970. (Android/Java) [nimbusds] JWE AES 192 GCM 디코딩 복호화 수행 실시 - A192GCMKW , A192GCM

---

[개발 환경 설정]

​

개발 툴 : AndroidStudio

개발 언어 : Java / Kotlin

​

 

---

[소스 코드]

​

// --------------------------------------------------------------------------------------
[개발 및 테스트 환경]
// --------------------------------------------------------------------------------------

- 언어 : Java / Kotlin

- 개발 툴 : AndroidStudio

- 기술 구분 : nimbusds / JWE / JWT / AES

// --------------------------------------------------------------------------------------






// --------------------------------------------------------------------------------------
[nimbusds 라이브러리 의존성 부여 설정 : build.gradle]
// --------------------------------------------------------------------------------------

// TODO [JWE 암복호화 관련]

implementation 'com.nimbusds:nimbus-jose-jwt:10.0.2'

// --------------------------------------------------------------------------------------






// --------------------------------------------------------------------------------------
[Java : 소스 코드]
// --------------------------------------------------------------------------------------

// --------------------------------------------------------------------
// TODO [전역 변수 선언]
// --------------------------------------------------------------------
private static final String AES192_GCM_KEY = "0123456789abcdef01234567"; // [24 바이트]




// --------------------------------------------------------------------
// TODO [AES GCM : JWE 디코딩 수행]
// --------------------------------------------------------------------
// TODO [Call Method]
// --------------------------------------------------------------------
/*
String jweString = "eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTE5MkdDTSIsInRhZyI6IkF2WVBGLU1Qc0RkTnVnSTdKTW8tekEiLCJhbGciOiJBMTkyR0NNS1ciLCJpdiI6Im5hSTdwYzN2SFFxYVd6NVoifQ.nVPkXhut8hdDJKZcISM3Fw2XUSNelInw.PQjx6cSEqSMXEa9F.Mz7SvaD5sj-hGEbjSGbIO9krQF8CD04VdWLr9sUzZfmbrY61MD_7I_De4VU8FU-naobbZNs5vBL_lpJsITBL2liSjkpx_CYwI0Z2MXhy2-XOS2Z44NGmPHj-rXydO7ROOsk.wZIQ6dGRNG_cRQEuBozJ5A";

C_JWE_Encryption_Module.decodeAes192GcmJwe(jweString);
*/
// --------------------------------------------------------------------
// TODO [Return Data]
// --------------------------------------------------------------------
/*
===================================================================
[LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.decodeAes192GcmJwe(C_JWE_Encryption_Module.java:589)]
----------------------------------------------------
[LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: decodeAes192GcmJwe :: EncryptedJWT.parse 정보 확인]
----------------------------------------------------
[LOG :: getHeader :: {"cty":"application/json","typ":"JWE","enc":"A192GCM","tag":"AvYPF-MPsDdNugI7JMo-zA","alg":"A192GCMKW","iv":"naI7pc3vHQqaWz5Z"}]
----------------------------------------------------
[LOG :: getEncryptedKey :: nVPkXhut8hdDJKZcISM3Fw2XUSNelInw]
----------------------------------------------------
[LOG :: getCipherText :: Mz7SvaD5sj-hGEbjSGbIO9krQF8CD04VdWLr9sUzZfmbrY61MD_7I_De4VU8FU-naobbZNs5vBL_lpJsITBL2liSjkpx_CYwI0Z2MXhy2-XOS2Z44NGmPHj-rXydO7ROOsk]
----------------------------------------------------
[LOG :: getIV :: PQjx6cSEqSMXEa9F]
----------------------------------------------------
[LOG :: getAuthTag :: wZIQ6dGRNG_cRQEuBozJ5A]
----------------------------------------------------
[LOG :: getState :: DECRYPTED]
===================================================================


