0

I have a decryption algorithm and it compiles successfully but I get an exception while running it.

I've tried changing the order of where the (byte) is and adding more in but I can't seem to figure out why it isn't working.

Below is the Crypt.java code:

public class Crypt implements Runnable {
    public Crypt(byte[] data, int length, byte[] key) throws IOException {
        byte v3, v5, v6;
        int len = length;

        if (len > 0) {
            do {
                --len;
                v3 = (byte) (key[0] + 1);
                key[0] = v3;
                v5 = (byte) (key[4] + key[8 + v3]);
                key[4] = v5;
                v6 = key[8 + v3];
                key[8 + v3] = key[8 + v5];
                key[8 + key[4]] = v6;

                data[length - len - 1] ^= key[8 + (byte) (key[8 + key[4]] + key[8 + key[0]])];

                Log.logInfo("Packet Data: " + DatatypeConverter.printHexBinary(data) + "");
            }
            while (len > 0);
        }
    }

    public void run() {
    }
}

And below is the code that I am using to get the Crypt.java to run.

byte key[] = {
    (byte) 0x2b, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0xda, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x58, (byte) 0x24, (byte) 0x32, (byte) 0x6a, (byte) 0xc3, (byte) 0x06, (byte) 0x1b, (byte) 0x2c,
    (byte) 0x6b, (byte) 0x61, (byte) 0x3e, (byte) 0xaf, (byte) 0xec, (byte) 0x31, (byte) 0x60, (byte) 0x38, (byte) 0x05, (byte) 0x46, (byte) 0x04, (byte) 0x0c, (byte) 0x2b, (byte) 0xb9, (byte) 0x6e, (byte) 0x2e,
    (byte) 0x07, (byte) 0x5d, (byte) 0xff, (byte) 0xe8, (byte) 0x64, (byte) 0xe3, (byte) 0x70, (byte) 0x40, (byte) 0xdb, (byte) 0x93, (byte) 0xda, (byte) 0xcc, (byte) 0x01, (byte) 0x18, (byte) 0x22, (byte) 0x5e,
    (byte) 0xdf, (byte) 0x94, (byte) 0x5a, (byte) 0x4f, (byte) 0x25, (byte) 0xbe, (byte) 0x1d, (byte) 0xb5, (byte) 0x4b, (byte) 0xb4, (byte) 0x17, (byte) 0x8b, (byte) 0xf4, (byte) 0x57, (byte) 0x39, (byte) 0xb3,
    (byte) 0xfe, (byte) 0x91, (byte) 0x63, (byte) 0x7d, (byte) 0x1c, (byte) 0x9f, (byte) 0x7a, (byte) 0xca, (byte) 0x3a, (byte) 0x1e, (byte) 0x65, (byte) 0xa7, (byte) 0x68, (byte) 0xd1, (byte) 0x89, (byte) 0x78,
    (byte) 0x67, (byte) 0x43, (byte) 0xf3, (byte) 0xb2, (byte) 0x8d, (byte) 0xd9, (byte) 0x8e, (byte) 0x9e, (byte) 0x9c, (byte) 0xc9, (byte) 0xe9, (byte) 0x9b, (byte) 0xb6, (byte) 0xba, (byte) 0x75, (byte) 0x20,
    (byte) 0x74, (byte) 0xd3, (byte) 0x3f, (byte) 0x88, (byte) 0x56, (byte) 0x6d, (byte) 0x41, (byte) 0x62, (byte) 0x2a, (byte) 0xc6, (byte) 0xa2, (byte) 0xc5, (byte) 0x5f, (byte) 0x7b, (byte) 0x33, (byte) 0xc4,
