android aes cbc解密

ego6inou  于 2021-06-29  发布在  Java
关注(0)|答案(0)|浏览(279)

为了学习,我正在尝试解密一些用android aes加密的文件。
我从这里开始:(我从模糊版本中更改了一些方法名称,使其更具可读性)

public class a {
  public static String encode(String paramString) {
    String str = null;
    try {
      byte[] arrayOfByte = encode(getRaw(), paramString.getBytes());
    } catch (Exception exception) {
      exception = null;
    } 
    if (exception != null)
      str = func1((byte[])exception); 
    return str;
  }

// func1 and func2 are only used for changing the Exception object. I don't think these are very important.
  private static String func1(byte[] paramArrayOfbyte) {
    if (paramArrayOfbyte == null)
      return ""; 
    StringBuffer stringBuffer = new StringBuffer(paramArrayOfbyte.length * 2);
    for (int i = 0; i < paramArrayOfbyte.length; i++)
      func2(stringBuffer, paramArrayOfbyte[i]); 
    return stringBuffer.toString();
  }

  private static void func2(StringBuffer paramStringBuffer, byte paramByte) {
    paramStringBuffer.append("0123456789ABCDEF".charAt(paramByte >> 4 & 0xF)).append("0123456789ABCDEF".charAt(paramByte & 0xF));
  }

  private static byte[] getRaw() throws Exception {
    return KeyGen.generateKey(new byte[] { 
          33, 83, -50, -89, -84, -114, 80, 99, 10, 63, 
          22, -65, -11, 30, 101, -118 }); // this has 16 length. I guess that this is IV.
  }

  private static native byte[] getEncrypted(String paramString);

  private static byte[] encode(byte[] raw, byte[] clear) throws Exception {
    SecretKeySpec secretKeySpec = new SecretKeySpec(raw, "AES");
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, new IvParameterSpec(getKey()));
    return cipher.doFinal(clear);
  }

  public static String decode(String paramString) {
    try {
      return new String(decode(getRaw(), getEncrypted(paramString)));
    } catch (Exception exception) {
      return null;
    } 
  }

  private static byte[] getKey() {
    try {
      byte[] arrayOfByte = b.decode("IUQSvE6r1TfFPdPEjfklLw==".getBytes("UTF-8"), 2);
      // b.decode is a method as public static native byte[]. 
      if (arrayOfByte != null)
        return KeyGen.generateKey(arrayOfByte); 
    } catch (Exception exception) {}
    return new byte[16];
  }

  private static byte[] decode(byte[] raw, byte[] encrypted) throws Exception {
    SecretKeySpec secretKeySpec = new SecretKeySpec(raw, "AES");
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, new IvParameterSpec(getKey()));
    return cipher.doFinal(encrypted);
  }
}
public class KeyGen {
  private static native KeyInstance constructKey(String paramString);

  public static byte[] generateKey(byte[] maybeIV) {
    if (paramArrayOfbyte != null) {
      KeyInstance keyinstance = constructKey("QrMgt8GGYI6T52ZY5AnhtxkLzb8egpFn3j5JELI8H6wtACbUnZ5cc3aYTsTRbmkAkRJeYbtx92LPBWm7nBO9UIl7y5i5MQNmUZNf5QENurR5tGyo7yJ2G0MBjWvy6iAtlAbacKP0SwOUeUWx5dsBdyhxa7Id1APtybSdDgicBDuNjI0mlZFUzZSS9dmN8lBD0WTVOMz0pRZbR3cysomRXOO1ghqjJdTcyDIxzpNAEszN8RMGjrzyU7Hjbmwi6YNK"); // this has 256 length.
      if (keyinstance != null)
        return extractKey(maybeIV, keyinstance); 
    } 
    return null;
  }

  private static native byte[] extractKey(byte[] maybeIV, KeyInstance keyinstance);

  private static class KeyInstance {
    public int[] hash = new int[256];

    public int x;

    public int y;

    private a() {}
  }
}

我觉得以下这些都是可疑的,我可以用它们来作为获取钥匙的线索:

private static byte[] getRaw() throws Exception {
    return KeyGen.generateKey(new byte[] { 
          33, 83, -50, -89, -84, -114, 80, 99, 10, 63, 
          22, -65, -11, 30, 101, -118 }); // this has 16 length. I guess that this is IV.
  }

// ...
      byte[] arrayOfByte = b.decode("IUQSvE6r1TfFPdPEjfklLw==".getBytes("UTF-8"), 2);
// ...

KeyInstance keyinstance = constructKey("QrMgt8GGYI6T52ZY5AnhtxkLzb8egpFn3j5JELI8H6wtACbUnZ5cc3aYTsTRbmkAkRJeYbtx92LPBWm7nBO9UIl7y5i5MQNmUZNf5QENurR5tGyo7yJ2G0MBjWvy6iAtlAbacKP0SwOUeUWx5dsBdyhxa7Id1APtybSdDgicBDuNjI0mlZFUzZSS9dmN8lBD0WTVOMz0pRZbR3cysomRXOO1ghqjJdTcyDIxzpNAEszN8RMGjrzyU7Hjbmwi6YNK"); // this has 256 length.

另外,我注意到每个加密文件都以公共字节序列“424754310100 00”开头。
有了这些线索,我该何去何从?
如何读取.jar文件中声明为本机的源代码?

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题