救助，一个APP的加密算法

1417692308 · 发表于 2016-11-24 11:03:44

package com.kingdee.a.b.a.a;

import com.kingdee.eas.eclite.support.net.f;
import com.kingdee.eas.eclite.support.net.u;
import com.kingdee.eas.eclite.support.net.v;
import com.kingdee.eas.eclite.support.net.w;
import org.json.JSONObject;

public class ac
  extends w
{
  private String Fb;
  private String aDs;
  private String aYq;
  private String eid;
  private String password;
  private String userName;

  public u[] Aj()
  {
return u.al("eid", this.eid).al("userName", this.userName).al("password", this.password).al("appClientId", this.aDs).al("deviceId", this.Fb).al("deviceType", this.aYq).al("ua", f.By()).BK();
  }

  public JSONObject Ak()
  {
JSONObject localJSONObject = new JSONObject();
localJSONObject.put("eid", this.eid);
localJSONObject.put("userName", this.userName);
localJSONObject.put("password", this.password);
localJSONObject.put("appClientId", this.aDs);
localJSONObject.put("deviceId", this.Fb);
localJSONObject.put("deviceType", this.aYq);
localJSONObject.put("ua", f.By());
return localJSONObject;
  }

  public void Al()
  {
i(3, "openaccess/user/login");
  }

  public boolean Ap()
  {
return true;
  }

  public void fg(String paramString)
  {
this.aDs = paramString;
  }

  public void fh(String paramString)
  {
this.Fb = paramString;
  }

  public void fl(String paramString)
  {
this.eid = paramString;
  }

  public void gS(String paramString)
  {
this.aYq = paramString;
  }

  public void setPassword(String paramString)
  {
this.password = paramString;
  }

  public void setUserName(String paramString)
  {
this.userName = paramString;
  }
}

第二个包
package com.umeng.socialize.net.utils;

import android.text.TextUtils;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class AesHelper
{
  private static final String UTF_8 = "UTF-8";
  private static byte[] iv = "nmeug.f9/Om+L823".getBytes();
  private static byte[] pwd = null;

  public static String decryptNoPadding(String paramString1, String paramString2)
  {
Cipher localCipher = Cipher.getInstance("AES/CBC/NoPadding");
localCipher.init(2, new SecretKeySpec(pwd, "AES"), new IvParameterSpec(iv));
return new String(localCipher.doFinal(Base64.decodeBase64(paramString1)), paramString2);
  }

  public static String encryptNoPadding(String paramString1, String paramString2)
  {
Cipher localCipher = Cipher.getInstance("AES/CBC/NoPadding");
int k = localCipher.getBlockSize();
paramString1 = paramString1.getBytes(paramString2);
int j = paramString1.length;
int i = j;
if (j % k != 0) {
   i = j + (k - j % k);
}
paramString2 = new byte[i];
System.arraycopy(paramString1, 0, paramString2, 0, paramString1.length);
localCipher.init(1, new SecretKeySpec(pwd, "AES"), new IvParameterSpec(iv));
return Base64.encodeBase64String(localCipher.doFinal(paramString2));
  }

  public static byte[] getBytesUnchecked(String paramString1, String paramString2)
  {
if (paramString1 == null) {
   return null;
}
try
{
   paramString1 = paramString1.getBytes(paramString2);
   return paramString1;
}
catch (UnsupportedEncodingException paramString1)
{
   throw newIllegalStateException(paramString2, paramString1);
}
  }

  public static byte[] getBytesUtf8(String paramString)
  {
return getBytesUnchecked(paramString, "UTF-8");
  }

  public static String md5(String paramString)
  {
int i = 0;
if (paramString == null) {
   return null;
}
try
{
   byte[] arrayOfByte = paramString.getBytes();
   Object localObject = MessageDigest.getInstance("MD5");
   ((MessageDigest)localObject).reset();
   ((MessageDigest)localObject).update(arrayOfByte);
   arrayOfByte = ((MessageDigest)localObject).digest();
   localObject = new StringBuffer();
   for (;;)
   {
      if (i >= arrayOfByte.length) {
      return ((StringBuffer)localObject).toString();
      }
      ((StringBuffer)localObject).append(String.format("%02X", new Object[] { Byte.valueOf(arrayOfByte[i]) }));
      i += 1;
   }
   return paramString.replaceAll("[^[a-z][A-Z][0-9][.][_]]", "");
}
catch (Exception localException) {}
  }

  private static IllegalStateException newIllegalStateException(String paramString, UnsupportedEncodingException paramUnsupportedEncodingException)
  {
return new IllegalStateException(paramString + ": " + paramUnsupportedEncodingException);
  }

  public static String newString(byte[] paramArrayOfByte, String paramString)
  {
if (paramArrayOfByte == null) {
   return null;
}
try
{
   paramArrayOfByte = new String(paramArrayOfByte, paramString);
   return paramArrayOfByte;
}
catch (UnsupportedEncodingException paramArrayOfByte)
{
   throw newIllegalStateException(paramString, paramArrayOfByte);
}
  }

  public static String newStringUtf8(byte[] paramArrayOfByte)
  {
return newString(paramArrayOfByte, "UTF-8");
  }

  public static void setPassword(String paramString)
  {
if (!TextUtils.isEmpty(paramString))
{
   String str = md5(paramString);
   paramString = str;
   if (str.length() >= 16) {
      paramString = str.substring(0, 16);
   }
   pwd = paramString.getBytes();
}
  }
}

password加密前:11111111
password加密后：vvAxKN3bg8y\/QHbiOhqsqw==

从加密后密码看得出来它使用了base64加密，然后base64出现在encryptNoPadding这个方法里面
但在第一个包中，Password只调用了setPassword这个方法，即跳到第二个包中的setPassword，但是第二个包的setPassword只调用了md5加密，没有调用encryptNoPadding，这时候我就糊涂啦，他的密码到底是怎样加密出来的？难道我还漏了？

Codebug · 发表于 2016-11-27 19:23:25

aes cbc模式加密咯 iv向量这边都有了看下传进来加密的key

0.0

1417692308 · 发表于 2016-11-27 14:39:53

Youlor 发表于 2016-11-26 18:56
Base64(11111111) = "MTExMTExMTE="

他并不只是base64加密

Youlor · 发表于 2016-11-26 18:56:37

Base64(11111111) = "MTExMTExMTE="

漂流瓶 · 发表于 2016-11-25 00:46:24

就这么问，谁鸟你。。

微风Breeze · 发表于 2016-11-24 12:43:24

这个有偿可以联系我或出门右转定制区欢迎您

		自动登录	找回密码
密码			注册

[交流] 救助，一个APP的加密算法