투케이2K

967. (Android/Java) [nimbusds] JWE AES 256 GCM 인코딩 암호화 수행 실시 - A256GCM , A256GCMKW 본문

Android

967. (Android/Java) [nimbusds] JWE AES 256 GCM 인코딩 암호화 수행 실시 - A256GCM , A256GCMKW

투케이2K 2025. 4. 3. 07:42

[개발 환경 설정]

개발 툴 : AndroidStudio

개발 언어 : Java / Kotlin

 

[소스 코드]

// --------------------------------------------------------------------------------------
[개발 및 테스트 환경]
// --------------------------------------------------------------------------------------

- 언어 : Java / Kotlin

- 개발 툴 : AndroidStudio

- 기술 구분 : nimbusds / JWE / JWT / AES

// --------------------------------------------------------------------------------------






// --------------------------------------------------------------------------------------
[nimbusds 라이브러리 의존성 부여 설정 : build.gradle]
// --------------------------------------------------------------------------------------

// TODO [JWE 암복호화 관련]

implementation 'com.nimbusds:nimbus-jose-jwt:10.0.2'

// --------------------------------------------------------------------------------------






// --------------------------------------------------------------------------------------
[Java : 소스 코드]
// --------------------------------------------------------------------------------------

// --------------------------------------------------------------------
// TODO [전역 변수 선언]
// --------------------------------------------------------------------
private static final String AES256_GCM_KEY = "0123456789abcdef0123456789abcdef"; // [32 바이트]




// --------------------------------------------------------------------
// TODO [AES GCM : JWE 인코딩 수행]
// --------------------------------------------------------------------
// TODO [Call Method]
// --------------------------------------------------------------------
/*
JSONObject jsonObject = new JSONObject();
jsonObject.put("iss", "App"); // [발급자]
jsonObject.put("exp", "1743486179"); // [만료 시간]
jsonObject.put("iat", "1743486119"); // [발급 시간]
jsonObject.put("employeeNo", "T_1234567890"); // [사번]
jsonObject.put("name", "투케이"); // [이름]

C_JWE_Encryption_Module.encodeAes256GcmJwe(String.valueOf(jsonObject));
*/
// --------------------------------------------------------------------
// TODO [Return Data]
// --------------------------------------------------------------------
/*
D///===========//: ================================================
I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.encodeAes256GcmJwe(C_JWE_Encryption_Module.java:499)]
I/: ----------------------------------------------------
I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: encodeAes256GcmJwe :: JWEObject 정보 확인]
I/: ----------------------------------------------------
I/: [LOG :: getHeader :: {"cty":"application/json","typ":"JWE","enc":"A256GCM","tag":"SiHvXLo4q25akPDReQCldQ","alg":"A256GCMKW","iv":"7x26_Eu6ZE3PjUJO"}]
I/: ----------------------------------------------------
I/: [LOG :: getEncryptedKey :: eCRJcf8caoVZxu9JU6cGSb-T1jijbhgdiHcj-exh4v8]
I/: ----------------------------------------------------
I/: [LOG :: getCipherText :: odlLdIhawgDzGiCdXHaxwdSlkErnTJR2g-g_3hsLQ_sqINNsAIQSxkx04LFF81BpIeyJvkTLbKI9Gxu3fpk81BVIodETpZM4f6fA6FTfd2fZNh-25YmxWf3cfcqtrD39X_w]
I/: ----------------------------------------------------
I/: [LOG :: getIV :: Py6XijHl4h2gnIVU]
I/: ----------------------------------------------------
I/: [LOG :: getAuthTag :: vf_Mldxxn1VpnViVT-rrSQ]
I/: ----------------------------------------------------
I/: [LOG :: getState :: ENCRYPTED]
D///===========//: ================================================


D///===========//: ================================================
I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.encodeAes256GcmJwe(C_JWE_Encryption_Module.java:532)]
I/: ----------------------------------------------------
I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: encodeAes256GcmJwe :: JWE 인코딩 수행]
I/: ----------------------------------------------------
I/: [LOG :: KEY :: 0123456789abcdef0123456789abcdef]
I/: ----------------------------------------------------
I/: [LOG :: Encode :: eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTI1NkdDTSIsInRhZyI6IlNpSHZYTG80cTI1YWtQRFJlUUNsZFEiLCJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ijd4MjZfRXU2WkUzUGpVSk8ifQ.eCRJcf8caoVZxu9JU6cGSb-T1jijbhgdiHcj-exh4v8.Py6XijHl4h2gnIVU.odlLdIhawgDzGiCdXHaxwdSlkErnTJR2g-g_3hsLQ_sqINNsAIQSxkx04LFF81BpIeyJvkTLbKI9Gxu3fpk81BVIodETpZM4f6fA6FTfd2fZNh-25YmxWf3cfcqtrD39X_w.vf_Mldxxn1VpnViVT-rrSQ]
D///===========//: ================================================
*/
// --------------------------------------------------------------------
public static String encodeAes256GcmJwe(String payload){

