首先,我的目的是解密他的post,在APK中找到了这段代码,麻烦大神们给看看他这个key,还有偏移值是怎么计算出来的。
代码如下:
[Java] 纯文本查看 复制代码 package com.cmic.sso.sdk.d;
import com.google.devtools.build.android.desugar.runtime.ThrowableExtension;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public class a {
public static String a(byte[] arg5, String arg6) {
String v0_2;
try {
SecretKeySpec v0_1 = new SecretKeySpec(arg5, "AES");
Cipher v1 = Cipher.getInstance("AES/CBC/PKCS5Padding");
v1.init(1, ((Key)v0_1), new IvParameterSpec(new byte[v1.getBlockSize()]));
v0_2 = b.a(v1.doFinal(arg6.getBytes("UTF-8")));
}
catch(Exception v0) {
ThrowableExtension.printStackTrace(((Throwable)v0));
v0_2 = null;
}
return v0_2;
}
public static byte[] a() {
byte[] v0 = new byte[16];
new SecureRandom().nextBytes(v0);
return v0;
}
public static String b(byte[] arg6, String arg7) {
String v0_2;
try {
byte[] v0_1 = b.a(arg7);
SecretKeySpec v1 = new SecretKeySpec(arg6, "AES");
Cipher v2 = Cipher.getInstance("AES/CBC/PKCS5Padding");
v2.init(2, ((Key)v1), new IvParameterSpec(new byte[v2.getBlockSize()]));
v0_2 = new String(v2.doFinal(v0_1), "UTF-8");
}
catch(Exception v0) {
ThrowableExtension.printStackTrace(((Throwable)v0));
v0_2 = null;
}
return v0_2;
}
}
下面是他调用的b.a的代码:
[Java] 纯文本查看 复制代码 package com.cmic.sso.sdk.d;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
public class b {
private static final char[] a;
static {
b.a = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".toCharArray();
}
public static String a(byte[] arg9) {
int v4 = arg9.length;
StringBuffer v5 = new StringBuffer(arg9.length * 3 / 2);
int v6 = v4 - 3;
int v2 = 0;
int v0;
for(v0 = 0; v0 <= v6; v0 = v3) {
int v3 = (arg9[v0] & 255) << 16 | (arg9[v0 + 1] & 255) << 8 | arg9[v0 + 2] & 255;
v5.append(b.a[v3 >> 18 & 63]);
v5.append(b.a[v3 >> 12 & 63]);
v5.append(b.a[v3 >> 6 & 63]);
v5.append(b.a[v3 & 63]);
v3 = v0 + 3;
v0 = v2 + 1;
if(v2 >= 14) {
v5.append(" ");
v0 = 0;
}
v2 = v0;
}
if(v0 == -2 + v4) {
v0 = (arg9[v0 + 1] & 255) << 8 | (arg9[v0] & 255) << 16;
v5.append(b.a[v0 >> 18 & 63]);
v5.append(b.a[v0 >> 12 & 63]);
v5.append(b.a[v0 >> 6 & 63]);
v5.append("=");
}
else if(v0 == -1 + v4) {
v0 = (arg9[v0] & 255) << 16;
v5.append(b.a[v0 >> 18 & 63]);
v5.append(b.a[v0 >> 12 & 63]);
v5.append("==");
}
return v5.toString();
}
public static byte[] a(String arg5) {
ByteArrayOutputStream v0 = new ByteArrayOutputStream();
try {
b.a(arg5, ((OutputStream)v0));
}
catch(IOException v0_1) {
throw new RuntimeException();
}
byte[] v1 = v0.toByteArray();
try {
v0.close();
}
catch(IOException v0_1) {
System.err.println("Error while decoding BASE64: " + v0_1.toString());
}
return v1;
}
private static int a(char arg3) {
int v0;
if(arg3 < 65 || arg3 > 90) {
if(arg3 >= 97 && arg3 <= 122) {
return arg3 - 71;
}
if(arg3 >= 48 && arg3 <= 57) {
return arg3 + 4;
}
switch(arg3) {
case 43: {
goto label_31;
}
case 47: {
return 63;
}
case 61: {
return 0;
}
}
throw new RuntimeException("unexpected code: " + arg3);
return 63;
label_31:
v0 = 62;
}
else {
v0 = arg3 - 65;
}
return v0;
}
private static void a(String arg5, OutputStream arg6) throws IOException {
int v4 = 61;
int v0 = 0;
int v1 = arg5.length();
while(true) {
if(v0 < v1 && arg5.charAt(v0) <= 32) {
++v0;
continue;
}
if(v0 != v1) {
int v2 = (b.a(arg5.charAt(v0)) << 18) + (b.a(arg5.charAt(v0 + 1)) << 12) + (b.a(arg5.charAt(v0 + 2)) << 6) + b.a(arg5.charAt(v0 + 3));
arg6.write(v2 >> 16 & 255);
if(arg5.charAt(v0 + 2) != v4) {
arg6.write(v2 >> 8 & 255);
if(arg5.charAt(v0 + 3) != v4) {
arg6.write(v2 & 255);
v0 += 4;
continue;
}
}
}
return;
}
}
}
| 
发表于 2019-12-14 16:56
|
发表于 2019-12-14 17:17
