보안|개인정보 보호 및 암호화

Development

보안|개인정보 보호 및 암호화

어느가을빛 2010. 7. 26. 15:38

1. 단방향 암호화: SHA-512 알고리즘 사용

- 대상: 비밀번호

2. 양방향 암호화: AES256 알고리즘 사용

- 대상: 성명, 주소, 이메일, 핸드폰, 주민번호, 카드번호, 계좌번호 등

JAVA AES256 알고리즘

import sun.misc.BASE64Encoder;
import sun.misc.BASE64Decoder;

import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.io.*;
import java.security.NoSuchAlgorithmException;

public class AES256 {
public static SecretKeySpec getKeySpec() throws IOException, NoSuchAlgorithmException {
byte[] bytes = new byte[32];
SecretKey key = null;
SecretKeySpec spec = null;
/*
File f = new File("aes_key");
   if (f.exists()) {
new FileInputStream(f).read(bytes);
} else {
   KeyGenerator kgen = KeyGenerator.getInstance("AES");
   kgen.init(256);
   key = kgen.generateKey();
   bytes1 = key.getEncoded();
   new FileOutputStream(f).write(bytes1);
}
*/
   String keyStr="암호화된 대칭키";
   bytes = Base64Utils.base64Decode(keyStr);

spec = new SecretKeySpec(bytes,"AES");
return spec;
}

public String encrypt(String text) throws Exception {
SecretKeySpec spec = getKeySpec();
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, spec);
BASE64Encoder enc = new BASE64Encoder();

return enc.encode(cipher.doFinal(text.getBytes())).toString();
}
public String decrypt(String text) throws Exception {
SecretKeySpec spec = getKeySpec();
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, spec);
BASE64Decoder dec = new BASE64Decoder();
return new String(cipher.doFinal(dec.decodeBuffer(text)));
}
public static void main(String[] args) throws Exception {
String mode = "encrypt";
String text = "!mpluse0218";
   String encText = "";
   String decText = "";
   AES256 aes = new AES256();
encText=aes.encrypt(text);
   System.out.println("5ClhQFro0UAI+LrZkilamw==");
      System.out.println("enc::"+encText);
   decText = aes.decrypt(encText);
   System.out.println("dec::"+decText);
}
}

SHA512 알고리즘

http://www.docjar.com/html/api/gnu/java/security/hash/Sha512.java.html
http://blog.fethilale.com/sha512-hashing-on-java/

JAVA MessageDigest Class 활용한 방법

http://java.sun.com/j2se/1.4.2/docs/api/java/security/MessageDigest.html (JavaTM 2 Platform Std. Ed. v1.4.2)

This MessageDigest class provides applications the functionality of a message digest algorithm, such as MD5 or SHA. Message digests are secure one-way hash functions that take arbitrary-sized data and output a fixed-length hash value.

import java.security.*;
 
public class cryptotest {
    public static void main(String[] args) throws NoSuchAlgorithmException {
        MessageDigest md;
        String message = "password";
        try {
            md= MessageDigest.getInstance("SHA-512");
 
            md.update(message.getBytes());
            byte[] mb = md.digest();
            String out = "";
            for (int i = 0; i < mb.length; i++) {
                byte temp = mb[i];
                String s = Integer.toHexString(new Byte(temp));
                while (s.length() < 2) {ㄴ
                    s = "0" + s;
                }
                s = s.substring(s.length() - 2);
                out += s;
            }
            System.out.println(out.length());
            System.out.println("CRYPTO: " + out);
 
        } catch (NoSuchAlgorithmException e) {
            System.out.println("ERROR: " + e.getMessage());
        }
    }
}

If you want to hash password with SHA256, you can change the line:

md= 

MessageDigest.getInstance("SHA-512");

md= MessageDigest.getInstance("SHA-256");

For others:

md= MessageDigest.getInstance("MD5");
md= MessageDigest.getInstance("SHA");
md= MessageDigest.getInstance("SHA-1");
md= MessageDigest.getInstance("SHA-384");

저작자표시 비영리 변경금지