Notice
Recent Posts
Recent Comments
Link
투케이2K
161. (TWOK/UTIL) [Android/Java] C_JWE_Encryption_Module : JWE 웹 암호화 (JSON Web Encryption) 암복호화 클래스 본문
투케이2K 유틸파일
161. (TWOK/UTIL) [Android/Java] C_JWE_Encryption_Module : JWE 웹 암호화 (JSON Web Encryption) 암복호화 클래스
투케이2K 2025. 4. 5. 09:16[설 명]
프로그램 : Android / Java
설 명 : C_JWE_Encryption_Module : JWE 웹 암호화 (JSON Web Encryption) 암복호화 클래스
[소스 코드]
package com.example.javaproject.C_Module;
import android.media.MediaCodec;
import android.util.Base64;
import com.example.javaproject.C_Encryption;
import com.example.javaproject.C_Util;
import com.example.javaproject.S_Log;
import com.jcraft.jsch.jce.AES256CBC;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JOSEObjectType;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWECryptoParts;
import com.nimbusds.jose.JWEEncrypter;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.AESDecrypter;
import com.nimbusds.jose.crypto.AESEncrypter;
import com.nimbusds.jose.crypto.DirectDecrypter;
import com.nimbusds.jose.crypto.DirectEncrypter;
import com.nimbusds.jose.jca.JWEJCAContext;
import com.nimbusds.jose.util.Base64URL;
import com.nimbusds.jwt.EncryptedJWT;
import com.nimbusds.jwt.JWTClaimsSet;
import java.nio.charset.StandardCharsets;
import javax.crypto.spec.SecretKeySpec;
public class C_JWE_Encryption_Module {
/**
* // --------------------------------------------------------------------------------------
* TODO [클래스 설명]
* // --------------------------------------------------------------------------------------
* 1. TODO [설명] : JSON 웹 암호화 (JSON Web Encryption, JWE) 암복호화 관련 클래스
*
* [JWT 구성 요소] :
*
* >> 헤더 (header) : 알고리즘 , 토큰 사용에 대한 정보 (ex: 어떠한 토큰을 사용할 것 인지)
* >> 페이로드 (payload) : 전달하려는 정보 (사용자 ID, 토큰 발급일, 토큰 만료일, 기타 데이터 등)
* >> 서명 (signature) : 서버가 발급해준 비밀키로 헤더 , 페이로드 를 암호화시켜 토큰을 변조하기 어렵게 만듦
*
* [추가 정리]
*
* >> TODO JWE 는 JWT 를 만드는 방법 중 하나입니다
* >> JWE 는 JSON 데이터를 암호화하여 기밀성을 보장하며, 암호화된 토큰은 데이터를 보호하고 인가된 수신자만이 내용을 볼 수 있도록 합니다
* // --------------------------------------------------------------------------------------
*
* // --------------------------------------------------------------------------------------
* 2. TODO [설정 사항]
*
* - 라이브러리 주소 : https://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt
*
* - build.gradle 의존성 부여
*
* // TODO [JWE 암복호화 관련]
* implementation 'com.nimbusds:nimbus-jose-jwt:10.0.2'
*
* // --------------------------------------------------------------------------------------
*
* // --------------------------------------------------------------------------------------
* 3. TODO [참고 사이트]
*
* [JWT 와 JSESSIONID 차이점 정리 - 액세스 인증 토큰 및 세션 아이디]
*
* https://blog.naver.com/kkh0977/223607055033?trackingCode=blog_bloghome_searchlist
*
*
* [JWT (Json Web Token) AccessToken (액세스 토큰) 과 RefreshToken (리프래쉬 토큰) 갱신 및 업데이트 로직]
*
* https://blog.naver.com/kkh0977/223604705723?trackingCode=blog_bloghome_searchlist
*
*
* [Key 생성 사이즈 관련]
*
* https://www.javadoc.io/doc/com.nimbusds/nimbus-jose-jwt/9.22/com/nimbusds/jose/EncryptionMethod.html
* // --------------------------------------------------------------------------------------
* */
// ------------------------------------------------------------------------------------------
// TODO [전역 변수 선언]
// ------------------------------------------------------------------------------------------
private static final String ACTIVITY_NAME = "C_JWE_Encryption_Module";
private static final String AES128_GCM_KEY = "0123456789abcdef"; // [16 바이트]
private static final String AES192_GCM_KEY = "0123456789abcdef01234567"; // [24 바이트]
private static final String AES256_GCM_KEY = "0123456789abcdef0123456789abcdef"; // [32 바이트]
// ------------------------------------------------------------------------------------------
// TODO [AES GCM : JWE 인코딩 수행]
