투케이2K

161. (TWOK/UTIL) [Android/Java] C_JWE_Encryption_Module : JWE 웹 암호화 (JSON Web Encryption) 암복호화 클래스 본문

투케이2K 유틸파일

161. (TWOK/UTIL) [Android/Java] C_JWE_Encryption_Module : JWE 웹 암호화 (JSON Web Encryption) 암복호화 클래스

투케이2K 2025. 4. 5. 09:16

[설 명]

프로그램 : Android / Java

설 명 : C_JWE_Encryption_Module : JWE 웹 암호화 (JSON Web Encryption) 암복호화 클래스

 

[소스 코드]

package com.example.javaproject.C_Module;

import android.media.MediaCodec;
import android.util.Base64;

import com.example.javaproject.C_Encryption;
import com.example.javaproject.C_Util;
import com.example.javaproject.S_Log;
import com.jcraft.jsch.jce.AES256CBC;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JOSEObjectType;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWECryptoParts;
import com.nimbusds.jose.JWEEncrypter;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.AESDecrypter;
import com.nimbusds.jose.crypto.AESEncrypter;
import com.nimbusds.jose.crypto.DirectDecrypter;
import com.nimbusds.jose.crypto.DirectEncrypter;
import com.nimbusds.jose.jca.JWEJCAContext;
import com.nimbusds.jose.util.Base64URL;
import com.nimbusds.jwt.EncryptedJWT;
import com.nimbusds.jwt.JWTClaimsSet;

import java.nio.charset.StandardCharsets;
import javax.crypto.spec.SecretKeySpec;

public class C_JWE_Encryption_Module {


    /**
     * // --------------------------------------------------------------------------------------
     * TODO [클래스 설명]
     * // --------------------------------------------------------------------------------------
     * 1. TODO [설명] : JSON 웹 암호화 (JSON Web Encryption, JWE) 암복호화 관련 클래스
     *
     * [JWT 구성 요소] :
     *
     *   >> 헤더 (header) : 알고리즘 , 토큰 사용에 대한 정보 (ex: 어떠한 토큰을 사용할 것 인지)
     *   >> 페이로드 (payload) : 전달하려는 정보 (사용자 ID, 토큰 발급일, 토큰 만료일, 기타 데이터 등)
     *   >> 서명 (signature) : 서버가 발급해준 비밀키로 헤더 , 페이로드 를 암호화시켜 토큰을 변조하기 어렵게 만듦
     *
     * [추가 정리]
     *
     *   >> TODO JWE 는 JWT 를 만드는 방법 중 하나입니다
     *   >> JWE 는 JSON 데이터를 암호화하여 기밀성을 보장하며, 암호화된 토큰은 데이터를 보호하고 인가된 수신자만이 내용을 볼 수 있도록 합니다
     * // --------------------------------------------------------------------------------------
     *
     * // --------------------------------------------------------------------------------------
     * 2. TODO [설정 사항]
     *
     * - 라이브러리 주소 : https://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt
     *
     * - build.gradle 의존성 부여
     *
     *    // TODO [JWE 암복호화 관련]
     *    implementation 'com.nimbusds:nimbus-jose-jwt:10.0.2'
     *
     * // --------------------------------------------------------------------------------------
     *
     * // --------------------------------------------------------------------------------------
     * 3. TODO [참고 사이트]
     *
     * [JWT 와 JSESSIONID 차이점 정리 - 액세스 인증 토큰 및 세션 아이디]
     *
     * https://blog.naver.com/kkh0977/223607055033?trackingCode=blog_bloghome_searchlist
     *
     *
     * [JWT (Json Web Token) AccessToken (액세스 토큰) 과 RefreshToken (리프래쉬 토큰) 갱신 및 업데이트 로직]
     *
     * https://blog.naver.com/kkh0977/223604705723?trackingCode=blog_bloghome_searchlist
     *
     *
     * [Key 생성 사이즈 관련]
     *
     * https://www.javadoc.io/doc/com.nimbusds/nimbus-jose-jwt/9.22/com/nimbusds/jose/EncryptionMethod.html
     * // --------------------------------------------------------------------------------------
     * */