    (byte) 0xf6, (byte) 0x3b, (byte) 0xef, (byte) 0x97, (byte) 0x95, (byte) 0x92, (byte) 0x87, (byte) 0xc7, (byte) 0xf7, (byte) 0x52, (byte) 0x7f, (byte) 0x10, (byte) 0xa8, (byte) 0xdc, (byte) 0x45, (byte) 0xd0,
    (byte) 0xfd, (byte) 0x99, (byte) 0x9d, (byte) 0xe0, (byte) 0x0e, (byte) 0x29, (byte) 0x6c, (byte) 0x81, (byte) 0x83, (byte) 0xd5, (byte) 0xe7, (byte) 0xee, (byte) 0xfa, (byte) 0x59, (byte) 0xa9, (byte) 0x27,
    (byte) 0x26, (byte) 0xcd, (byte) 0xdd, (byte) 0xae, (byte) 0x09, (byte) 0x44, (byte) 0x30, (byte) 0x47, (byte) 0xe5, (byte) 0xf0, (byte) 0x37, (byte) 0x5b, (byte) 0x13, (byte) 0x4a, (byte) 0x96, (byte) 0x4e,
    (byte) 0x72, (byte) 0xa6, (byte) 0x79, (byte) 0xd4, (byte) 0xa4, (byte) 0x98, (byte) 0x36, (byte) 0xe6, (byte) 0x86, (byte) 0xd7, (byte) 0x28, (byte) 0x02, (byte) 0xf9, (byte) 0x2d, (byte) 0xbc, (byte) 0x12,
    (byte) 0xed, (byte) 0xbf, (byte) 0xad, (byte) 0x48, (byte) 0xce, (byte) 0x84, (byte) 0x82, (byte) 0x7c, (byte) 0xfb, (byte) 0x53, (byte) 0xe2, (byte) 0xea, (byte) 0x0d, (byte) 0x14, (byte) 0x1f, (byte) 0x54,
    (byte) 0xaa, (byte) 0x08, (byte) 0x23, (byte) 0xf2, (byte) 0x21, (byte) 0x4c, (byte) 0x8c, (byte) 0x3d, (byte) 0xbd, (byte) 0xa1, (byte) 0x35, (byte) 0xb7, (byte) 0x55, (byte) 0x42, (byte) 0x4d, (byte) 0xa5,
    (byte) 0x8f, (byte) 0x3c, (byte) 0x85, (byte) 0xc8, (byte) 0x77, (byte) 0x03, (byte) 0x0a, (byte) 0x1a, (byte) 0x11, (byte) 0x15, (byte) 0x00, (byte) 0xc0, (byte) 0xb1, (byte) 0xeb, (byte) 0x5c, (byte) 0x71,
    (byte) 0xd8, (byte) 0xc2, (byte) 0x8a, (byte) 0x0f, (byte) 0x76, (byte) 0x50, (byte) 0xa0, (byte) 0x19, (byte) 0x73, (byte) 0xf5, (byte) 0xfc, (byte) 0x0b, (byte) 0x69, (byte) 0xe1, (byte) 0x90, (byte) 0xd2,
    (byte) 0xab, (byte) 0xc1, (byte) 0x9a, (byte) 0x51, (byte) 0x6f, (byte) 0x34, (byte) 0x80, (byte) 0xb8, (byte) 0xa3, (byte) 0xd6, (byte) 0xcb, (byte) 0xe4, (byte) 0xcf, (byte) 0x2f, (byte) 0xf8, (byte) 0xbb,
    (byte) 0x16, (byte) 0x66, (byte) 0xb0, (byte) 0x49, (byte) 0xac, (byte) 0xde, (byte) 0xf1, (byte) 0x7e
};

new Thread(new Crypt(request, size, key)).start();

The variable request from the above code is byte. The size variable is basically the length of the request variable.

I've spent countless hours working on this and I just have no clue about why it isn't working.

When the program runs I get the below exception:

Exception in thread "Thread-3" java.lang.ArrayIndexOutOfBoundsException: -59
        at com.webraid.cocproxy.utils.Crypt.<init>(Crypt.java:33)
        at com.webraid.cocproxy.network.Client.run(Client.java:97)
        at java.lang.Thread.run(Unknown Source)

"Packet data" is printed out twice. Once before it is put through the Crypt.java file and then after as you can see in the code. The two results are very similar but only the first 2 values are changed.

