[BOOK-76] refactor: 토끼 리뷰 반영

Cipher는 thread-safe 하지 않고, 한 번 doFinal() 호출 후 내부 상태가 변경되기 때문에 Singleton 클래스 내에서 필드로 보관하면 위험함(다중 호출 시 IllegalStateException 이나 경쟁 상태가 발생할 수 있음)

Author: seoyoon513

core/datastore/impl/src/main/kotlin/com/ninecraft/booket/core/datastore/impl/security/CryptoManager.kt

@@ -13,13 +13,14 @@ import javax.inject.Singleton
 
 @Singleton
 class CryptoManager @Inject constructor() {
-    private val cipher = Cipher.getInstance(TRANSFORMATION)
     private val keyStore = KeyStore
         .getInstance("AndroidKeyStore")
         .apply {
             load(null)
         }
 
+    private fun newCipher() = Cipher.getInstance(TRANSFORMATION)
+
     private fun getKey(): SecretKey {
         val existingKey = keyStore
             .getEntry(KEY_ALIAS, null) as? KeyStore.SecretKeyEntry
@@ -47,6 +48,7 @@ class CryptoManager @Inject constructor() {
     }
 
     fun encrypt(plainText: String): String {
+        val cipher = newCipher()
         cipher.init(Cipher.ENCRYPT_MODE, getKey())
         val iv = cipher.iv
         val encryptedBytes = cipher.doFinal(plainText.toByteArray())
@@ -58,6 +60,7 @@ class CryptoManager @Inject constructor() {
         val combined = Base64.decode(encodedText, Base64.NO_WRAP)
         val iv = combined.copyOfRange(0, IV_SIZE)
         val encrypted = combined.copyOfRange(IV_SIZE, combined.size)
+        val cipher = newCipher()
         cipher.init(Cipher.DECRYPT_MODE, getKey(), IvParameterSpec(iv))
         val decryptedString = String(cipher.doFinal(encrypted))
         return decryptedString