    // ------------------------------------------------------------------------------------------
    // TODO [전역 변수 선언]
    // ------------------------------------------------------------------------------------------
    private static final String ACTIVITY_NAME = "C_JWE_Encryption_Module";

    private static final String AES128_GCM_KEY = "0123456789abcdef"; // [16 바이트]
    private static final String AES192_GCM_KEY = "0123456789abcdef01234567"; // [24 바이트]
    private static final String AES256_GCM_KEY = "0123456789abcdef0123456789abcdef"; // [32 바이트]






    // ------------------------------------------------------------------------------------------
    // TODO [AES GCM : JWE 인코딩 수행]
    // ------------------------------------------------------------------------------------------
    // TODO [Call Method]
    // ------------------------------------------------------------------------------------------
    /*
    JSONObject jsonObject = new JSONObject();
    jsonObject.put("iss", "App"); // [발급자]
    jsonObject.put("exp", "1743486179"); // [만료 시간]
    jsonObject.put("iat", "1743486119"); // [발급 시간]
    jsonObject.put("employeeNo", "T_1234567890"); // [사번]
    jsonObject.put("name", "투케이"); // [이름]

    C_JWE_Encryption_Module.encodeAes128GcmJwe(String.valueOf(jsonObject));
    */
    // ------------------------------------------------------------------------------------------
    // TODO [Return Data]
    // ------------------------------------------------------------------------------------------
    /*
    D///===========//: ================================================
    I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.encodeAes128GcmJwe(C_JWE_Encryption_Module.java:272)]
    I/: ----------------------------------------------------
    I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: encodeAes128GcmJwe :: JWE 인코딩 수행]
    I/: ----------------------------------------------------
    I/: [LOG :: KEY :: 0123456789abcdef]
    I/: ----------------------------------------------------
    I/: [LOG :: Encode :: eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTEyOEdDTSIsInRhZyI6InpScnBpWFgwdjlaRmg3enNXMGtLV2ciLCJhbGciOiJBMTI4R0NNS1ciLCJpdiI6InM3UklpeHk4NFVNUmxDb2EifQ.OaMpJOgmB8g0V5Srj3evvQ.yNaG7f8q8SWuppQP.emJ6aJIadvX_pdVF3i2r8obj3jOQ_XpP0WqRBReAFT5KFvmfUVSwmVINVMlKvR8-O9LZ4xrBv1qeuuOpKdkMKCzV9ebX1nfEnMD3p4CQgZoCg4chNroqG9yV0PrbL5tgrdE.62ye1ZcMy4CkFV6ADJHMzw]
    D///===========//: ================================================
    */
    // ------------------------------------------------------------------------------------------
    public static String encodeAes128GcmJwe(String payload){

        String returnData = null; // [Return 데이터]
        String M_LOG = null; // [Log 데이터]

        try {

            // -----------------------------------------------
            // TODO [1] : [key >> Byte 변환]
            // -----------------------------------------------
            byte keyBytes [] = AES128_GCM_KEY.getBytes(StandardCharsets.UTF_8);


            // -----------------------------------------------
            // TODO [2] : [SecretKey 가져오기]
            // -----------------------------------------------
            SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");


            // -----------------------------------------------
            // TODO [3] : [JWE 헤더 설정 : A128GCM 사용]
            // -----------------------------------------------
            /**
             * {
             *   "cty": "application/json",
             *   "typ": "JWE",
             *   "enc": "A128GCM",
             *   "tag": "SddQInhWp2DFzVFtMEDcSw", ------------> Random : 무결성 검증 Auth Tag 자동 생성
             *   "alg": "A128GCMKW",
             *   "iv": "qBQizBH5fvDRjgj_" --------------------> Random : 암호화 과정에서 사용된 초기화 벡터
             * }
             */
            // -----------------------------------------------
            JWEHeader header = new JWEHeader.Builder(
                    JWEAlgorithm.A128GCMKW, // TODO [alg : 알고 리즘]
                    EncryptionMethod.A128GCM) // TODO [enc : 인코딩 타입]
                    .type(new JOSEObjectType("JWE")) // TODO [typ : 타입]
                    .contentType("application/json") // TODO [cty : 컨텐츠 타입]
                    .build();


            // -----------------------------------------------
            // TODO [4] : [페이로드 지정]
            // -----------------------------------------------
            Payload payload_Object = new Payload(payload);


            // -----------------------------------------------
            // TODO [5] : [JWEObject 생성] / [인코딩 수행 실시]
            // -----------------------------------------------
            //*
            JWEObject jweObject = new JWEObject(header, payload_Object);

