1

I have this code:

 private static c e;
  private static byte[] f = { 55, -86, -102, 55, -23, 26, -83, 103, 125, -57, -110, -34, 70, 102, 48, -103 };
  private String a;
  private SecureRandom b;
  private int c;
  private byte[] d;

  public c(String paramString, SecureRandom paramSecureRandom)
  {
    this.a = paramString;
    this.b = paramSecureRandom;
  }

  public static c a()
  {
    if (e == null)
    {
      e = new c("AES/CBC/PKCS7Padding", new SecureRandom());
      e.a(f, 16);
    }
    return e;
  }

With f being the array of bytes and 16 to do with reading 16 bytes of the IV generated with SecureRandom(). (atleast I assume that's what it is doing?) However when I use this:

byte[] byteArray = { 55, -86, -102, 55, -23, 26, -83, 103, 125, -57, -110, -34, 70, 102, 48, -103 };

String value = new String(byteArray, "ISO-8859-1");
    System.out.println(value);

I get this output: 7ª7é­g}ÇÞFf0

I'm attempting to work out how this app i've got generates the encryptionkey used for encrypting/decrypting... that result above surely can't be anything right? Am I completely on the wrong track here?

I've included the full class code here incase it helps: http://pastie.org/private/5fhp9yqknzoansd1vc0xfg

Would really love to know what the code above is actually doing so I can port it to PHP, not too good @ Java.

Thanks in advance.

Improve this question
2
  • 1
    You really should post unobfuscated code. Commented Jan 5, 2016 at 10:01
  • Didn't realize it was obfuscated sorry. Any tools out there for deobfuscating Java? Commented Jan 5, 2016 at 13:08

1 Answer 1

Reset to default
4

Your output 7ª7é­g}ÇÞFf0 makes sense to me.

You are using the character set: ISO-8859-1, and thus the bytes will be decoded to the characters they are mapped to in that character set.

Your byte array is created using base 10, and java bytes are signed. This means your byte array has the following hexadecimal values (in order):

37, AA, 9A, 37, E9, 1A, AD, 67, 7D, C7, 92, DE, 46, 66, 30, 99

According to the ISO-8859-1 character set, these values map to the following:

7, ª, (nil), 7, é, (nil), SHY, g, }, Ç, (nil), Þ, F, f, 0, (nil)

Which is pretty close to what your string is actually. The (nil) characters are not rendered in your string because the character set does not have glyphs for the corresponding values. And for the character SHY, I will assume again there is no glyph (while the standard indicates there actually should be).

Your output seems correct to me! :)

Remember, your encryption key is just a sequence of bytes. You shouldn't expect the data to be human-readable.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Thanks for explaining that! So the code above is actually using 7ª7é­g}ÇÞFf0 as the encryption key for decrypting? I attached the full code (see first post), and from what I gather public byte[] b(byte[] paramArrayOfByte) is used for decoding afaik. Could you help me work out how it's actually using that key to decrypt? Link to full encryption/decryption class: pastie.org/private/5fhp9yqknzoansd1vc0xfg
Well, I'm not that great at deobfuscation, but here goes.... I believe public byte[] a(byte[] paramArrayOfByte) is used to decrypt. And I believe that public byte[] b(byte[] paramArrayOfByte) is to encrypt. It seems to me that the variable f, is your 128-bit key used for Advanced Encryption Standard (AES) algorithm. I suggest reading up on the algorithm for details. If my guess is wrong, I would assume that b(...) is for decryption and a(...) is for encryption. Also look at the javax.crypto package.
Remember to accept this answer if you found that it solves your problem! :)
Ah I wasn't aware that the code was obfuscated sorry! That does help a lot as I was under the impression that b was used for decryption because they have this: localCipher.init(2 - and in a it is localCipher.init(1 - so assuming 1 is for encode, and 2 for decode. Thanks for those links and the information, I accepted your answer :)
Excellent observation. As I said, you may very well be right. According to docs: Cipher.ENCRYPT_MODE = 1 and Cipher.DECRYPT_MODE = 2. As you begin to understand more of the snippet, I suggest renaming variables/functions/etc so that it becomes less obfuscated and more legible.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.