In this case the 02 became 1A.

EDIT:

Line 33 in Crypt.java is: key[8 + v3] = key[8 + v5];

And line 97 in the Client.java code is: new Thread(new Crypt(request, size, key)).start();

Adding output here:

 Packet Data: 023E12AFF65CAFE52FB389F8FFFB7EAFEA81E672159DD38CDCF26A44895871B727CEB02976E85F658472C66ADA79CB49B47340523E643F0DFB3D4E5C7B5B1239296E26313
 5A2BB400FDD9E935D4255FE4CF0FF4BD87ED6359896A82B50753E3A3A9A998217640E1247C3AF153AFCF2E6351DE55AEFFAD000AF98549A28DA8823928A4496582476E29ADEB942634C68C
 291A711CA140BE4403F76F6F827E22204755396D0F546702ED20C3595A37D2A8B529963BD505FF34521792510DD27225FC1758B17DA6936F2ECCBAD7E55425B3F5328AA503DF610484B018
 8289D36ED777B6641A4A765743EAC6E0D8E8A28510D3CAAF18B2D

 Packet Data: 1A3E12AFF65CAFE52FB389F8FFFB7EAFEA81E672159DD38CDCF26A44895871B727CEB02976E85F658472C66ADA79CB49B47340523E643F0DFB3D4E5C7B5B1239296E26313
 5A2BB400FDD9E935D4255FE4CF0FF4BD87ED6359896A82B50753E3A3A9A998217640E1247C3AF153AFCF2E6351DE55AEFFAD000AF98549A28DA8823928A4496582476E29ADEB942634C68C
 291A711CA140BE4403F76F6F827E22204755396D0F546702ED20C3595A37D2A8B529963BD505FF34521792510DD27225FC1758B17DA6936F2ECCBAD7E55425B3F5328AA503DF610484B018
 8289D36ED777B6641A4A765743EAC6E0D8E8A28510D3CAAF18B2D
Improve this question
3
  • I think the issue is on data[length - len - 1], I should try to print the value of (length - len - 1) on each loop... Commented Mar 31, 2015 at 19:26
  • Added an edit which shows which the line numbers Commented Mar 31, 2015 at 19:27
  • it printed 0 and then gave the same error @vathek Commented Mar 31, 2015 at 19:33

1 Answer 1

Reset to default
1

The issue is on:

v5 = (byte) (key[4] + key[8 + v3]);
v6 = key[8 + v3];
key[8 + v3] = key[8 + v5];
key[8 + key[4]] = v6; 

....key[8 + (byte)(key[8 + key[4]] + key[8 + key[0]])]

With your data on second loop key[8 + v3] means k[-59]. The Java byte are signed, so you can have negative values on bytes. Also, you are not sure that bytes on your key are between 0 and key.lenght().

You should be review the crypt alghorithm to ensure stay in boundary of 'key' array.

A possibile solution is to use a method that 'normalize' input to stay on range 0-key.lenght:

ex.

private int normalizeIndex(byte[] key, int index){
        return Math.abs(index)%(key.length-1);
    }

Then use it when retrieve array cells:

...
 v6 = key[normalizeIndex(key,8 + v3)];
 key[ normalizeIndex(key,(8 + v3))] = key[ normalizeIndex(key,(8 + v5))];
 key[normalizeIndex(key,8 + key[4])] = v6;

 data[length - len - 1] ^= key[normalizeIndex(key,8+(int)(key[ normalizeIndex(key,8 + key[4])]) + key[ normalizeIndex(key,8 + key[0])])];
...

Hope helped you!

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks but i'm not sure how to fix it - any ideas?
I edited the answer with a working solution. I don't know if it fit your specifications, but is the best I can do with information that I have!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.