            //jweObject.encrypt(new DirectEncrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
            jweObject.encrypt(new AESEncrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A128GCMKW]

            S_Log._D_(ACTIVITY_NAME + " :: encodeAes128GcmJwe :: JWEObject 정보 확인", new String[]{
                    "getHeader :: " + jweObject.getHeader(),
                    "getEncryptedKey :: " + jweObject.getEncryptedKey(),
                    "getCipherText :: " + jweObject.getCipherText(),
                    "getIV :: " + jweObject.getIV(),
                    "getAuthTag :: " + jweObject.getAuthTag(),
                    "getState :: " + jweObject.getState()
            });

            String jweString = jweObject.serialize(); // TODO [JWE Encode String]
            // */


            // -----------------------------------------------
            // TODO [6] : [JWE 토큰 널 체크 수행]
            // -----------------------------------------------
            if (C_Util.stringNotNull(jweString) == true){
                returnData = jweString;
            }
            else {
                M_LOG = "Error : jweString Is Null";
            }

        }
        catch (Exception e){
            e.printStackTrace();

            M_LOG = "Exception : " + e.getMessage();
        }


        try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Encode :: " + returnData : "Encode :: null" ); } catch (Exception el){}

        S_Log._D_(ACTIVITY_NAME + " :: encodeAes128GcmJwe :: JWE 인코딩 수행", new String[]{"KEY :: " + AES128_GCM_KEY, String.valueOf(M_LOG)});


        return returnData;

    }





    // ------------------------------------------------------------------------------------------
    // TODO [AES GCM : JWE 디코딩 수행]
    // ------------------------------------------------------------------------------------------
    // TODO [Call Method]
    // ------------------------------------------------------------------------------------------
    /*
    String jweString = "eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTEyOEdDTSIsInRhZyI6InpScnBpWFgwdjlaRmg3enNXMGtLV2ciLCJhbGciOiJBMTI4R0NNS1ciLCJpdiI6InM3UklpeHk4NFVNUmxDb2EifQ.OaMpJOgmB8g0V5Srj3evvQ.yNaG7f8q8SWuppQP.emJ6aJIadvX_pdVF3i2r8obj3jOQ_XpP0WqRBReAFT5KFvmfUVSwmVINVMlKvR8-O9LZ4xrBv1qeuuOpKdkMKCzV9ebX1nfEnMD3p4CQgZoCg4chNroqG9yV0PrbL5tgrdE.62ye1ZcMy4CkFV6ADJHMzw";

    C_JWE_Encryption_Module.decodeAes128GcmJwe(jweString);
    */
    // ------------------------------------------------------------------------------------------
    // TODO [Return Data]
    // ------------------------------------------------------------------------------------------
    /*
    D///===========//: ================================================
    I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.decodeAes128GcmJwe(C_JWE_Encryption_Module.java:387)]
    I/: ----------------------------------------------------
    I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: decodeAes128GcmJwe :: JWE 디코딩 수행]
    I/: ----------------------------------------------------
    I/: [LOG :: KEY :: 0123456789abcdef]
    I/: ----------------------------------------------------
    I/: [LOG :: Decode :: {iss=App, exp=1743486179, iat=1743486119, employeeNo=T_1234567890, name=투케이}]
    D///===========//: ================================================
    */
    // ------------------------------------------------------------------------------------------
    public static String decodeAes128GcmJwe(String jweString){

        String returnData = null; // [Return 데이터]
        String M_LOG = null; // [Log 데이터]

        try {

            // -----------------------------------------------
            // TODO [1] : [key >> Byte 변환]
            // -----------------------------------------------
            byte keyBytes [] = AES128_GCM_KEY.getBytes(StandardCharsets.UTF_8);


            // -----------------------------------------------
            // TODO [2] : [SecretKey 가져오기]
            // -----------------------------------------------
            SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");


            // -----------------------------------------------
            // TODO [3] : [EncryptedJWT 생성] / [디코딩 수행 실시]
            // -----------------------------------------------
            // TODO 참고 : AESDecrypter 을 사용해 단독 디코딩 수행 시 getEncryptedKey, getIV 파싱 후 복호화 필요
            // -----------------------------------------------
            //*
            EncryptedJWT decryptedJWT = EncryptedJWT.parse(jweString);
            //JWEObject decryptedJWT = JWEObject.parse(jweString);

            //decryptedJWT.decrypt(new DirectDecrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
            decryptedJWT.decrypt(new AESDecrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A128GCMKW]