// ------------------------------------------------------------------------------------------
// TODO [Call Method]
// ------------------------------------------------------------------------------------------
/*
JSONObject jsonObject = new JSONObject();
jsonObject.put("iss", "App"); // [발급자]
jsonObject.put("exp", "1743486179"); // [만료 시간]
jsonObject.put("iat", "1743486119"); // [발급 시간]
jsonObject.put("employeeNo", "T_1234567890"); // [사번]
jsonObject.put("name", "투케이"); // [이름]
C_JWE_Encryption_Module.encodeAes128GcmJwe(String.valueOf(jsonObject));
*/
// ------------------------------------------------------------------------------------------
// TODO [Return Data]
// ------------------------------------------------------------------------------------------
/*
D///===========//: ================================================
I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.encodeAes128GcmJwe(C_JWE_Encryption_Module.java:272)]
I/: ----------------------------------------------------
I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: encodeAes128GcmJwe :: JWE 인코딩 수행]
I/: ----------------------------------------------------
I/: [LOG :: KEY :: 0123456789abcdef]
I/: ----------------------------------------------------
I/: [LOG :: Encode :: eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTEyOEdDTSIsInRhZyI6InpScnBpWFgwdjlaRmg3enNXMGtLV2ciLCJhbGciOiJBMTI4R0NNS1ciLCJpdiI6InM3UklpeHk4NFVNUmxDb2EifQ.OaMpJOgmB8g0V5Srj3evvQ.yNaG7f8q8SWuppQP.emJ6aJIadvX_pdVF3i2r8obj3jOQ_XpP0WqRBReAFT5KFvmfUVSwmVINVMlKvR8-O9LZ4xrBv1qeuuOpKdkMKCzV9ebX1nfEnMD3p4CQgZoCg4chNroqG9yV0PrbL5tgrdE.62ye1ZcMy4CkFV6ADJHMzw]
D///===========//: ================================================
*/
// ------------------------------------------------------------------------------------------
public static String encodeAes128GcmJwe(String payload){
String returnData = null; // [Return 데이터]
String M_LOG = null; // [Log 데이터]
try {
// -----------------------------------------------
// TODO [1] : [key >> Byte 변환]
// -----------------------------------------------
byte keyBytes [] = AES128_GCM_KEY.getBytes(StandardCharsets.UTF_8);
// -----------------------------------------------
// TODO [2] : [SecretKey 가져오기]
// -----------------------------------------------
SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");
// -----------------------------------------------
// TODO [3] : [JWE 헤더 설정 : A128GCM 사용]
// -----------------------------------------------
/**
* {
* "cty": "application/json",
* "typ": "JWE",
* "enc": "A128GCM",
* "tag": "SddQInhWp2DFzVFtMEDcSw", ------------> Random : 무결성 검증 Auth Tag 자동 생성
* "alg": "A128GCMKW",
* "iv": "qBQizBH5fvDRjgj_" --------------------> Random : 암호화 과정에서 사용된 초기화 벡터
* }
*/
// -----------------------------------------------
JWEHeader header = new JWEHeader.Builder(
JWEAlgorithm.A128GCMKW, // TODO [alg : 알고 리즘]
EncryptionMethod.A128GCM) // TODO [enc : 인코딩 타입]
.type(new JOSEObjectType("JWE")) // TODO [typ : 타입]
.contentType("application/json") // TODO [cty : 컨텐츠 타입]
.build();
// -----------------------------------------------
// TODO [4] : [페이로드 지정]
// -----------------------------------------------
Payload payload_Object = new Payload(payload);
// -----------------------------------------------
// TODO [5] : [JWEObject 생성] / [인코딩 수행 실시]
// -----------------------------------------------
//*
JWEObject jweObject = new JWEObject(header, payload_Object);
//jweObject.encrypt(new DirectEncrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
jweObject.encrypt(new AESEncrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A128GCMKW]
S_Log._D_(ACTIVITY_NAME + " :: encodeAes128GcmJwe :: JWEObject 정보 확인", new String[]{
"getHeader :: " + jweObject.getHeader(),
