targetCert 추가

2 months ago · dd16efd8ec
parent 3a444ac31a
commit dd16efd8ec
2 changed files with 40 additions and 2 deletions
--- a/src/main/java/cokr/xit/interfaces/gpki/GPKI.java
+++ b/src/main/java/cokr/xit/interfaces/gpki/GPKI.java
@ -146,9 +146,12 @@ public class GPKI extends AbstractComponent {

 	private static void load(gpkiapi_jni gpki, String serverID) throws Exception {
 		X509Certificate cert = null;
-		String certFile = conf.certDir + File.separator + serverID + ".cer";
+
+		String certFile = conf.certDir + File.separator + conf.targetCert(serverID);
 		try {
 			cert = Disk.readCert(certFile);
+			if (cert != null)
+				log(GPKI.class).debug(certFile + " loaded");
 		} catch (GpkiApiException e) {
 			cert = null;
 		}
@ -165,6 +168,7 @@ public class GPKI extends AbstractComponent {

 			cert = new X509Certificate(gpki.baReturnArray);
 			Disk.writeCert(certFile, cert);
+			log(GPKI.class).debug(certFile + " downloaded");
 		}

 		if (cert != null)
@ -262,6 +266,19 @@ public class GPKI extends AbstractComponent {
 		gpki = null;
 	}

+	public boolean test(String serverID) {
+		String plain = "나랏말씀이 중국과 달라";
+		log().debug("plain text: {}", plain);
+
+		String encrypted = encrypt(serverID, plain);
+		log().debug("encrypted: {}", encrypted);
+
+		String decrypted = decrypt(encrypted);
+		log().debug("decrypted: {}", decrypted);
+
+		return plain.equals(decrypted);
+	}
+
 	/**GPKI 설정파일(intf-conf/gpki.conf)을 로드한다.
 	 * 설정 항목은 JSON 포맷으로 된 다음 내용을 적재한다.
 	 * <pre><code> {
@ -305,7 +322,9 @@ public class GPKI extends AbstractComponent {
 			charset,
 			license,
 			ldapUrl,
-			certDir;
+			certDir,
+			targetCert;
+
 		private Map<String, String>
 			server,
 			env,
@ -381,6 +400,24 @@ public class GPKI extends AbstractComponent {
 			this.certDir = certDir;
 		}

+		/**targetCert을(를) 반환한다.
+		 * @return targetCert
+		 */
+		public String getTargetCert() {
+			return ifEmpty(targetCert, () -> "{serverID}.cer");
+		}
+
+		public String targetCert(String serverID) {
+			return getTargetCert().replace("{serverID}", serverID);
+		}
+
+		/**targetCert을(를) 설정한다.
+		 * @param targetCert targetCert
+		 */
+		public void setTargetCert(String targetCert) {
+			this.targetCert = targetCert;
+		}
+
 		/**server을(를) 반환한다.
 		 * @return server
 		 */
--- a/src/main/resources/intf-conf/gpki.conf
+++ b/src/main/resources/intf-conf/gpki.conf
@ -11,6 +11,7 @@
 	"ldapUrl": "ldap://10.1.7.118:389/cn=",     /* 대상기관 인증서 다운로드를 위한 행정망 LDAP URL */
 	/*"ldapUrl": "ldap://152.99.57.127:389/cn=",   대상기관 인증서 다운로드를 위한 인터넷망 LDAP URL */
 	"certDir": "C:\\GPKI\\Certificate\\class1", /* 서버 인증서, 키 저장 디렉토리 */
+	"targetCert": "{serverID}.cer",             /* 대상기관 서버인증서 이름 패턴 */

 	"env": {                                    /* 이용기관 서버 인증서 */
 		"certFile": "SVR3910262001_env.cer",