            S_Log._D_(ACTIVITY_NAME + " :: decodeAes128GcmJwe :: EncryptedJWT.parse 정보 확인", new String[]{
                    "getHeader :: " + decryptedJWT.getHeader(),
                    "getEncryptedKey :: " + decryptedJWT.getEncryptedKey(),
                    "getCipherText :: " + decryptedJWT.getCipherText(),
                    "getIV :: " + decryptedJWT.getIV(),
                    "getAuthTag :: " + decryptedJWT.getAuthTag(),
                    "getState :: " + decryptedJWT.getState()
            });

            String payloadString = decryptedJWT.getPayload().toJSONObject().toString();
            // */


            // -----------------------------------------------
            // TODO [4] : [payloadString 토큰 널 체크 수행]
            // -----------------------------------------------
            if (C_Util.stringNotNull(payloadString) == true){
                returnData = payloadString;
            }
            else {
                M_LOG = "Error : payloadString Is Null";
            }

        }
        catch (Exception e){
            e.printStackTrace();

            M_LOG = "Exception : " + e.getMessage();
        }


        try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Decode :: " + returnData : "Decode :: null" ); } catch (Exception el){}

        S_Log._D_(ACTIVITY_NAME + " :: decodeAes128GcmJwe :: JWE 디코딩 수행", new String[]{"KEY :: " + AES128_GCM_KEY, String.valueOf(M_LOG)});


        return returnData;

    }






    // ------------------------------------------------------------------------------------------
    // TODO [AES GCM : JWE 인코딩 수행]
    // ------------------------------------------------------------------------------------------
    // TODO [Call Method]
    // ------------------------------------------------------------------------------------------
    /*
    JSONObject jsonObject = new JSONObject();
    jsonObject.put("iss", "App"); // [발급자]
    jsonObject.put("exp", "1743486179"); // [만료 시간]
    jsonObject.put("iat", "1743486119"); // [발급 시간]
    jsonObject.put("employeeNo", "T_1234567890"); // [사번]
    jsonObject.put("name", "투케이"); // [이름]

    C_JWE_Encryption_Module.encodeAes192GcmJwe(String.valueOf(jsonObject));
    */
    // ------------------------------------------------------------------------------------------
    // TODO [Return Data]
    // ------------------------------------------------------------------------------------------
    /*
    ===================================================================
    [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.encodeAes192GcmJwe(C_JWE_Encryption_Module.java:531)]
    ----------------------------------------------------
    [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: encodeAes192GcmJwe :: JWE 인코딩 수행]
    ----------------------------------------------------
    [LOG :: KEY :: 0123456789abcdef01234567]
    ----------------------------------------------------
    [LOG :: Encode :: eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTE5MkdDTSIsInRhZyI6IkF2WVBGLU1Qc0RkTnVnSTdKTW8tekEiLCJhbGciOiJBMTkyR0NNS1ciLCJpdiI6Im5hSTdwYzN2SFFxYVd6NVoifQ.nVPkXhut8hdDJKZcISM3Fw2XUSNelInw.PQjx6cSEqSMXEa9F.Mz7SvaD5sj-hGEbjSGbIO9krQF8CD04VdWLr9sUzZfmbrY61MD_7I_De4VU8FU-naobbZNs5vBL_lpJsITBL2liSjkpx_CYwI0Z2MXhy2-XOS2Z44NGmPHj-rXydO7ROOsk.wZIQ6dGRNG_cRQEuBozJ5A]
    ===================================================================
    */
    // ------------------------------------------------------------------------------------------
    public static String encodeAes192GcmJwe(String payload){

        String returnData = null; // [Return 데이터]
        String M_LOG = null; // [Log 데이터]

        try {

            // -----------------------------------------------
            // TODO [1] : [key >> Byte 변환]
            // -----------------------------------------------
            byte keyBytes [] = AES192_GCM_KEY.getBytes(StandardCharsets.UTF_8);


            // -----------------------------------------------
            // TODO [2] : [SecretKey 가져오기]
            // -----------------------------------------------
            SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");


