safedb 안맞는 부분 수정
This commit is contained in:
@@ -3,6 +3,8 @@ package com.eactive.ext.kjb.safedb;
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Base64;
|
||||
|
||||
/**
|
||||
* SafeDBFaker provides a fake encryption method for testing purposes when the real SafeDB library is not available.
|
||||
@@ -11,17 +13,18 @@ public abstract class SafeDBFaker {
|
||||
private static final String AES_256_KEY = "1234567890123456" + "1234567890123456";
|
||||
|
||||
|
||||
public String fakeEncrypt(String userId, String table, String column, String data) {
|
||||
public byte[] encrypt(String userId, String table, String column, String data) {
|
||||
if (SafeDBColumns.PSWD.isEqualsIgnoreCase(column)) {
|
||||
// SHA256 + Base64 인코딩된 가짜 비밀번호 반환
|
||||
return sha256Base64(data);
|
||||
return sha256(data);
|
||||
//return sha256Base64(data);
|
||||
} else {
|
||||
// AES256 암호화된 가짜 데이터 반환
|
||||
return aes256Encrypt(data);
|
||||
}
|
||||
}
|
||||
|
||||
public String fakeDecrypt(String userId, String table, String column, String data) {
|
||||
public byte[] decrypt(String userId, String table, String column, String data) {
|
||||
if (SafeDBColumns.PSWD.isEqualsIgnoreCase(column)) {
|
||||
// 비밀번호는 복호화하지 않음
|
||||
throw new UnsupportedOperationException("Password decryption is not supported.");
|
||||
@@ -31,41 +34,43 @@ public abstract class SafeDBFaker {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private String sha256Base64(String data) {
|
||||
private byte[] sha256(String data) {
|
||||
MessageDigest digest = null;
|
||||
try {
|
||||
MessageDigest digest = java.security.MessageDigest.getInstance("SHA-256");
|
||||
|
||||
// JVM 옵션을 따라가기 위해 캐릭터셋을 명시 하지 않음.
|
||||
byte[] hash = digest.digest(data.getBytes());
|
||||
|
||||
return java.util.Base64.getEncoder().encodeToString(hash);
|
||||
} catch (Exception e) {
|
||||
digest = MessageDigest.getInstance("SHA-256");
|
||||
return digest.digest(data.getBytes());
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new RuntimeException("Error generating SHA-256 hash", e);
|
||||
}
|
||||
}
|
||||
|
||||
private String sha256Base64(String data) {
|
||||
return Base64.getEncoder().encodeToString(this.sha256(data));
|
||||
}
|
||||
|
||||
// AES256 암호화
|
||||
private String aes256Encrypt(String data) {
|
||||
private byte[] aes256Encrypt(String data) {
|
||||
try {
|
||||
Cipher cipher = javax.crypto.Cipher.getInstance("AES");
|
||||
SecretKeySpec keySpec = new javax.crypto.spec.SecretKeySpec(AES_256_KEY.getBytes(), "AES");
|
||||
cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, keySpec);
|
||||
byte[] encrypted = cipher.doFinal(data.getBytes());
|
||||
return java.util.Base64.getEncoder().encodeToString(encrypted);
|
||||
return cipher.doFinal(data.getBytes());
|
||||
} catch (Exception e) {
|
||||
throw new RuntimeException("Error during AES encryption", e);
|
||||
}
|
||||
}
|
||||
|
||||
private String aes256Decrypt(String encryptedData) {
|
||||
private String getAes256KeyString(String data) {
|
||||
return Base64.getEncoder().encodeToString(this.aes256Encrypt(data));
|
||||
}
|
||||
|
||||
private byte[] aes256Decrypt(String encryptedData) {
|
||||
try {
|
||||
Cipher cipher = javax.crypto.Cipher.getInstance("AES");
|
||||
SecretKeySpec keySpec = new javax.crypto.spec.SecretKeySpec(AES_256_KEY.getBytes(), "AES");
|
||||
cipher.init(javax.crypto.Cipher.DECRYPT_MODE, keySpec);
|
||||
byte[] decodedBytes = java.util.Base64.getDecoder().decode(encryptedData);
|
||||
byte[] decrypted = cipher.doFinal(decodedBytes);
|
||||
return new String(decrypted);
|
||||
return cipher.doFinal(decodedBytes);
|
||||
} catch (Exception e) {
|
||||
throw new RuntimeException("Error during AES decryption", e);
|
||||
}
|
||||
|
||||
@@ -21,7 +21,7 @@ public class SafeDBMNotRnnoConverter implements AttributeConverter<String, Strin
|
||||
String originalAttribute = attribute;
|
||||
if (StringUtils.isNotEmpty(attribute)) {
|
||||
SafeDBWrapper safeDBWrapper = SafeDBWrapper.getInstance();
|
||||
attribute = safeDBWrapper.encryptNotRnno(attribute);
|
||||
attribute = safeDBWrapper.encryptNotRnnoString(attribute);
|
||||
}
|
||||
|
||||
log.debug("DB 암호화 #2 : {} -> {}", originalAttribute, attribute);
|
||||
|
||||
@@ -48,41 +48,41 @@ public class SafeDBWrapper extends SafeDBBroker {
|
||||
}
|
||||
|
||||
|
||||
public String encrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException {
|
||||
public byte[] encrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException {
|
||||
if (isRealSafeDB) {
|
||||
try {
|
||||
return (String) super.methodInvoke("encrypt",
|
||||
return (byte[]) super.methodInvoke("encrypt",
|
||||
new Class<?>[]{String.class, String.class, String.class, String.class},
|
||||
new Object[]{userId, table, column, data});
|
||||
} catch (Exception e) {
|
||||
throw new SafeDBWrapperSdkException("[SafeDBWrapper] Encrypt error: " + e.getMessage(), e);
|
||||
}
|
||||
} else {
|
||||
return super.fakeEncrypt(userId, table, column, data);
|
||||
return super.encrypt(userId, table, column, data);
|
||||
}
|
||||
}
|
||||
|
||||
public String encryptNotRnno(String data) throws SafeDBWrapperSdkException {
|
||||
return this.encrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data);
|
||||
public String encryptNotRnnoString(String data) throws SafeDBWrapperSdkException {
|
||||
return new String(this.encrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data));
|
||||
}
|
||||
|
||||
|
||||
public String decrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException {
|
||||
public byte[] decrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException {
|
||||
if (isRealSafeDB) {
|
||||
try {
|
||||
return (String) super.methodInvoke("decrypt",
|
||||
return (byte[]) super.methodInvoke("decrypt",
|
||||
new Class<?>[]{String.class, String.class, String.class, String.class},
|
||||
new Object[]{userId, table, column, data});
|
||||
} catch (Exception e) {
|
||||
throw new SafeDBWrapperException("[SafeDBWrapper] Decrypt error: " + e.getMessage(), e);
|
||||
}
|
||||
} else {
|
||||
return super.fakeDecrypt(userId, table, column, data);
|
||||
return super.decrypt(userId, table, column, data);
|
||||
}
|
||||
}
|
||||
|
||||
public String decryptNotRnno(String data) throws SafeDBWrapperSdkException {
|
||||
return this.decrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data);
|
||||
return new String(this.decrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data));
|
||||
}
|
||||
|
||||
public boolean isRealSafeDB() {
|
||||
|
||||
Reference in New Issue
Block a user