"getEncryptedKey :: " + jweObject.getEncryptedKey(),
"getCipherText :: " + jweObject.getCipherText(),
"getIV :: " + jweObject.getIV(),
"getAuthTag :: " + jweObject.getAuthTag(),
"getState :: " + jweObject.getState()
});
String jweString = jweObject.serialize(); // TODO [JWE Encode String]
// */
// -----------------------------------------------
// TODO [6] : [JWE 토큰 널 체크 수행]
// -----------------------------------------------
if (C_Util.stringNotNull(jweString) == true){
returnData = jweString;
}
else {
M_LOG = "Error : jweString Is Null";
}
}
catch (Exception e){
e.printStackTrace();
M_LOG = "Exception : " + e.getMessage();
}
try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Encode :: " + returnData : "Encode :: null" ); } catch (Exception el){}
S_Log._D_(ACTIVITY_NAME + " :: encodeAes128GcmJwe :: JWE 인코딩 수행", new String[]{"KEY :: " + AES128_GCM_KEY, String.valueOf(M_LOG)});
return returnData;
}
// ------------------------------------------------------------------------------------------
// TODO [AES GCM : JWE 디코딩 수행]
// ------------------------------------------------------------------------------------------
// TODO [Call Method]
// ------------------------------------------------------------------------------------------
/*
String jweString = "eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTEyOEdDTSIsInRhZyI6InpScnBpWFgwdjlaRmg3enNXMGtLV2ciLCJhbGciOiJBMTI4R0NNS1ciLCJpdiI6InM3UklpeHk4NFVNUmxDb2EifQ.OaMpJOgmB8g0V5Srj3evvQ.yNaG7f8q8SWuppQP.emJ6aJIadvX_pdVF3i2r8obj3jOQ_XpP0WqRBReAFT5KFvmfUVSwmVINVMlKvR8-O9LZ4xrBv1qeuuOpKdkMKCzV9ebX1nfEnMD3p4CQgZoCg4chNroqG9yV0PrbL5tgrdE.62ye1ZcMy4CkFV6ADJHMzw";
C_JWE_Encryption_Module.decodeAes128GcmJwe(jweString);
*/
// ------------------------------------------------------------------------------------------
// TODO [Return Data]
// ------------------------------------------------------------------------------------------
/*
D///===========//: ================================================
I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.decodeAes128GcmJwe(C_JWE_Encryption_Module.java:387)]
I/: ----------------------------------------------------
I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: decodeAes128GcmJwe :: JWE 디코딩 수행]
I/: ----------------------------------------------------
I/: [LOG :: KEY :: 0123456789abcdef]
I/: ----------------------------------------------------
I/: [LOG :: Decode :: {iss=App, exp=1743486179, iat=1743486119, employeeNo=T_1234567890, name=투케이}]
D///===========//: ================================================
*/
// ------------------------------------------------------------------------------------------
public static String decodeAes128GcmJwe(String jweString){
String returnData = null; // [Return 데이터]
String M_LOG = null; // [Log 데이터]
try {
// -----------------------------------------------
// TODO [1] : [key >> Byte 변환]
// -----------------------------------------------
byte keyBytes [] = AES128_GCM_KEY.getBytes(StandardCharsets.UTF_8);
// -----------------------------------------------
// TODO [2] : [SecretKey 가져오기]
// -----------------------------------------------
SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");
// -----------------------------------------------
// TODO [3] : [EncryptedJWT 생성] / [디코딩 수행 실시]
// -----------------------------------------------
// TODO 참고 : AESDecrypter 을 사용해 단독 디코딩 수행 시 getEncryptedKey, getIV 파싱 후 복호화 필요
// -----------------------------------------------
//*
EncryptedJWT decryptedJWT = EncryptedJWT.parse(jweString);
//JWEObject decryptedJWT = JWEObject.parse(jweString);
//decryptedJWT.decrypt(new DirectDecrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
decryptedJWT.decrypt(new AESDecrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A128GCMKW]
