欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

常见加密算法在安卓中的实现(调api)

程序员文章站 2024-03-16 20:20:28
...

前言:由于在平常逆向中知道啥加密后回去hook中一些加密所需的参数和盐等,这时候直接去hook他的系统api函数会快很多,当然还有其他情况,如apk里面使用反射是调用加密api之类的来掩藏加密方法等等。

提示: hook的时候一般回去hook getaAlogrithm方法去获取加密算法名字,hook的目的无非就是 查看加密参数,盐,包括部分加密的需要的 IV偏移量,加密结果等。至于先hook哪个方法之类的,就得看个人的思路了,至于每个加密有那方法可以hook,一切遵从标准文档:https://www.matools.com/api/java8

MD5
public class MD5 {
    public static String getMD5(String plainText) throws Exception {
        MessageDigest md5 = MessageDigest.getInstance("MD5");
        md5.update((plainText + "saltstr").getBytes());
        return ByteString.of(md5.digest()).hex();
    }
}
SHA
public class SHA {
    public static String getSHA(String plainText) throws Exception {
        MessageDigest SHA = MessageDigest.getInstance("SHA-256");
        SHA.update((plainText + "saltstr").getBytes());
        return ByteString.of(SHA.digest()).hex();
    }
}
MAC
public class MAC {
    public static String getMAC(String plainText) throws Exception {
        SecretKeySpec hmacMD5Key = new SecretKeySpec("a123456789".getBytes(), 1, 8, "HmacSHA1");
        Mac hmacMD5 = Mac.getInstance("HmacSHA1");
        hmacMD5.init(hmacMD5Key);
        hmacMD5.update(plainText.getBytes());
        return ByteString.of(hmacMD5.doFinal("saltstr".getBytes())).hex();
    }
}
DES
public class DES {
    public static String encryptDES(String plainText) throws Exception {
        SecretKeySpec desKey = new SecretKeySpec(new byte[]{1, 2, 3, 4, 5, 6, 7, 8}, "DES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec("12345678".getBytes());
        Cipher des = Cipher.getInstance("DES/CBC/PKCS5Padding");
        des.init(1, desKey, ivParameterSpec);
        return ByteString.of(des.doFinal(plainText.getBytes())).base64();
    }

    public static String decryptDES(String cipherText) throws Exception {
        SecretKeySpec desKey = new SecretKeySpec(new byte[]{1, 2, 3, 4, 5, 6, 7, 8}, "DES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec("12345678".getBytes());
        Cipher des = Cipher.getInstance("DES/CBC/PKCS5Padding");
        des.init(2, desKey, ivParameterSpec);
        return new String(des.doFinal(ByteString.decodeBase64(cipherText).toByteArray()));
    }
}
DESede
public class DESede {
    public static String encryptDESede(String plainText) throws Exception {
        SecretKeySpec desedeKey = new SecretKeySpec(new byte[]{1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8}, "DESede");
        IvParameterSpec ivParameterSpec = new IvParameterSpec("12345678".getBytes());
        Cipher desede = Cipher.getInstance("DESede/CBC/NOPadding");
        desede.init(1, desedeKey, ivParameterSpec);
        return ByteString.of(desede.doFinal(plainText.getBytes())).base64();
    }

    public static String decryptDESede(String cipherText) throws Exception {
        SecretKeySpec desedeKey = new SecretKeySpec(new byte[]{1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8}, "DESede");
        IvParameterSpec ivParameterSpec = new IvParameterSpec("12345678".getBytes());
        Cipher des = Cipher.getInstance("DESede/CBC/NOPadding");
        des.init(2, desedeKey, ivParameterSpec);
        return new String(des.doFinal(ByteString.decodeBase64(cipherText).toByteArray()));
    }
}
AES
public class AES {
    public static String encryptAES(String plainText, String AESKey) throws Exception {
        SecretKeySpec aesKey = new SecretKeySpec(ByteString.decodeHex(AESKey).toByteArray(), "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec("0123456789abcdef".getBytes());
        Cipher aes = Cipher.getInstance("AES/CBC/PKCS5Padding");
        aes.init(1, aesKey, ivParameterSpec);
        return ByteString.of(aes.doFinal(plainText.getBytes())).base64();
    }

