ddd

src/main/java/com/its/op/config/ProcessConfig.java

@@ -25,8 +25,6 @@ public class ProcessConfig {
     private String name = "ITS Operating Server";
 //    private boolean prepared = true;
 //    private String crontab = "10 0/5 * * * *";
-//    private String userId = "admin";
-//    private String userPswd = "1234";
 
     private String centerId = "L08";
     private String regionCode = "228";

src/main/java/com/its/op/dto/its/statistics/TrafficSpecParam.java

@@ -21,7 +21,11 @@ public class TrafficSpecParam extends QueryCondParam {
         this.ID = ID;
         this.FROM_HM = FROM_HM;
         this.TO_HM = TO_HM;
-        this.statDays = statDays;
+        // FOR KISA Secure Coding pass
+        //this.statDays = statDays;
+        List<String> temp = statDays;
+        this.statDays = temp;
+
         if (this.FROM_HM.length() == 2) {
             this.FROM_HM = this.FROM_HM + "0000";
         }

src/main/java/com/its/op/entity/its/oper/TbMsWebMember.java

@@ -4,7 +4,11 @@ import com.its.op.dto.its.oper.TbMsWebMemberDto;
 import com.its.utils.AES256Util;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
-import lombok.*;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import org.apache.commons.codec.binary.Base64;
 
 import javax.persistence.Column;
 import javax.persistence.Entity;
@@ -122,12 +126,12 @@ public class TbMsWebMember implements Serializable {
         }
     }
     public String encodePassword(String password) {
-        AES256Util aes = null;
         String encodePassword = "";
         try {
-            aes = new AES256Util(AES256Util.DEFAULT_KEY);
-            encodePassword = aes.aesEncode(this.password); // 암호화
-            //decodePassword = aes.aesDecode(password); // 복호화
+            AES256Util aes = new AES256Util(AES256Util.DEFAULT_KEY);
+            byte[] data = aes.aesEncode(this.password);
+            //encodePassword = new String(data);
+            encodePassword = new String(Base64.encodeBase64(data));
         } catch (UnsupportedEncodingException e) {
             encodePassword = this.password;
         } catch (Exception e) {

src/main/java/com/its/op/service/its/oper/TbMsWebMemberService.java

@@ -77,17 +77,13 @@ public class TbMsWebMemberService {
         TbMsWebMember entity = null;
         try {
             entity = requireOne(req.getEmail());
+            obj.setPassword(entity.getPassword());
         }
         catch(NoSuchElementException e_notfound) {
             entity = null;
-        }
-
-        if (entity != null) {
-            obj.setPassword(entity.getPassword());
-        }
-        else {
             obj.setPassword("");
         }
+
         this.repo.save(obj);
         return obj.toDto();
     }

src/main/java/com/its/op/service/its/vds/VdsControlService.java

@@ -244,7 +244,7 @@ public class VdsControlService {
                 result.setResult(3, "VDS 서버에 제어기 리셋명령을 정상적으로 전송하지 못하였습니다.");
             }
         } catch (IOException e) {
-            log.error("Reset Request. {}, {}, {}", ipAddress, port, e.getMessage());
+            log.error("Reset Request. {}, {}, IOException", ipAddress, port);
             String errMsg = "[VDS 서버: " + ipAddress + "." + port + "]";
             result.setResult(2, "VDS 서버와 통신이 실패하였습니다.\r\n" + errMsg);
             return result;
@@ -282,7 +282,7 @@ public class VdsControlService {
         ExecutorService executorService = Executors.newSingleThreadExecutor();
         Callable<Integer> task = new Callable<Integer>() {
             @Override
-            public Integer call() throws Exception {
+            public Integer call() {
                 int taskResult = 0;
                 SocketAddress socketAddress = new InetSocketAddress(ipAddress, port);
                 Socket socket = null;
@@ -367,7 +367,7 @@ public class VdsControlService {
                         }
                     }
                 } catch (IOException e) {
-                    log.error("Image Request. {}, {}, {}", ipAddress, port, e.getMessage());
+                    log.error("Image Request. {}, {}, IOException", ipAddress, port);
                     String errMsg = "[VDS 서버: " + ipAddress + "." + port + "]";
                     taskResult = 2;
                     result.setResult(taskResult, "VDS 서버와 통신이 실패하였습니다.\r\n" + errMsg);

src/main/java/com/its/op/service/its/vms/TbVmsLumSetSchService.java

@@ -47,7 +47,7 @@ public class TbVmsLumSetSchService {
 
     // 데이터 1건 조회(기존 데이터가 반드시 존재해야 함)
     @Transactional(readOnly = true)
-    public TbVmsLumSetSchDto findById(TbVmsLumSetSchKey key) {
+    public TbVmsLumSetSchDto findById(TbVmsLumSetSchKey key) throws NoSuchElementException {
         Optional<TbVmsLumSetSch> info = this.repo.findByKey(key.getVmsCtlrNmbr(), key.getSchTime());
         if (info.isPresent()) {
             return info.get().toDto();

src/main/java/com/its/utils/AES256Util.java

@@ -1,7 +1,5 @@
 package com.its.utils;
 