S_Log._D_(ACTIVITY_NAME + " :: decodeAes128GcmJwe :: EncryptedJWT.parse 정보 확인", new String[]{
"getHeader :: " + decryptedJWT.getHeader(),
"getEncryptedKey :: " + decryptedJWT.getEncryptedKey(),
"getCipherText :: " + decryptedJWT.getCipherText(),
"getIV :: " + decryptedJWT.getIV(),
"getAuthTag :: " + decryptedJWT.getAuthTag(),
"getState :: " + decryptedJWT.getState()
});
String payloadString = decryptedJWT.getPayload().toJSONObject().toString();
// */
// -----------------------------------------------
// TODO [4] : [payloadString 토큰 널 체크 수행]
// -----------------------------------------------
if (C_Util.stringNotNull(payloadString) == true){
returnData = payloadString;
}
else {
M_LOG = "Error : payloadString Is Null";
}
}
catch (Exception e){
e.printStackTrace();
M_LOG = "Exception : " + e.getMessage();
}
try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Decode :: " + returnData : "Decode :: null" ); } catch (Exception el){}
S_Log._D_(ACTIVITY_NAME + " :: decodeAes128GcmJwe :: JWE 디코딩 수행", new String[]{"KEY :: " + AES128_GCM_KEY, String.valueOf(M_LOG)});
return returnData;
}
// ------------------------------------------------------------------------------------------
// TODO [AES GCM : JWE 인코딩 수행]
// ------------------------------------------------------------------------------------------
// TODO [Call Method]
// ------------------------------------------------------------------------------------------
/*
JSONObject jsonObject = new JSONObject();
jsonObject.put("iss", "App"); // [발급자]
jsonObject.put("exp", "1743486179"); // [만료 시간]
jsonObject.put("iat", "1743486119"); // [발급 시간]
jsonObject.put("employeeNo", "T_1234567890"); // [사번]
jsonObject.put("name", "투케이"); // [이름]
C_JWE_Encryption_Module.encodeAes192GcmJwe(String.valueOf(jsonObject));
*/
// ------------------------------------------------------------------------------------------
// TODO [Return Data]
// ------------------------------------------------------------------------------------------
/*
===================================================================
[LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.encodeAes192GcmJwe(C_JWE_Encryption_Module.java:531)]
----------------------------------------------------
[LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: encodeAes192GcmJwe :: JWE 인코딩 수행]
----------------------------------------------------
[LOG :: KEY :: 0123456789abcdef01234567]
----------------------------------------------------
[LOG :: Encode :: eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTE5MkdDTSIsInRhZyI6IkF2WVBGLU1Qc0RkTnVnSTdKTW8tekEiLCJhbGciOiJBMTkyR0NNS1ciLCJpdiI6Im5hSTdwYzN2SFFxYVd6NVoifQ.nVPkXhut8hdDJKZcISM3Fw2XUSNelInw.PQjx6cSEqSMXEa9F.Mz7SvaD5sj-hGEbjSGbIO9krQF8CD04VdWLr9sUzZfmbrY61MD_7I_De4VU8FU-naobbZNs5vBL_lpJsITBL2liSjkpx_CYwI0Z2MXhy2-XOS2Z44NGmPHj-rXydO7ROOsk.wZIQ6dGRNG_cRQEuBozJ5A]
===================================================================
*/
// ------------------------------------------------------------------------------------------
public static String encodeAes192GcmJwe(String payload){
String returnData = null; // [Return 데이터]
String M_LOG = null; // [Log 데이터]
try {
// -----------------------------------------------
// TODO [1] : [key >> Byte 변환]
// -----------------------------------------------
byte keyBytes [] = AES192_GCM_KEY.getBytes(StandardCharsets.UTF_8);
// -----------------------------------------------
// TODO [2] : [SecretKey 가져오기]
// -----------------------------------------------
SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");
// -----------------------------------------------
// TODO [3] : [JWE 헤더 설정 : A128GCM 사용]
// -----------------------------------------------
/**
* {
* "cty": "application/json",
