safedb 안맞는 부분 수정

This commit is contained in:
Rinjae
2025-09-25 15:20:19 +09:00
parent 790f9092fe
commit 36f9c7e016
3 changed files with 33 additions and 28 deletions
@@ -3,6 +3,8 @@ package com.eactive.ext.kjb.safedb;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
/**
* SafeDBFaker provides a fake encryption method for testing purposes when the real SafeDB library is not available.
@@ -11,17 +13,18 @@ public abstract class SafeDBFaker {
private static final String AES_256_KEY = "1234567890123456" + "1234567890123456";
public String fakeEncrypt(String userId, String table, String column, String data) {
public byte[] encrypt(String userId, String table, String column, String data) {
if (SafeDBColumns.PSWD.isEqualsIgnoreCase(column)) {
// SHA256 + Base64 인코딩된 가짜 비밀번호 반환
return sha256Base64(data);
return sha256(data);
//return sha256Base64(data);
} else {
// AES256 암호화된 가짜 데이터 반환
return aes256Encrypt(data);
}
}
public String fakeDecrypt(String userId, String table, String column, String data) {
public byte[] decrypt(String userId, String table, String column, String data) {
if (SafeDBColumns.PSWD.isEqualsIgnoreCase(column)) {
// 비밀번호는 복호화하지 않음
throw new UnsupportedOperationException("Password decryption is not supported.");
@@ -31,41 +34,43 @@ public abstract class SafeDBFaker {
}
}
private String sha256Base64(String data) {
private byte[] sha256(String data) {
MessageDigest digest = null;
try {
MessageDigest digest = java.security.MessageDigest.getInstance("SHA-256");
// JVM 옵션을 따라가기 위해 캐릭터셋을 명시 하지 않음.
byte[] hash = digest.digest(data.getBytes());
return java.util.Base64.getEncoder().encodeToString(hash);
} catch (Exception e) {
digest = MessageDigest.getInstance("SHA-256");
return digest.digest(data.getBytes());
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("Error generating SHA-256 hash", e);
}
}
private String sha256Base64(String data) {
return Base64.getEncoder().encodeToString(this.sha256(data));
}
// AES256 암호화
private String aes256Encrypt(String data) {
private byte[] aes256Encrypt(String data) {
try {
Cipher cipher = javax.crypto.Cipher.getInstance("AES");
SecretKeySpec keySpec = new javax.crypto.spec.SecretKeySpec(AES_256_KEY.getBytes(), "AES");
cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, keySpec);
byte[] encrypted = cipher.doFinal(data.getBytes());
return java.util.Base64.getEncoder().encodeToString(encrypted);
return cipher.doFinal(data.getBytes());
} catch (Exception e) {
throw new RuntimeException("Error during AES encryption", e);
}
}
private String aes256Decrypt(String encryptedData) {
private String getAes256KeyString(String data) {
return Base64.getEncoder().encodeToString(this.aes256Encrypt(data));
}
private byte[] aes256Decrypt(String encryptedData) {
try {
Cipher cipher = javax.crypto.Cipher.getInstance("AES");
SecretKeySpec keySpec = new javax.crypto.spec.SecretKeySpec(AES_256_KEY.getBytes(), "AES");
cipher.init(javax.crypto.Cipher.DECRYPT_MODE, keySpec);
byte[] decodedBytes = java.util.Base64.getDecoder().decode(encryptedData);
byte[] decrypted = cipher.doFinal(decodedBytes);
return new String(decrypted);
return cipher.doFinal(decodedBytes);
} catch (Exception e) {
throw new RuntimeException("Error during AES decryption", e);
}
@@ -21,7 +21,7 @@ public class SafeDBMNotRnnoConverter implements AttributeConverter<String, Strin
String originalAttribute = attribute;
if (StringUtils.isNotEmpty(attribute)) {
SafeDBWrapper safeDBWrapper = SafeDBWrapper.getInstance();
attribute = safeDBWrapper.encryptNotRnno(attribute);
attribute = safeDBWrapper.encryptNotRnnoString(attribute);
}
log.debug("DB 암호화 #2 : {} -> {}", originalAttribute, attribute);
@@ -48,41 +48,41 @@ public class SafeDBWrapper extends SafeDBBroker {
}
public String encrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException {
public byte[] encrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException {
if (isRealSafeDB) {
try {
return (String) super.methodInvoke("encrypt",
return (byte[]) super.methodInvoke("encrypt",
new Class<?>[]{String.class, String.class, String.class, String.class},
new Object[]{userId, table, column, data});
} catch (Exception e) {
throw new SafeDBWrapperSdkException("[SafeDBWrapper] Encrypt error: " + e.getMessage(), e);
}
} else {
return super.fakeEncrypt(userId, table, column, data);
return super.encrypt(userId, table, column, data);
}
}
public String encryptNotRnno(String data) throws SafeDBWrapperSdkException {
return this.encrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data);
public String encryptNotRnnoString(String data) throws SafeDBWrapperSdkException {
return new String(this.encrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data));
}
public String decrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException {
public byte[] decrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException {
if (isRealSafeDB) {
try {
return (String) super.methodInvoke("decrypt",
return (byte[]) super.methodInvoke("decrypt",
new Class<?>[]{String.class, String.class, String.class, String.class},
new Object[]{userId, table, column, data});
} catch (Exception e) {
throw new SafeDBWrapperException("[SafeDBWrapper] Decrypt error: " + e.getMessage(), e);
}
} else {
return super.fakeDecrypt(userId, table, column, data);
return super.decrypt(userId, table, column, data);
}
}
public String decryptNotRnno(String data) throws SafeDBWrapperSdkException {
return this.decrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data);
return new String(this.decrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data));
}
public boolean isRealSafeDB() {