투케이2K

962. (Android/Java) [유틸 파일] getAwsKmsEncode - Aws KMS 데이터 암호화 수행 - Aws Kms Data Encode 본문

Android

962. (Android/Java) [유틸 파일] getAwsKmsEncode - Aws KMS 데이터 암호화 수행 - Aws Kms Data Encode

투케이2K 2025. 3. 18. 19:49

[개발 환경 설정]

개발 툴 : AndroidStudio

개발 언어 : Java / Kotlin

 

[소스 코드]

 

// --------------------------------------------------------------------------------------
[개발 및 테스트 환경]
// --------------------------------------------------------------------------------------

- 언어 : Java / Kotlin

- 개발 툴 : AndroidStudio

- 기술 구분 : Aws / KMS / AWSKMSClient

// --------------------------------------------------------------------------------------






// --------------------------------------------------------------------------------------
[사전) 필요 설정 정리] : build.gradle 의존성 부여
// --------------------------------------------------------------------------------------

// [AWS] : [target 31 이상 의존성]
implementation 'com.amazonaws:aws-android-sdk-kms:2.57.0'
implementation 'com.amazonaws:aws-android-sdk-s3:2.57.0'
implementation 'com.amazonaws:aws-android-sdk-iot:2.57.0'
implementation 'com.amazonaws:aws-android-sdk-mobile-client:2.57.0'


// [AWS] : [target 31 미만 의존성]
implementation 'com.amazonaws:aws-android-sdk-kms:2.16.13'
implementation 'com.amazonaws:aws-android-sdk-s3:2.16.13'
implementation 'com.amazonaws:aws-android-sdk-iot:2.16.13'
implementation 'com.amazonaws:aws-android-sdk-mobile-client:2.16.13'

// --------------------------------------------------------------------------------------






// --------------------------------------------------------------------------------------
[사전) AWSKMSClient 초기화 방법
// --------------------------------------------------------------------------------------

https://blog.naver.com/kkh0977/223799656979

// --------------------------------------------------------------------------------------





// --------------------------------------------------------------------------------------
[Java : 소스 코드]
// --------------------------------------------------------------------------------------

public Observable<String> getAwsKmsEncode(String keyArn, String data) {
    S_Log._D_(ACTIVITY_NAME + " :: getAwsKmsEncode :: AWS KMS 데이터 암호화 수행", new String[]{"keyArn :: " + String.valueOf(keyArn), "data :: " + String.valueOf(data)});

    return Observable.create(subscriber -> {

        try {

            if (kmsClient != null){

                new Thread(() -> {

                    if (C_Util.stringNotNull(keyArn) == true
                            && C_Util.stringNotNull(data) == true){ // [파라미터 null 체크 수행]

                        ByteBuffer plainTextBuffer = ByteBuffer.wrap(data.getBytes(StandardCharsets.UTF_8));

                        EncryptRequest encryptRequest = new EncryptRequest()
                                .withKeyId(keyArn)
                                .withPlaintext(plainTextBuffer);

                        EncryptResult encryptResult = kmsClient.encrypt(encryptRequest);
                        ByteBuffer encryptedData = encryptResult.getCiphertextBlob();

                        // TODO [Base64 인코딩]
                        String returnData = String.valueOf(Base64.encodeToString(encryptedData.array(), 0));

                        S_Log._W_(ACTIVITY_NAME + " :: getAwsKmsEncode :: AWS KMS 데이터 암호화 성공", new String[]{returnData});

                        if (subscriber != null && subscriber.isDisposed() == false){
                            subscriber.onNext(returnData);
                            subscriber.onComplete();
                        }
                    }
                    else {
                        S_Log._E_(ACTIVITY_NAME + " :: getAwsKmsEncode :: AWS KMS 데이터 암호화 에러", new String[]{"Error :: Input Data Is Null"});

                        if (subscriber != null && subscriber.isDisposed() == false){
                            subscriber.onError(new Throwable("[Error] : Input Data Is Null"));
                            subscriber.onComplete();
                        }
                    }

                }).start();

            }
            else {
                S_Log._E_(ACTIVITY_NAME + " :: getAwsKmsEncode :: AWS KMS 데이터 암호화 에러", new String[]{"Error :: kmsClient is null"});

                if (subscriber != null && subscriber.isDisposed() == false){
                    subscriber.onError(new Throwable("[Error] : kmsClient is null"));
                    subscriber.onComplete();
                }

            }

        } catch (final Exception e){
            S_Log._printStackTrace_(null, S_FinalData.LOG_BUG_STATE, null, e);

            try {
                if (subscriber != null && subscriber.isDisposed() == false){
                    subscriber.onError(new Throwable("[Exception] : " + String.valueOf(e.getMessage())));
                    subscriber.onComplete();
                }
            }
            catch (Exception ex){
                ex.printStackTrace();
            }
        }

    });
}

// --------------------------------------------------------------------------------------






// --------------------------------------------------------------------------------------
[참고 사이트]
// --------------------------------------------------------------------------------------

[Aws KMS 키 관리 서비스 개념 및 설명 정리 - 데이터 암호화 키 생성 관리]

https://blog.naver.com/kkh0977/223793790135?trackingCode=blog_bloghome_searchlist


[AccessKey , SecretKey 사용해 Aws KMS 키 관리 서비스 AWSKMSClient 초기화 방법]

https://blog.naver.com/kkh0977/223799656979

// --------------------------------------------------------------------------------------
 
반응형
Comments