* "typ": "JWE",
* "enc": "A192GCM",
* "tag": "SddQInhWp2DFzVFtMEDcSw", ------------> Random : 무결성 검증 Auth Tag 자동 생성
* "alg": "A192GCMKW",
* "iv": "qBQizBH5fvDRjgj_" --------------------> Random : 암호화 과정에서 사용된 초기화 벡터
* }
*/
// -----------------------------------------------
JWEHeader header = new JWEHeader.Builder(
JWEAlgorithm.A192GCMKW, // TODO [alg : 알고 리즘]
EncryptionMethod.A192GCM) // TODO [enc : 인코딩 타입]
.type(new JOSEObjectType("JWE")) // TODO [typ : 타입]
.contentType("application/json") // TODO [cty : 컨텐츠 타입]
.build();
// -----------------------------------------------
// TODO [4] : [페이로드 지정]
// -----------------------------------------------
Payload payload_Object = new Payload(payload);
// -----------------------------------------------
// TODO [5] : [JWEObject 생성] / [인코딩 수행 실시]
// -----------------------------------------------
//*
JWEObject jweObject = new JWEObject(header, payload_Object);
//jweObject.encrypt(new DirectEncrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
jweObject.encrypt(new AESEncrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A192GCMKW]
S_Log._D_(ACTIVITY_NAME + " :: encodeAes192GcmJwe :: JWEObject 정보 확인", new String[]{
"getHeader :: " + jweObject.getHeader(),
"getEncryptedKey :: " + jweObject.getEncryptedKey(),
"getCipherText :: " + jweObject.getCipherText(),
"getIV :: " + jweObject.getIV(),
"getAuthTag :: " + jweObject.getAuthTag(),
"getState :: " + jweObject.getState()
});
String jweString = jweObject.serialize(); // TODO [JWE Encode String]
// */
// -----------------------------------------------
// TODO [6] : [JWE 토큰 널 체크 수행]
// -----------------------------------------------
if (C_Util.stringNotNull(jweString) == true){
returnData = jweString;
}
else {
M_LOG = "Error : jweString Is Null";
}
}
catch (Exception e){
e.printStackTrace();
M_LOG = "Exception : " + e.getMessage();
}
try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Encode :: " + returnData : "Encode :: null" ); } catch (Exception el){}
S_Log._D_(ACTIVITY_NAME + " :: encodeAes192GcmJwe :: JWE 인코딩 수행", new String[]{"KEY :: " + AES192_GCM_KEY, String.valueOf(M_LOG)});
return returnData;
}
// ------------------------------------------------------------------------------------------
// TODO [AES GCM : JWE 디코딩 수행]
// ------------------------------------------------------------------------------------------
// TODO [Call Method]
// ------------------------------------------------------------------------------------------
/*
String jweString = "eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTE5MkdDTSIsInRhZyI6IkF2WVBGLU1Qc0RkTnVnSTdKTW8tekEiLCJhbGciOiJBMTkyR0NNS1ciLCJpdiI6Im5hSTdwYzN2SFFxYVd6NVoifQ.nVPkXhut8hdDJKZcISM3Fw2XUSNelInw.PQjx6cSEqSMXEa9F.Mz7SvaD5sj-hGEbjSGbIO9krQF8CD04VdWLr9sUzZfmbrY61MD_7I_De4VU8FU-naobbZNs5vBL_lpJsITBL2liSjkpx_CYwI0Z2MXhy2-XOS2Z44NGmPHj-rXydO7ROOsk.wZIQ6dGRNG_cRQEuBozJ5A";
C_JWE_Encryption_Module.decodeAes192GcmJwe(jweString);
*/
// ------------------------------------------------------------------------------------------
// TODO [Return Data]
// ------------------------------------------------------------------------------------------
/*
===================================================================
[LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.decodeAes192GcmJwe(C_JWE_Encryption_Module.java:622)]
----------------------------------------------------
[LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: decodeAes192GcmJwe :: JWE 디코딩 수행]
----------------------------------------------------
[LOG :: KEY :: 0123456789abcdef01234567]
----------------------------------------------------
[LOG :: Decode :: {iss=App, exp=1743486179, iat=1743486119, employeeNo=T_1234567890, name=투케이}]
