dev

src/main/java/com/its/op/entity/its/oper/TbWwwMember.java

@@ -1,21 +1,19 @@
 package com.its.op.entity.its.oper;
 
 import com.its.op.dto.its.oper.TbWwwMemberDto;
-import com.its.utils.AES256Util;
+import com.its.utils.SHA256Util;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
-import org.apache.commons.codec.binary.Base64;
 
 import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.Id;
 import javax.persistence.Table;
 import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
 
 /**
  * 웹 사용자 정보 Entity Class
@@ -91,18 +89,12 @@ public class TbWwwMember implements Serializable {
     public String encodePassword(String password) {
         String encodePassword = "";
         try {
-            AES256Util aes = new AES256Util(AES256Util.DEFAULT_KEY);
-            byte[] data = aes.aesEncode(this.pwd);
-            //encodePassword = new String(data);
-            encodePassword = new String(Base64.encodeBase64(data));
-        } catch (UnsupportedEncodingException e) {
-            encodePassword = this.pwd;
-        } catch (Exception e) {
+            encodePassword = SHA256Util.encrypt(password);
+        } catch (RuntimeException e) {
             encodePassword = this.pwd;
         }
         return encodePassword;
     }
-
     public void setAccountLockFree() {
         this.loginFailCount = 0;
         this.isAccountLock = "N";

src/main/java/com/its/utils/SHA256Util.java

@@ -10,8 +10,8 @@ public class SHA256Util {
     private static final String algorithm = "SHA-256";
     private static final String saltAlgorithm = "SHA1PRNG";
 
-    public static String encrypt(String text) {
-        StringBuffer sb = new StringBuffer();
+    public static String encrypt(String text) throws RuntimeException {
+        StringBuilder sb = new StringBuilder();
         try {
             MessageDigest md = MessageDigest.getInstance(algorithm);
             md.update(text.getBytes());
@@ -20,25 +20,48 @@ public class SHA256Util {
                 sb.append(String.format("%02x", b & 0xFF));
             }
         } catch (NoSuchAlgorithmException e) {
-            return "";
+            throw new RuntimeException();
         }
         return sb.toString();
     }
 
-    public static String getSalt() {
+    public static String encrypt2(String planText) {
+        try {
+            MessageDigest md = MessageDigest.getInstance("SHA-256");
+            md.update(planText.getBytes());
+            byte byteData[] = md.digest();
+            StringBuffer sb = new StringBuffer();
+            for (int i = 0; i < byteData.length; i++) {
+                sb.append(Integer.toString((byteData[i] & 0xff) + 0x100, 16).substring(1));
+            }
+            StringBuffer hexString = new StringBuffer();
+            for (int i = 0; i < byteData.length; i++) {
+                String hex = Integer.toHexString(0xff & byteData[i]);
+                if (hex.length() == 1) {
+                    hexString.append('0');
+                }
+                hexString.append(hex);
+            }
+            return hexString.toString();
+        } catch (Exception e) {
+            throw new RuntimeException();
+        }
+    }
+
+    public static String getSalt() throws RuntimeException {
         String salt;
         try {
             SecureRandom random = SecureRandom.getInstance(saltAlgorithm);
-            byte[] bytes = new byte[16];
-            random.nextBytes(bytes);
-            salt = new String(Base64.getEncoder().encode(bytes));
+            byte[] data = new byte[20];
+            random.nextBytes(data);
+            salt = new String(Base64.getEncoder().encode(data));
         } catch (NoSuchAlgorithmException e) {
-            return "1234567890";
+            throw new RuntimeException();
         }
         return salt;
     }
 
-    public static String encrypt(String text, String salt) {
+    public static String encrypt(String text, String salt) throws RuntimeException {
         String saltText = text + salt;
         StringBuffer sb = new StringBuffer();
         try {
@@ -49,7 +72,7 @@ public class SHA256Util {
                 sb.append(String.format("%02x", b & 0xFF));
             }
         } catch (NoSuchAlgorithmException e) {
-            return "";
+            throw new RuntimeException();
         }
         return sb.toString();
     }

src/test/java/com/its/op/ItsOpServerApplicationTests.java

@@ -1,6 +1,7 @@
 package com.its.op;
 
 import com.its.utils.AES256Util;
+import com.its.utils.SHA256Util;
 import lombok.extern.slf4j.Slf4j;
 import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
 import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
@@ -15,6 +16,11 @@ import java.time.format.DateTimeFormatter;
 @SpringBootTest
 public class ItsOpServerApplicationTests {
 
+    @Test
+    void encrypt() {
+        log.error("{}", SHA256Util.encrypt("admin12#$!"));
+        log.error("{}", SHA256Util.encrypt2("admin12#$!"));
+    }
     void reference1() {
         String name = "test";
         LocalDateTime ldt = LocalDateTime.now();