    public static String decryptAES(String cipherText, String AESKey) throws Exception {
        SecretKeySpec aesKey = new SecretKeySpec(ByteString.decodeHex(AESKey).toByteArray(), "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec("0123456789abcdef".getBytes());
        Cipher aes = Cipher.getInstance("AES/CBC/PKCS5Padding");
        aes.init(2, aesKey, ivParameterSpec);
        return new String(aes.doFinal(ByteString.decodeBase64(cipherText).toByteArray()));
    }
}
RSA
public class RSA_Base64 {
    public static String privateKeyBase64 = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAPFFAfEv/zFnURo2\nZAEZmekyIJjuBHOiDqcON8ElpzK0SJUmclG6rVX8P4kppcPB62wKdJRrPrksIUdT\nT05IRh57mgKIjSqXbUQDfTpz3WhP99Ck+eBAZkctS0M5R0lWUAqeJwK+ZHbg2rI0\noW5jwvRycHXNxrHvdF/4K1/+XEA7AgMBAAECgYEAsGkDrYWps0bW7zKb1o4Qkojb\netZ2HNJ+ojlsHObaJOHbPGs7JXU4bmmdTz5LfSIacAoJCciMuTqCLrPEhfmkghPq\nU2MjyjfqYdXALoP7l/vt6QmjY/g1IAsaZN9nFhyjJ2WzgOx1f7gZj4NBSvTdSj7H\nm5E24zkm+p7Qw1z6/mkCQQD7WSXAXcv2v3Vo6qi1FUlkzQgCQLFYqXNSOSPpno3y\noohUFIkMj0bYGbVE1LzV30Rb6Z8e8yQAByw6l8RuGb2PAkEA9bwb2euyOe6CcqpE\nPNFc+7UlOJAy5epVFKHbu0aNivVpU0hsphqjIGXJGHYTspyEOLqtzILqKPZr6pru\nWvJUlQJBAJoImQUZtlyCGs7wN/G5mN/ocscGpGikd+Lk16hdHbqbdpaoexCyYYUf\nxCHpicw75mW5d2V9Ngu6WZWS2rNqnOsCQCoMK//X8sEy7KNOOyrk8DIpxtqs4eix\ndil3oK+k3OdgIsubYuvxNuR+RjCnU6uGWKGUX9TUudiUgda89/gb6xkCQFm8gD6n\nAyN+PPPKRq2M84+cAbnvjdIAY3OFHfkaoWCtEj5DR0UDuVv7jN7+re2D7id/GkAe\nFAmhvYQwwLnifrw=";
    public static String publicKeyBase64 = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDxRQHxL/8xZ1EaNmQBGZnpMiCY7gRzog6nDjfBJacytEiVJnJRuq1V/D+JKaXDwetsCnSUaz65LCFHU09OSEYee5oCiI0ql21EA306c91oT/fQpPngQGZHLUtDOUdJVlAKnicCvmR24NqyNKFuY8L0cnB1zcax73Rf+Ctf/lxAOwIDAQAB";

    public static PublicKey generatePublicKey() throws Exception {
        return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(ByteString.decodeBase64(publicKeyBase64).toByteArray()));
    }

    public static PrivateKey generatePrivateKey() throws Exception {
        return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(ByteString.decodeBase64(privateKeyBase64).toByteArray()));
    }

    public static String encryptByPublicKey(String plainText) throws Exception {
        PublicKey publicKey = generatePublicKey();
        Cipher instance = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        instance.init(1, publicKey);
        return ByteString.of(instance.doFinal(plainText.getBytes())).base64();
    }

    public static String decryptByPrivateKey(String cipherText) throws Exception {
        PrivateKey privateKey = generatePrivateKey();
        Cipher instance = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        instance.init(2, privateKey);
        return new String(instance.doFinal(ByteString.decodeBase64(cipherText).toByteArray()));
    }
}

public class RSA_Hex {
    public static String modulus = "dfd5c4f8de188022477367ba9c3d8b367cfba7810f59702e1cd05bbd70179112c748b44cfe5b79ebeb8732a8b4fd480acddaff6438fbf9e810cf7b0b57f1d60d1c257af668b22841099801086258d0ec77c3f1774d6a28192d227793a788a64f7841f1703954155d81f115b56cf4aff3f91b5283d728b164b59a9116d6f46ee7";
    public static String privateExponent = "d4f09e198fd84915d35983c5f0db4fb3ff84bd1eb78683852ade41585fe9db96bcc57ad980657000b3a983d521918f56cfedd666f71b27ecd109416a5238fc42e71d4e276e505f5e38dadaacac257a444e9c74e3dd5b64fac6383ef11f1f3e09cc643959a1757941123b086b1ceb6aeceb8d2235c8b6f840bdaf1da06ae51229";
    public static String publicExponent = "010001";

    public static PublicKey generatePublicKey() throws Exception {
        return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(modulus, 16), new BigInteger(publicExponent, 16)));
    }

    public static PrivateKey generatePrivateKey() throws Exception {
        return KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateKeySpec(new BigInteger(modulus, 16), new BigInteger(privateExponent, 16)));
    }

    public static String encryptByPublicKey(String plainText) throws Exception {
        PublicKey publicKey = generatePublicKey();
        Cipher instance = Cipher.getInstance("RSA/ECB/NOPadding");
        Log.d("abcdef", "RSA_Hex publicKey: " + Arrays.toString(publicKey.getEncoded()));
        instance.init(1, publicKey);
        return ByteString.of(instance.doFinal(plainText.getBytes())).base64();
    }

    public static String decryptByPrivateKey(String cipherText) throws Exception {
        PrivateKey privateKey = generatePrivateKey();
        Cipher instance = Cipher.getInstance("RSA/ECB/NOPadding");
        instance.init(2, privateKey);
        byte[] bytes = instance.doFinal(ByteString.decodeBase64(cipherText).toByteArray());
        int index = -1;
        int i = bytes.length - 1;
        while (true) {
            if (i <= 0) {
                break;
            } else if (bytes[i] == 0) {
                index = i + 1;
                break;
            } else {
                i--;
            }
        }
        int newLength = bytes.length - index;
        byte[] newbytes = new byte[newLength];
        System.arraycopy(bytes, index, newbytes, 0, newLength);
        return new String(newbytes);
    }
}
相关标签: 安卓逆向 java