            // -----------------------------------------------
            // TODO [3] : [JWE 헤더 설정 : A128GCM 사용]
            // -----------------------------------------------
            /**
             * {
             *   "cty": "application/json",
             *   "typ": "JWE",
             *   "enc": "A192GCM",
             *   "tag": "SddQInhWp2DFzVFtMEDcSw", ------------> Random : 무결성 검증 Auth Tag 자동 생성
             *   "alg": "A192GCMKW",
             *   "iv": "qBQizBH5fvDRjgj_" --------------------> Random : 암호화 과정에서 사용된 초기화 벡터
             * }
             */
            // -----------------------------------------------
            JWEHeader header = new JWEHeader.Builder(
                    JWEAlgorithm.A192GCMKW, // TODO [alg : 알고 리즘]
                    EncryptionMethod.A192GCM) // TODO [enc : 인코딩 타입]
                    .type(new JOSEObjectType("JWE")) // TODO [typ : 타입]
                    .contentType("application/json") // TODO [cty : 컨텐츠 타입]
                    .build();


            // -----------------------------------------------
            // TODO [4] : [페이로드 지정]
            // -----------------------------------------------
            Payload payload_Object = new Payload(payload);


            // -----------------------------------------------
            // TODO [5] : [JWEObject 생성] / [인코딩 수행 실시]
            // -----------------------------------------------
            //*
            JWEObject jweObject = new JWEObject(header, payload_Object);

            //jweObject.encrypt(new DirectEncrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
            jweObject.encrypt(new AESEncrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A192GCMKW]

            S_Log._D_(ACTIVITY_NAME + " :: encodeAes192GcmJwe :: JWEObject 정보 확인", new String[]{
                    "getHeader :: " + jweObject.getHeader(),
                    "getEncryptedKey :: " + jweObject.getEncryptedKey(),
                    "getCipherText :: " + jweObject.getCipherText(),
                    "getIV :: " + jweObject.getIV(),
                    "getAuthTag :: " + jweObject.getAuthTag(),
                    "getState :: " + jweObject.getState()
            });

            String jweString = jweObject.serialize(); // TODO [JWE Encode String]
            // */


            // -----------------------------------------------
            // TODO [6] : [JWE 토큰 널 체크 수행]
            // -----------------------------------------------
            if (C_Util.stringNotNull(jweString) == true){
                returnData = jweString;
            }
            else {
                M_LOG = "Error : jweString Is Null";
            }

        }
        catch (Exception e){
            e.printStackTrace();

            M_LOG = "Exception : " + e.getMessage();
        }


        try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Encode :: " + returnData : "Encode :: null" ); } catch (Exception el){}

        S_Log._D_(ACTIVITY_NAME + " :: encodeAes192GcmJwe :: JWE 인코딩 수행", new String[]{"KEY :: " + AES192_GCM_KEY, String.valueOf(M_LOG)});


        return returnData;

    }





    // ------------------------------------------------------------------------------------------
    // TODO [AES GCM : JWE 디코딩 수행]
    // ------------------------------------------------------------------------------------------
    // TODO [Call Method]
    // ------------------------------------------------------------------------------------------
    /*
    String jweString = "eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTE5MkdDTSIsInRhZyI6IkF2WVBGLU1Qc0RkTnVnSTdKTW8tekEiLCJhbGciOiJBMTkyR0NNS1ciLCJpdiI6Im5hSTdwYzN2SFFxYVd6NVoifQ.nVPkXhut8hdDJKZcISM3Fw2XUSNelInw.PQjx6cSEqSMXEa9F.Mz7SvaD5sj-hGEbjSGbIO9krQF8CD04VdWLr9sUzZfmbrY61MD_7I_De4VU8FU-naobbZNs5vBL_lpJsITBL2liSjkpx_CYwI0Z2MXhy2-XOS2Z44NGmPHj-rXydO7ROOsk.wZIQ6dGRNG_cRQEuBozJ5A";

    C_JWE_Encryption_Module.decodeAes192GcmJwe(jweString);
    */
    // ------------------------------------------------------------------------------------------
    // TODO [Return Data]
    // ------------------------------------------------------------------------------------------
    /*
    ===================================================================
    [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.decodeAes192GcmJwe(C_JWE_Encryption_Module.java:622)]
    ----------------------------------------------------
    [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: decodeAes192GcmJwe :: JWE 디코딩 수행]
    ----------------------------------------------------
    [LOG :: KEY :: 0123456789abcdef01234567]
    ----------------------------------------------------
    [LOG :: Decode :: {iss=App, exp=1743486179, iat=1743486119, employeeNo=T_1234567890, name=투케이}]
    ===================================================================
    */
    // ------------------------------------------------------------------------------------------
    public static String decodeAes192GcmJwe(String jweString){