    String returnData = null; // [Return 데이터]
    String M_LOG = null; // [Log 데이터]

    try {

        // -----------------------------------------------
        // TODO [1] : [key >> Byte 변환]
        // -----------------------------------------------
        byte keyBytes [] = AES256_GCM_KEY.getBytes(StandardCharsets.UTF_8);


        // -----------------------------------------------
        // TODO [2] : [SecretKey 가져오기]
        // -----------------------------------------------
        SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");


        // -----------------------------------------------
        // TODO [3] : [JWE 헤더 설정 : A256GCM 사용]
        // -----------------------------------------------
        /**
          * {
          *   "cty": "application/json",
          *   "typ": "JWE",
          *   "enc": "A256GCM",
          *   "tag": "SddQInhWp2DFzVFtMEDcSw", ------------> Random : 무결성 검증 Auth Tag 자동 생성
          *   "alg": "A256GCMKW",
          *   "iv": "qBQizBH5fvDRjgj_" --------------------> Random : 암호화 과정에서 사용된 초기화 벡터
          * }
          */
        // -----------------------------------------------
        JWEHeader header = new JWEHeader.Builder(
                JWEAlgorithm.A256GCMKW, // TODO [alg : 알고 리즘]
                EncryptionMethod.A256GCM) // TODO [enc : 인코딩 타입]
                .type(new JOSEObjectType("JWE")) // TODO [typ : 타입]
                .contentType("application/json") // TODO [cty : 컨텐츠 타입]
                .build();


        // -----------------------------------------------
        // TODO [4] : [페이로드 지정]
        // -----------------------------------------------
        Payload payload_Object = new Payload(payload);


        // -----------------------------------------------
        // TODO [5] : [JWEObject 생성] / [인코딩 수행 실시]
        // -----------------------------------------------
        //*
        JWEObject jweObject = new JWEObject(header, payload_Object);

        //jweObject.encrypt(new DirectEncrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
        jweObject.encrypt(new AESEncrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A256GCMKW]

        S_Log._D_(ACTIVITY_NAME + " :: encodeAes256GcmJwe :: JWEObject 정보 확인", new String[]{
                "getHeader :: " + jweObject.getHeader(),
                "getEncryptedKey :: " + jweObject.getEncryptedKey(),
                "getCipherText :: " + jweObject.getCipherText(),
                "getIV :: " + jweObject.getIV(),
                "getAuthTag :: " + jweObject.getAuthTag(),
                "getState :: " + jweObject.getState()
        });

        String jweString = jweObject.serialize(); // TODO [JWE Encode String]
        // */


        // -----------------------------------------------
        // TODO [6] : [JWE 토큰 널 체크 수행]
        // -----------------------------------------------
        if (C_Util.stringNotNull(jweString) == true){
            returnData = jweString;
        }
        else {
            M_LOG = "Error : jweString Is Null";
        }

    }
    catch (Exception e){
        e.printStackTrace();

        M_LOG = "Exception : " + e.getMessage();
    }


    try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Encode :: " + returnData : "Encode :: null" ); } catch (Exception el){}

    S_Log._D_(ACTIVITY_NAME + " :: encodeAes256GcmJwe :: JWE 인코딩 수행", new String[]{"KEY :: " + AES256_GCM_KEY, String.valueOf(M_LOG)});


    return returnData;

}

// --------------------------------------------------------------------------------------





// --------------------------------------------------------------------------------------
[참고 사이트]
// --------------------------------------------------------------------------------------

[온라인 JWT 토큰 복호화 및 헤더 값 확인 참고 사이트]

https://fusionauth.io/dev-tools/jwt-decoder


[라이브러리] [nimbus-jose-jwt] JWE (JSON Web Encryption) JSON 웹 암호화 및 복호화 라이브러리

https://blog.naver.com/kkh0977/223817959400?trackingCode=blog_bloghome_searchlist


[JWT (Json Web Token) 개념 설명]

https://blog.naver.com/kkh0977/222934042760?trackingCode=blog_bloghome_searchlist


[JWE (JSON Web Encryption) JSON 웹 암호화 설명]

https://blog.naver.com/kkh0977/223817878517?trackingCode=blog_bloghome_searchlist

// --------------------------------------------------------------------------------------
 
반응형
저작자표시

'Android' 카테고리의 다른 글

969. (Android/Java) [nimbusds] JWE AES 192 GCM 인코딩 암호화 수행 실시 - A192GCMKW , A192GCM  (0) 2025.04.03
968. (Android/Java) [nimbusds] JWE AES 256 GCM 디코딩 복호화 수행 실시 - A256GCM , A256GCMKW  (0) 2025.04.03
966. (Android/Java) [nimbusds] JWE AES 128 GCM 디코딩 복호화 수행 실시 - A128GCM , A128GCMKW  (0) 2025.04.03
965. (Android/Java) [nimbusds] JWE AES 128 GCM 인코딩 암호화 수행 실시 - A128GCM , A128GCMKW  (0) 2025.04.03
964. (Android/Java) [간단 소스] ScrollView 스크롤뷰 레이아웃 상단 , 하단 스크롤 위치 이동  (0) 2025.03.20
'Android' Related Articles more
Comments