===================================================================
*/
// ------------------------------------------------------------------------------------------
public static String decodeAes192GcmJwe(String jweString){
String returnData = null; // [Return 데이터]
String M_LOG = null; // [Log 데이터]
try {
// -----------------------------------------------
// TODO [1] : [key >> Byte 변환]
// -----------------------------------------------
byte keyBytes [] = AES192_GCM_KEY.getBytes(StandardCharsets.UTF_8);
// -----------------------------------------------
// TODO [2] : [SecretKey 가져오기]
// -----------------------------------------------
SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");
// -----------------------------------------------
// TODO [3] : [EncryptedJWT 생성] / [디코딩 수행 실시]
// -----------------------------------------------
// TODO 참고 : AESDecrypter 을 사용해 단독 디코딩 수행 시 getEncryptedKey, getIV 파싱 후 복호화 필요
// -----------------------------------------------
//*
EncryptedJWT decryptedJWT = EncryptedJWT.parse(jweString);
//JWEObject decryptedJWT = JWEObject.parse(jweString);
//decryptedJWT.decrypt(new DirectDecrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
decryptedJWT.decrypt(new AESDecrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A192GCMKW]
S_Log._D_(ACTIVITY_NAME + " :: decodeAes192GcmJwe :: EncryptedJWT.parse 정보 확인", new String[]{
"getHeader :: " + decryptedJWT.getHeader(),
"getEncryptedKey :: " + decryptedJWT.getEncryptedKey(),
"getCipherText :: " + decryptedJWT.getCipherText(),
"getIV :: " + decryptedJWT.getIV(),
"getAuthTag :: " + decryptedJWT.getAuthTag(),
"getState :: " + decryptedJWT.getState()
});
String payloadString = decryptedJWT.getPayload().toJSONObject().toString();
// */
// -----------------------------------------------
// TODO [4] : [payloadString 토큰 널 체크 수행]
// -----------------------------------------------
if (C_Util.stringNotNull(payloadString) == true){
returnData = payloadString;
}
else {
M_LOG = "Error : payloadString Is Null";
}
}
catch (Exception e){
e.printStackTrace();
M_LOG = "Exception : " + e.getMessage();
}
try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Decode :: " + returnData : "Decode :: null" ); } catch (Exception el){}
S_Log._D_(ACTIVITY_NAME + " :: decodeAes192GcmJwe :: JWE 디코딩 수행", new String[]{"KEY :: " + AES192_GCM_KEY, String.valueOf(M_LOG)});
return returnData;
}
// ------------------------------------------------------------------------------------------
// TODO [AES GCM : JWE 인코딩 수행]
// ------------------------------------------------------------------------------------------
// TODO [Call Method]
// ------------------------------------------------------------------------------------------
/*
JSONObject jsonObject = new JSONObject();
jsonObject.put("iss", "App"); // [발급자]
jsonObject.put("exp", "1743486179"); // [만료 시간]
jsonObject.put("iat", "1743486119"); // [발급 시간]
jsonObject.put("employeeNo", "T_1234567890"); // [사번]
jsonObject.put("name", "투케이"); // [이름]
C_JWE_Encryption_Module.encodeAes256GcmJwe(String.valueOf(jsonObject));
*/
// ------------------------------------------------------------------------------------------
// TODO [Return Data]
// ------------------------------------------------------------------------------------------
/*
D///===========//: ================================================
I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.encodeAes256GcmJwe(C_JWE_Encryption_Module.java:532)]
I/: ----------------------------------------------------
I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: encodeAes256GcmJwe :: JWE 인코딩 수행]
I/: ----------------------------------------------------
I/: [LOG :: KEY :: 0123456789abcdef0123456789abcdef]
I/: ----------------------------------------------------
