diff --git a/src/main/java/com/eactive/ext/kjb/safedb/SafeDBFaker.java b/src/main/java/com/eactive/ext/kjb/safedb/SafeDBFaker.java index b174152..fc9828e 100644 --- a/src/main/java/com/eactive/ext/kjb/safedb/SafeDBFaker.java +++ b/src/main/java/com/eactive/ext/kjb/safedb/SafeDBFaker.java @@ -3,6 +3,8 @@ package com.eactive.ext.kjb.safedb; import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec; import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.Base64; /** * SafeDBFaker provides a fake encryption method for testing purposes when the real SafeDB library is not available. @@ -11,17 +13,18 @@ public abstract class SafeDBFaker { private static final String AES_256_KEY = "1234567890123456" + "1234567890123456"; - public String fakeEncrypt(String userId, String table, String column, String data) { + public byte[] encrypt(String userId, String table, String column, String data) { if (SafeDBColumns.PSWD.isEqualsIgnoreCase(column)) { // SHA256 + Base64 인코딩된 가짜 비밀번호 반환 - return sha256Base64(data); + return sha256(data); + //return sha256Base64(data); } else { // AES256 암호화된 가짜 데이터 반환 return aes256Encrypt(data); } } - public String fakeDecrypt(String userId, String table, String column, String data) { + public byte[] decrypt(String userId, String table, String column, String data) { if (SafeDBColumns.PSWD.isEqualsIgnoreCase(column)) { // 비밀번호는 복호화하지 않음 throw new UnsupportedOperationException("Password decryption is not supported."); @@ -31,41 +34,43 @@ public abstract class SafeDBFaker { } } - - private String sha256Base64(String data) { + private byte[] sha256(String data) { + MessageDigest digest = null; try { - MessageDigest digest = java.security.MessageDigest.getInstance("SHA-256"); - - // JVM 옵션을 따라가기 위해 캐릭터셋을 명시 하지 않음. - byte[] hash = digest.digest(data.getBytes()); - - return java.util.Base64.getEncoder().encodeToString(hash); - } catch (Exception e) { + digest = MessageDigest.getInstance("SHA-256"); + return digest.digest(data.getBytes()); + } catch (NoSuchAlgorithmException e) { throw new RuntimeException("Error generating SHA-256 hash", e); } } + private String sha256Base64(String data) { + return Base64.getEncoder().encodeToString(this.sha256(data)); + } + // AES256 암호화 - private String aes256Encrypt(String data) { + private byte[] aes256Encrypt(String data) { try { Cipher cipher = javax.crypto.Cipher.getInstance("AES"); SecretKeySpec keySpec = new javax.crypto.spec.SecretKeySpec(AES_256_KEY.getBytes(), "AES"); cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, keySpec); - byte[] encrypted = cipher.doFinal(data.getBytes()); - return java.util.Base64.getEncoder().encodeToString(encrypted); + return cipher.doFinal(data.getBytes()); } catch (Exception e) { throw new RuntimeException("Error during AES encryption", e); } } - private String aes256Decrypt(String encryptedData) { + private String getAes256KeyString(String data) { + return Base64.getEncoder().encodeToString(this.aes256Encrypt(data)); + } + + private byte[] aes256Decrypt(String encryptedData) { try { Cipher cipher = javax.crypto.Cipher.getInstance("AES"); SecretKeySpec keySpec = new javax.crypto.spec.SecretKeySpec(AES_256_KEY.getBytes(), "AES"); cipher.init(javax.crypto.Cipher.DECRYPT_MODE, keySpec); byte[] decodedBytes = java.util.Base64.getDecoder().decode(encryptedData); - byte[] decrypted = cipher.doFinal(decodedBytes); - return new String(decrypted); + return cipher.doFinal(decodedBytes); } catch (Exception e) { throw new RuntimeException("Error during AES decryption", e); } diff --git a/src/main/java/com/eactive/ext/kjb/safedb/SafeDBMNotRnnoConverter.java b/src/main/java/com/eactive/ext/kjb/safedb/SafeDBMNotRnnoConverter.java index d04f77f..060a9af 100644 --- a/src/main/java/com/eactive/ext/kjb/safedb/SafeDBMNotRnnoConverter.java +++ b/src/main/java/com/eactive/ext/kjb/safedb/SafeDBMNotRnnoConverter.java @@ -21,7 +21,7 @@ public class SafeDBMNotRnnoConverter implements AttributeConverter {}", originalAttribute, attribute); diff --git a/src/main/java/com/eactive/ext/kjb/safedb/SafeDBWrapper.java b/src/main/java/com/eactive/ext/kjb/safedb/SafeDBWrapper.java index ea6530c..d59d6fe 100644 --- a/src/main/java/com/eactive/ext/kjb/safedb/SafeDBWrapper.java +++ b/src/main/java/com/eactive/ext/kjb/safedb/SafeDBWrapper.java @@ -48,41 +48,41 @@ public class SafeDBWrapper extends SafeDBBroker { } - public String encrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException { + public byte[] encrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException { if (isRealSafeDB) { try { - return (String) super.methodInvoke("encrypt", + return (byte[]) super.methodInvoke("encrypt", new Class[]{String.class, String.class, String.class, String.class}, new Object[]{userId, table, column, data}); } catch (Exception e) { throw new SafeDBWrapperSdkException("[SafeDBWrapper] Encrypt error: " + e.getMessage(), e); } } else { - return super.fakeEncrypt(userId, table, column, data); + return super.encrypt(userId, table, column, data); } } - public String encryptNotRnno(String data) throws SafeDBWrapperSdkException { - return this.encrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data); + public String encryptNotRnnoString(String data) throws SafeDBWrapperSdkException { + return new String(this.encrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data)); } - public String decrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException { + public byte[] decrypt(String userId, String table, String column, String data) throws SafeDBWrapperSdkException { if (isRealSafeDB) { try { - return (String) super.methodInvoke("decrypt", + return (byte[]) super.methodInvoke("decrypt", new Class[]{String.class, String.class, String.class, String.class}, new Object[]{userId, table, column, data}); } catch (Exception e) { throw new SafeDBWrapperException("[SafeDBWrapper] Decrypt error: " + e.getMessage(), e); } } else { - return super.fakeDecrypt(userId, table, column, data); + return super.decrypt(userId, table, column, data); } } public String decryptNotRnno(String data) throws SafeDBWrapperSdkException { - return this.decrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data); + return new String(this.decrypt("SAFEDB", "SAFEDB.POLICY", "NOT_RNNO", data)); } public boolean isRealSafeDB() {