        String returnData = null; // [Return 데이터]
        String M_LOG = null; // [Log 데이터]

        try {

            // -----------------------------------------------
            // TODO [1] : [key >> Byte 변환]
            // -----------------------------------------------
            byte keyBytes [] = AES192_GCM_KEY.getBytes(StandardCharsets.UTF_8);


            // -----------------------------------------------
            // TODO [2] : [SecretKey 가져오기]
            // -----------------------------------------------
            SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");


            // -----------------------------------------------
            // TODO [3] : [EncryptedJWT 생성] / [디코딩 수행 실시]
            // -----------------------------------------------
            // TODO 참고 : AESDecrypter 을 사용해 단독 디코딩 수행 시 getEncryptedKey, getIV 파싱 후 복호화 필요
            // -----------------------------------------------
            //*
            EncryptedJWT decryptedJWT = EncryptedJWT.parse(jweString);
            //JWEObject decryptedJWT = JWEObject.parse(jweString);

            //decryptedJWT.decrypt(new DirectDecrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
            decryptedJWT.decrypt(new AESDecrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A192GCMKW]

            S_Log._D_(ACTIVITY_NAME + " :: decodeAes192GcmJwe :: EncryptedJWT.parse 정보 확인", new String[]{
                    "getHeader :: " + decryptedJWT.getHeader(),
                    "getEncryptedKey :: " + decryptedJWT.getEncryptedKey(),
                    "getCipherText :: " + decryptedJWT.getCipherText(),
                    "getIV :: " + decryptedJWT.getIV(),
                    "getAuthTag :: " + decryptedJWT.getAuthTag(),
                    "getState :: " + decryptedJWT.getState()
            });

            String payloadString = decryptedJWT.getPayload().toJSONObject().toString();
            // */


            // -----------------------------------------------
            // TODO [4] : [payloadString 토큰 널 체크 수행]
            // -----------------------------------------------
            if (C_Util.stringNotNull(payloadString) == true){
                returnData = payloadString;
            }
            else {
                M_LOG = "Error : payloadString Is Null";
            }

        }
        catch (Exception e){
            e.printStackTrace();

            M_LOG = "Exception : " + e.getMessage();
        }


        try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Decode :: " + returnData : "Decode :: null" ); } catch (Exception el){}

        S_Log._D_(ACTIVITY_NAME + " :: decodeAes192GcmJwe :: JWE 디코딩 수행", new String[]{"KEY :: " + AES192_GCM_KEY, String.valueOf(M_LOG)});


        return returnData;

    }





    // ------------------------------------------------------------------------------------------
    // TODO [AES GCM : JWE 인코딩 수행]
    // ------------------------------------------------------------------------------------------
    // TODO [Call Method]
    // ------------------------------------------------------------------------------------------
    /*
    JSONObject jsonObject = new JSONObject();
    jsonObject.put("iss", "App"); // [발급자]
    jsonObject.put("exp", "1743486179"); // [만료 시간]
    jsonObject.put("iat", "1743486119"); // [발급 시간]
    jsonObject.put("employeeNo", "T_1234567890"); // [사번]
    jsonObject.put("name", "투케이"); // [이름]

    C_JWE_Encryption_Module.encodeAes256GcmJwe(String.valueOf(jsonObject));
    */
    // ------------------------------------------------------------------------------------------
    // TODO [Return Data]
    // ------------------------------------------------------------------------------------------
    /*
    D///===========//: ================================================
    I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.encodeAes256GcmJwe(C_JWE_Encryption_Module.java:532)]
    I/: ----------------------------------------------------
    I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: encodeAes256GcmJwe :: JWE 인코딩 수행]
    I/: ----------------------------------------------------
    I/: [LOG :: KEY :: 0123456789abcdef0123456789abcdef]
    I/: ----------------------------------------------------
    I/: [LOG :: Encode :: eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTI1NkdDTSIsInRhZyI6IlNpSHZYTG80cTI1YWtQRFJlUUNsZFEiLCJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ijd4MjZfRXU2WkUzUGpVSk8ifQ.eCRJcf8caoVZxu9JU6cGSb-T1jijbhgdiHcj-exh4v8.Py6XijHl4h2gnIVU.odlLdIhawgDzGiCdXHaxwdSlkErnTJR2g-g_3hsLQ_sqINNsAIQSxkx04LFF81BpIeyJvkTLbKI9Gxu3fpk81BVIodETpZM4f6fA6FTfd2fZNh-25YmxWf3cfcqtrD39X_w.vf_Mldxxn1VpnViVT-rrSQ]
    D///===========//: ================================================
    */
    // ------------------------------------------------------------------------------------------
    public static String encodeAes256GcmJwe(String payload){