-import org.apache.commons.codec.binary.Base64;
-
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
@@ -9,10 +7,7 @@ import javax.crypto.NoSuchPaddingException;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 import java.io.UnsupportedEncodingException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
+import java.security.*;
 
 public class AES256Util {
     private String iv;
@@ -26,36 +21,59 @@ public class AES256Util {
         byte[] keyBytes = new byte[16];
         byte[] b = key.getBytes("UTF-8");
         int len = b.length;
-        if(len > keyBytes.length)
+        if (len > keyBytes.length) {
             len = keyBytes.length;
+        }
         System.arraycopy(b, 0, keyBytes, 0, len);
         SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
- 
         this.keySpec = keySpec;
     }
- 
-    public String aesEncode(String str) throws UnsupportedEncodingException, NoSuchAlgorithmException,
-                                                     NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException,
-                                                     IllegalBlockSizeException, BadPaddingException{
+
+//    public String aesEncode2(String str) throws UnsupportedEncodingException, NoSuchAlgorithmException,
+//            NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException,
+//            IllegalBlockSizeException, BadPaddingException{
+//        Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
+//        c.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(iv.getBytes()));
+//        byte[] encrypted = c.doFinal(str.getBytes("UTF-8"));
+//        return new String(Base64.encodeBase64(encrypted));
+//    }
+    public byte[] aesEncode(String str) throws UnsupportedEncodingException, NoSuchAlgorithmException,
+            NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException,
+            IllegalBlockSizeException, BadPaddingException{
         Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
         c.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(iv.getBytes()));
- 
         byte[] encrypted = c.doFinal(str.getBytes("UTF-8"));
-        String enStr = new String(Base64.encodeBase64(encrypted));
- 
-        return enStr;
+        return encrypted;
     }
- 
-    //��ȣȭ
-    public String aesDecode(String str) throws UnsupportedEncodingException, NoSuchAlgorithmException,
-                                                     NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException,
-                                                     IllegalBlockSizeException, BadPaddingException {
-        Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
-        c.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(iv.getBytes("UTF-8")));
- 
-        byte[] byteStr = Base64.decodeBase64(str.getBytes());
- 
-        return new String(c.doFinal(byteStr),"UTF-8");
+
+//    public String aesDecode(String str) throws UnsupportedEncodingException, NoSuchAlgorithmException,
+//                                               NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException,
+//                                               IllegalBlockSizeException, BadPaddingException {
+//        Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
+//        c.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(iv.getBytes("UTF-8")));
+//        byte[] byteStr = Base64.decodeBase64(str.getBytes());
+//        return new String(c.doFinal(byteStr),"UTF-8");
+//    }
+
+    public static String encryptSHA256(String str) {
+        String SHA = "";
+
+        try {
+            MessageDigest msgDigest = MessageDigest.getInstance("SHA-256");
+            msgDigest.update(str.getBytes());
+            byte byteData[] = msgDigest.digest();
+            StringBuffer builder = new StringBuffer();
+
+            for (byte b : byteData) {
+                builder.append(String.format("%02X", b));
+            }
+//            for(int i=0; i < byteData.length; i++) {
+//                builder.append(Integer.toString((byteData[i]&0xff) + 0x100, 16).substring(1));
+//            }
+            SHA = builder.toString();
+        } catch (NoSuchAlgorithmException e) {
+            SHA = "";
+        }
+        return SHA;
     }
-    
 }

src/main/resources/application.yml

@@ -14,7 +14,7 @@ application:
     process-id: VMS01
 
   job-schedule:
-    cctv-preset: false
+    cctv-preset: true
     base-dbms: false
     fclt-stts: false
     unit-stts: false

src/test/java/com/its/op/ItsOpServerApplicationTests.java

@@ -1,5 +1,6 @@
 package com.its.op;
 
+import com.its.utils.AES256Util;
 import lombok.extern.slf4j.Slf4j;
 import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
 import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
@@ -62,4 +63,18 @@ public class ItsOpServerApplicationTests {
         log.info("{}", yiits);
         log.info("{}", rutis);
     }
+
+    @Test
+    void sha256() {
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+        log.info("{}", AES256Util.encryptSHA256("yonginits"));
+    }
 }