===================================================================
[LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.decodeAes192GcmJwe(C_JWE_Encryption_Module.java:622)]
----------------------------------------------------
[LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: decodeAes192GcmJwe :: JWE 디코딩 수행]
----------------------------------------------------
[LOG :: KEY :: 0123456789abcdef01234567]
----------------------------------------------------
[LOG :: Decode :: {iss=App, exp=1743486179, iat=1743486119, employeeNo=T_1234567890, name=투케이}]
===================================================================
*/
// --------------------------------------------------------------------
public static String decodeAes192GcmJwe(String jweString){

    String returnData = null; // [Return 데이터]
    String M_LOG = null; // [Log 데이터]

    try {

        // -----------------------------------------------
        // TODO [1] : [key >> Byte 변환]
        // -----------------------------------------------
        byte keyBytes [] = AES192_GCM_KEY.getBytes(StandardCharsets.UTF_8);


        // -----------------------------------------------
        // TODO [2] : [SecretKey 가져오기]
        // -----------------------------------------------
        SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");


        // -----------------------------------------------
        // TODO [3] : [EncryptedJWT 생성] / [디코딩 수행 실시]
        // -----------------------------------------------
        // TODO 참고 : AESDecrypter 을 사용해 단독 디코딩 수행 시 getEncryptedKey, getIV 파싱 후 복호화 필요
        // -----------------------------------------------
        //*
        EncryptedJWT decryptedJWT = EncryptedJWT.parse(jweString);
        //JWEObject decryptedJWT = JWEObject.parse(jweString);

        //decryptedJWT.decrypt(new DirectDecrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
        decryptedJWT.decrypt(new AESDecrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A192GCMKW]

        S_Log._D_(ACTIVITY_NAME + " :: decodeAes192GcmJwe :: EncryptedJWT.parse 정보 확인", new String[]{
                "getHeader :: " + decryptedJWT.getHeader(),
                "getEncryptedKey :: " + decryptedJWT.getEncryptedKey(),
                "getCipherText :: " + decryptedJWT.getCipherText(),
                "getIV :: " + decryptedJWT.getIV(),
                "getAuthTag :: " + decryptedJWT.getAuthTag(),
                "getState :: " + decryptedJWT.getState()
        });

        String payloadString = decryptedJWT.getPayload().toJSONObject().toString();
        // */


        // -----------------------------------------------
        // TODO [4] : [payloadString 토큰 널 체크 수행]
        // -----------------------------------------------
        if (C_Util.stringNotNull(payloadString) == true){
            returnData = payloadString;
        }
        else {
            M_LOG = "Error : payloadString Is Null";
        }

    }
    catch (Exception e){
        e.printStackTrace();

        M_LOG = "Exception : " + e.getMessage();
    }


    try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Decode :: " + returnData : "Decode :: null" ); } catch (Exception el){}

    S_Log._D_(ACTIVITY_NAME + " :: decodeAes192GcmJwe :: JWE 디코딩 수행", new String[]{"KEY :: " + AES192_GCM_KEY, String.valueOf(M_LOG)});


    return returnData;

}

// --------------------------------------------------------------------------------------





// --------------------------------------------------------------------------------------
[참고 사이트]
// --------------------------------------------------------------------------------------

[온라인 JWT 토큰 복호화 및 헤더 값 확인 참고 사이트]

https://fusionauth.io/dev-tools/jwt-decoder


[라이브러리] [nimbus-jose-jwt] JWE (JSON Web Encryption) JSON 웹 암호화 및 복호화 라이브러리

https://blog.naver.com/kkh0977/223817959400?trackingCode=blog_bloghome_searchlist


[JWT (Json Web Token) 개념 설명]

https://blog.naver.com/kkh0977/222934042760?trackingCode=blog_bloghome_searchlist


[JWE (JSON Web Encryption) JSON 웹 암호화 설명]

https://blog.naver.com/kkh0977/223817878517?trackingCode=blog_bloghome_searchlist

// --------------------------------------------------------------------------------------

 

---

[참고 사이트]

​

https://blog.naver.com/kkh0977/223817878517?trackingCode=blog_bloghome_searchlist

267. [IT 기술] JWE (JSON Web Encryption) JSON 웹 암호화 설명

---