I/: [LOG :: Encode :: eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTI1NkdDTSIsInRhZyI6IlNpSHZYTG80cTI1YWtQRFJlUUNsZFEiLCJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ijd4MjZfRXU2WkUzUGpVSk8ifQ.eCRJcf8caoVZxu9JU6cGSb-T1jijbhgdiHcj-exh4v8.Py6XijHl4h2gnIVU.odlLdIhawgDzGiCdXHaxwdSlkErnTJR2g-g_3hsLQ_sqINNsAIQSxkx04LFF81BpIeyJvkTLbKI9Gxu3fpk81BVIodETpZM4f6fA6FTfd2fZNh-25YmxWf3cfcqtrD39X_w.vf_Mldxxn1VpnViVT-rrSQ]
D///===========//: ================================================
*/
// ------------------------------------------------------------------------------------------
public static String encodeAes256GcmJwe(String payload){
String returnData = null; // [Return 데이터]
String M_LOG = null; // [Log 데이터]
try {
// -----------------------------------------------
// TODO [1] : [key >> Byte 변환]
// -----------------------------------------------
byte keyBytes [] = AES256_GCM_KEY.getBytes(StandardCharsets.UTF_8);
// -----------------------------------------------
// TODO [2] : [SecretKey 가져오기]
// -----------------------------------------------
SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");
// -----------------------------------------------
// TODO [3] : [JWE 헤더 설정 : A256GCM 사용]
// -----------------------------------------------
/**
* {
* "cty": "application/json",
* "typ": "JWE",
* "enc": "A256GCM",
* "tag": "SddQInhWp2DFzVFtMEDcSw", ------------> Random : 무결성 검증 Auth Tag 자동 생성
* "alg": "A256GCMKW",
* "iv": "qBQizBH5fvDRjgj_" --------------------> Random : 암호화 과정에서 사용된 초기화 벡터
* }
*/
// -----------------------------------------------
JWEHeader header = new JWEHeader.Builder(
JWEAlgorithm.A256GCMKW, // TODO [alg : 알고 리즘]
EncryptionMethod.A256GCM) // TODO [enc : 인코딩 타입]
.type(new JOSEObjectType("JWE")) // TODO [typ : 타입]
.contentType("application/json") // TODO [cty : 컨텐츠 타입]
.build();
// -----------------------------------------------
// TODO [4] : [페이로드 지정]
// -----------------------------------------------
Payload payload_Object = new Payload(payload);
// -----------------------------------------------
// TODO [5] : [JWEObject 생성] / [인코딩 수행 실시]
// -----------------------------------------------
//*
JWEObject jweObject = new JWEObject(header, payload_Object);
//jweObject.encrypt(new DirectEncrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
jweObject.encrypt(new AESEncrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A256GCMKW]
S_Log._D_(ACTIVITY_NAME + " :: encodeAes256GcmJwe :: JWEObject 정보 확인", new String[]{
"getHeader :: " + jweObject.getHeader(),
"getEncryptedKey :: " + jweObject.getEncryptedKey(),
"getCipherText :: " + jweObject.getCipherText(),
"getIV :: " + jweObject.getIV(),
"getAuthTag :: " + jweObject.getAuthTag(),
"getState :: " + jweObject.getState()
});
String jweString = jweObject.serialize(); // TODO [JWE Encode String]
// */
// -----------------------------------------------
// TODO [6] : [JWE 토큰 널 체크 수행]
// -----------------------------------------------
if (C_Util.stringNotNull(jweString) == true){
returnData = jweString;
}
else {
M_LOG = "Error : jweString Is Null";
}
}
catch (Exception e){
e.printStackTrace();
M_LOG = "Exception : " + e.getMessage();
}
try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Encode :: " + returnData : "Encode :: null" ); } catch (Exception el){}
S_Log._D_(ACTIVITY_NAME + " :: encodeAes256GcmJwe :: JWE 인코딩 수행", new String[]{"KEY :: " + AES256_GCM_KEY, String.valueOf(M_LOG)});
return returnData;
}
// ------------------------------------------------------------------------------------------
// TODO [AES GCM : JWE 디코딩 수행]
// ------------------------------------------------------------------------------------------
// TODO [Call Method]
// ------------------------------------------------------------------------------------------