        String returnData = null; // [Return 데이터]
        String M_LOG = null; // [Log 데이터]

        try {

            // -----------------------------------------------
            // TODO [1] : [key >> Byte 변환]
            // -----------------------------------------------
            byte keyBytes [] = AES256_GCM_KEY.getBytes(StandardCharsets.UTF_8);


            // -----------------------------------------------
            // TODO [2] : [SecretKey 가져오기]
            // -----------------------------------------------
            SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");


            // -----------------------------------------------
            // TODO [3] : [JWE 헤더 설정 : A256GCM 사용]
            // -----------------------------------------------
            /**
             * {
             *   "cty": "application/json",
             *   "typ": "JWE",
             *   "enc": "A256GCM",
             *   "tag": "SddQInhWp2DFzVFtMEDcSw", ------------> Random : 무결성 검증 Auth Tag 자동 생성
             *   "alg": "A256GCMKW",
             *   "iv": "qBQizBH5fvDRjgj_" --------------------> Random : 암호화 과정에서 사용된 초기화 벡터
             * }
             */
            // -----------------------------------------------
            JWEHeader header = new JWEHeader.Builder(
                    JWEAlgorithm.A256GCMKW, // TODO [alg : 알고 리즘]
                    EncryptionMethod.A256GCM) // TODO [enc : 인코딩 타입]
                    .type(new JOSEObjectType("JWE")) // TODO [typ : 타입]
                    .contentType("application/json") // TODO [cty : 컨텐츠 타입]
                    .build();


            // -----------------------------------------------
            // TODO [4] : [페이로드 지정]
            // -----------------------------------------------
            Payload payload_Object = new Payload(payload);


            // -----------------------------------------------
            // TODO [5] : [JWEObject 생성] / [인코딩 수행 실시]
            // -----------------------------------------------
            //*
            JWEObject jweObject = new JWEObject(header, payload_Object);

            //jweObject.encrypt(new DirectEncrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
            jweObject.encrypt(new AESEncrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A256GCMKW]

            S_Log._D_(ACTIVITY_NAME + " :: encodeAes256GcmJwe :: JWEObject 정보 확인", new String[]{
                    "getHeader :: " + jweObject.getHeader(),
                    "getEncryptedKey :: " + jweObject.getEncryptedKey(),
                    "getCipherText :: " + jweObject.getCipherText(),
                    "getIV :: " + jweObject.getIV(),
                    "getAuthTag :: " + jweObject.getAuthTag(),
                    "getState :: " + jweObject.getState()
            });

            String jweString = jweObject.serialize(); // TODO [JWE Encode String]
            // */


            // -----------------------------------------------
            // TODO [6] : [JWE 토큰 널 체크 수행]
            // -----------------------------------------------
            if (C_Util.stringNotNull(jweString) == true){
                returnData = jweString;
            }
            else {
                M_LOG = "Error : jweString Is Null";
            }

        }
        catch (Exception e){
            e.printStackTrace();

            M_LOG = "Exception : " + e.getMessage();
        }


        try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Encode :: " + returnData : "Encode :: null" ); } catch (Exception el){}

        S_Log._D_(ACTIVITY_NAME + " :: encodeAes256GcmJwe :: JWE 인코딩 수행", new String[]{"KEY :: " + AES256_GCM_KEY, String.valueOf(M_LOG)});


        return returnData;

    }





    // ------------------------------------------------------------------------------------------
    // TODO [AES GCM : JWE 디코딩 수행]
    // ------------------------------------------------------------------------------------------
    // TODO [Call Method]
    // ------------------------------------------------------------------------------------------
    /*
    String jweString = "eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwidHlwIjoiSldFIiwiZW5jIjoiQTI1NkdDTSIsInRhZyI6IlNpSHZYTG80cTI1YWtQRFJlUUNsZFEiLCJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ijd4MjZfRXU2WkUzUGpVSk8ifQ.eCRJcf8caoVZxu9JU6cGSb-T1jijbhgdiHcj-exh4v8.Py6XijHl4h2gnIVU.odlLdIhawgDzGiCdXHaxwdSlkErnTJR2g-g_3hsLQ_sqINNsAIQSxkx04LFF81BpIeyJvkTLbKI9Gxu3fpk81BVIodETpZM4f6fA6FTfd2fZNh-25YmxWf3cfcqtrD39X_w.vf_Mldxxn1VpnViVT-rrSQ";

