||||
import com.ext.eai.common.stdmessage.STDMessageKeys;
|
||||
// safeDB
|
||||
import com.eactive.ext.kjb.safedb.KjbSafedbWrapper;
|
||||
import com.eactive.ext.kjb.safedb.Utils;
|
||||
import com.ext.eai.common.stdmessage.STDMessageKeys;
|
||||
|
||||
|
||||
@Service
|
||||
@@ -478,20 +471,12 @@ public class EAILogDAO {
|
||||
}
|
||||
*/
|
||||
|
||||
// jwhong safeDB 암호화
|
||||
|
||||
if ("Y".equalsIgnoreCase(EncryptionManager.getInstance().getEncryptYN())) {
|
||||
try {
|
||||
biz = EncryptSafeDb(bizMsgStr);
|
||||
} catch (Exception e) {
|
||||
logger.error("EAIFileLogger] bizMsgStr encryption Error - " + e.getMessage());
|
||||
biz = bizMsgStr;
|
||||
}
|
||||
} else {
|
||||
try {
|
||||
biz = EncryptionManager.getInstance().encryptDBData(bizMsgStr);
|
||||
} catch (Exception e) {
|
||||
logger.error("EAIFileLogger] bizMsgStr encryption Error - " + e.getMessage());
|
||||
biz = bizMsgStr;
|
||||
}
|
||||
|
||||
// jwhong safeDB end
|
||||
}
|
||||
|
||||
// 임시코드 시작
|
||||
String logType = PropManager.getInstance().getProperty("BIZ_LOG_TYPE");
|
||||
@@ -860,88 +845,6 @@ public class EAILogDAO {
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
private String EncryptSafeDb(String attribute) {
|
||||
String originalAttribute = attribute;
|
||||
if (StringUtils.isNotEmpty(attribute)) {
|
||||
KjbSafedbWrapper wrapper = KjbSafedbWrapper.getInstance();
|
||||
attribute = wrapper.encryptNotRnnoString(attribute);
|
||||
|
||||
if (logger.isInfo()) {
|
||||
// originalAttribute 홀수 글자 마스킹
|
||||
StringBuilder sb = new StringBuilder();
|
||||
for (int i = 0; i < originalAttribute.length(); i++) {
|
||||
if (i % 2 == 0) {
|
||||
sb.append(originalAttribute.charAt(i));
|
||||
} else {
|
||||
sb.append("*");
|
||||
}
|
||||
}
|
||||
|
||||
originalAttribute = sb.toString();
|
||||
// System.out.println("DB 암호화 #2 : {"+ originalAttribute +"} -> {"+attribute+"}");
|
||||
//logger.debug("DB 암호화 #2 : {} -> {}", originalAttribute, attribute);
|
||||
}
|
||||
}
|
||||
return attribute;
|
||||
|
||||
}
|
||||
|
||||
public String DecryptSafeDb(String dbData) {
|
||||
|
||||
String dbDataOriginal = dbData;
|
||||
if (StringUtils.isNotEmpty(dbData)) {
|
||||
if (this.isEncrypted(dbData)) {
|
||||
KjbSafedbWrapper safeDBWrapper = KjbSafedbWrapper.getInstance();
|
||||
try {
|
||||
dbData = safeDBWrapper.decryptNotRnno(dbData);
|
||||
} catch (Exception e) {
|
||||
// 복호화 실패시 원본 반환
|
||||
String logData = dbData.length() <= 3 ? dbData : dbData.substring(0, 3) + "...";
|
||||
logger.warn("DB 복호화 실패: 복호화하지 않고 원본 반환. dbData={} (Length : {})", logData, dbData.length());
|
||||
return dbData;
|
||||
}
|
||||
} else {
|
||||
logger.debug("DB 복호화 경고: Base64 형식이 아님. 복호화하지 않고 원본 반환. dbData={}", dbData);
|
||||
}
|
||||
}
|
||||
|
||||
//logger.debug("DB 복호화 #2 : {} -> {}", dbDataOriginal, dbData);
|
||||
|
||||
return dbData;
|
||||
}
|
||||
|
||||
/**
|
||||
* 암호화 여부 확인(base64 인코딩 여부로 판단, 또는 0-9, - 로 구성된 경우 암호화 되지 않은 걸로 판단(연락처))
|
||||
* @param data
|
||||
* @return
|
||||
*/
|
||||
private boolean isEncrypted(String data) {
|
||||
if (StringUtils.isEmpty(data)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// 숫자, - 로만 구성된 경우 암호화 되지 않은 걸로 판단 (ex: 연락처)
|
||||
if (data.matches("^[0-9-]+$")) {
|
||||
return false;
|
||||
}
|
||||
|
||||
data = data.trim();
|
||||
|
||||
// Base64 형식 체크
|
||||
if (!Utils.isBase64(data)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Base64 길이 체크 (4의 배수)
|
||||
if (data.length() % 4 != 0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
|
||||
Reference in New Issue
Block a user