/*
String jweString = "eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTI1NkdDTSIsInRhZyI6IlNpSHZYTG80cTI1YWtQRFJlUUNsZFEiLCJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ijd4MjZfRXU2WkUzUGpVSk8ifQ.eCRJcf8caoVZxu9JU6cGSb-T1jijbhgdiHcj-exh4v8.Py6XijHl4h2gnIVU.odlLdIhawgDzGiCdXHaxwdSlkErnTJR2g-g_3hsLQ_sqINNsAIQSxkx04LFF81BpIeyJvkTLbKI9Gxu3fpk81BVIodETpZM4f6fA6FTfd2fZNh-25YmxWf3cfcqtrD39X_w.vf_Mldxxn1VpnViVT-rrSQ";
C_JWE_Encryption_Module.decodeAes256GcmJwe(jweString);
*/
// ------------------------------------------------------------------------------------------
// TODO [Return Data]
// ------------------------------------------------------------------------------------------
/*
D///===========//: ================================================
I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.decodeAes256GcmJwe(C_JWE_Encryption_Module.java:654)]
I/: ----------------------------------------------------
I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: decodeAes256GcmJwe :: JWE 디코딩 수행]
I/: ----------------------------------------------------
I/: [LOG :: KEY :: 0123456789abcdef0123456789abcdef]
I/: ----------------------------------------------------
I/: [LOG :: Decode :: {iss=App, exp=1743486179, iat=1743486119, employeeNo=T_1234567890, name=투케이}]
D///===========//: ================================================
*/
// ------------------------------------------------------------------------------------------
public static String decodeAes256GcmJwe(String jweString){
String returnData = null; // [Return 데이터]
String M_LOG = null; // [Log 데이터]
try {
// -----------------------------------------------
// TODO [1] : [key >> Byte 변환]
// -----------------------------------------------
byte keyBytes [] = AES256_GCM_KEY.getBytes(StandardCharsets.UTF_8);
// -----------------------------------------------
// TODO [2] : [SecretKey 가져오기]
// -----------------------------------------------
SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");
// -----------------------------------------------
// TODO [3] : [EncryptedJWT 생성] / [디코딩 수행 실시]
// -----------------------------------------------
// TODO 참고 : AESDecrypter 을 사용해 단독 디코딩 수행 시 getEncryptedKey, getIV 파싱 후 복호화 필요
// -----------------------------------------------
//*
EncryptedJWT decryptedJWT = EncryptedJWT.parse(jweString);
//JWEObject decryptedJWT = JWEObject.parse(jweString);
//decryptedJWT.decrypt(new DirectDecrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
decryptedJWT.decrypt(new AESDecrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A256GCMKW]
S_Log._D_(ACTIVITY_NAME + " :: decodeAes256GcmJwe :: EncryptedJWT.parse 정보 확인", new String[]{
"getHeader :: " + decryptedJWT.getHeader(),
"getEncryptedKey :: " + decryptedJWT.getEncryptedKey(),
"getCipherText :: " + decryptedJWT.getCipherText(),
"getIV :: " + decryptedJWT.getIV(),
"getAuthTag :: " + decryptedJWT.getAuthTag(),
"getState :: " + decryptedJWT.getState()
});
String payloadString = decryptedJWT.getPayload().toJSONObject().toString();
// */
// -----------------------------------------------
// TODO [4] : [payloadString 토큰 널 체크 수행]
// -----------------------------------------------
if (C_Util.stringNotNull(payloadString) == true){
returnData = payloadString;
}
else {
M_LOG = "Error : payloadString Is Null";
}
}
catch (Exception e){
e.printStackTrace();
M_LOG = "Exception : " + e.getMessage();
}
try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Decode :: " + returnData : "Decode :: null" ); } catch (Exception el){}
S_Log._D_(ACTIVITY_NAME + " :: decodeAes256GcmJwe :: JWE 디코딩 수행", new String[]{"KEY :: " + AES256_GCM_KEY, String.valueOf(M_LOG)});
return returnData;
}
} // TODO [클래스 종료]
반응형