    C_JWE_Encryption_Module.decodeAes256GcmJwe(jweString);
    */
    // ------------------------------------------------------------------------------------------
    // TODO [Return Data]
    // ------------------------------------------------------------------------------------------
    /*
    D///===========//: ================================================
    I/: [LOG :: CLASS PLACE :: com.example.javaproject.C_Module.C_JWE_Encryption_Module.decodeAes256GcmJwe(C_JWE_Encryption_Module.java:654)]
    I/: ----------------------------------------------------
    I/: [LOG :: DESCRIPTION :: C_JWE_Encryption_Module :: decodeAes256GcmJwe :: JWE 디코딩 수행]
    I/: ----------------------------------------------------
    I/: [LOG :: KEY :: 0123456789abcdef0123456789abcdef]
    I/: ----------------------------------------------------
    I/: [LOG :: Decode :: {iss=App, exp=1743486179, iat=1743486119, employeeNo=T_1234567890, name=투케이}]
    D///===========//: ================================================
    */
    // ------------------------------------------------------------------------------------------
    public static String decodeAes256GcmJwe(String jweString){

        String returnData = null; // [Return 데이터]
        String M_LOG = null; // [Log 데이터]

        try {

            // -----------------------------------------------
            // TODO [1] : [key >> Byte 변환]
            // -----------------------------------------------
            byte keyBytes [] = AES256_GCM_KEY.getBytes(StandardCharsets.UTF_8);


            // -----------------------------------------------
            // TODO [2] : [SecretKey 가져오기]
            // -----------------------------------------------
            SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES");


            // -----------------------------------------------
            // TODO [3] : [EncryptedJWT 생성] / [디코딩 수행 실시]
            // -----------------------------------------------
            // TODO 참고 : AESDecrypter 을 사용해 단독 디코딩 수행 시 getEncryptedKey, getIV 파싱 후 복호화 필요
            // -----------------------------------------------
            //*
            EncryptedJWT decryptedJWT = EncryptedJWT.parse(jweString);
            //JWEObject decryptedJWT = JWEObject.parse(jweString);

            //decryptedJWT.decrypt(new DirectDecrypter(secretKeySpec)); // TODO [알고리즘 : DIR]
            decryptedJWT.decrypt(new AESDecrypter(secretKeySpec)); // TODO [알고리즘 : JWEAlgorithm.A256GCMKW]

            S_Log._D_(ACTIVITY_NAME + " :: decodeAes256GcmJwe :: EncryptedJWT.parse 정보 확인", new String[]{
                    "getHeader :: " + decryptedJWT.getHeader(),
                    "getEncryptedKey :: " + decryptedJWT.getEncryptedKey(),
                    "getCipherText :: " + decryptedJWT.getCipherText(),
                    "getIV :: " + decryptedJWT.getIV(),
                    "getAuthTag :: " + decryptedJWT.getAuthTag(),
                    "getState :: " + decryptedJWT.getState()
            });

            String payloadString = decryptedJWT.getPayload().toJSONObject().toString();
            // */


            // -----------------------------------------------
            // TODO [4] : [payloadString 토큰 널 체크 수행]
            // -----------------------------------------------
            if (C_Util.stringNotNull(payloadString) == true){
                returnData = payloadString;
            }
            else {
                M_LOG = "Error : payloadString Is Null";
            }

        }
        catch (Exception e){
            e.printStackTrace();

            M_LOG = "Exception : " + e.getMessage();
        }


        try { M_LOG = (M_LOG != null) ? M_LOG : ( (returnData != null) ? "Decode :: " + returnData : "Decode :: null" ); } catch (Exception el){}

        S_Log._D_(ACTIVITY_NAME + " :: decodeAes256GcmJwe :: JWE 디코딩 수행", new String[]{"KEY :: " + AES256_GCM_KEY, String.valueOf(M_LOG)});


        return returnData;

    }


} // TODO [클래스 종료]
 
반응형
Comments