一、MAC算法源码
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
String bs= "逆向有你a";
SecretKeySpec key = new SecretKeySpec("12345".getBytes(StandardCharsets.UTF_8), "HmacSHA256");//申请一个密钥,长度内容随便写
Mac mac = Mac.getInstance("HmacSHA256");//告诉系统我用的加密码方式是HmacSHA256
mac.init(key);
byte[] macres = mac.doFinal(bs.getBytes(StandardCharsets.UTF_8));//开始加密
System.out.println("HmacSHA1加密(字节):"+Arrays.toString(macres));
System.out.println("HmacSHA1加密(字符串):"+bytes2HexString(macres));
SecretKeySpec key1 = new SecretKeySpec("12345".getBytes(StandardCharsets.UTF_8), "HmacSHA256");//申请一个密钥,长度内容随便写
Mac mac1 = Mac.getInstance("HmacSHA256");//告诉系统我用的加密码方式是HmacSHA256
mac1.init(key1);
mac1.update("逆向".getBytes(StandardCharsets.UTF_8));
mac1.update("有你".getBytes(StandardCharsets.UTF_8));
byte[] macres1 = mac1.doFinal("a".getBytes(StandardCharsets.UTF_8));
System.out.println(bytes2HexString(macres1));
二、分析源码,需hook的内容
1、hook类是javax.crypto.Mac,javax.crypto.spec.SecretKeySpec
2、hook的方法:SecretKeySpec,doFinal
三、hook源码
XposedBridge.hookAllMethods(XposedHelpers.findClass("javax.crypto.Mac", loadPackageParam.classLoader)
, "doFinal",
new XC_MethodHook() {
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
super.afterHookedMethod(param);
Log.e("逆向有你", "Stack:", new Throwable("stack dump"));
if(param.args.length==2) return;
Mac mc = (Mac) param.thisObject;//实例化
String algorithm = mc.getAlgorithm();//获取加密算法的名称
if (param.args.length == 2) {
byte[] params = (byte[]) param.args[0];
String data = new String(params);
String datahex = b2s(params);
String datab64 = Base64.encodeToString(params, 0);
Log.d("逆向有你",algorithm+"data:"+data);
Log.d("逆向有你",algorithm+"datahex:"+datahex);
Log.d("逆向有你",algorithm+"datab64:"+datab64);
}
byte[] res=(byte[])param.getResult();
String reshex = b2s(res);
String resb64 = Base64.encodeToString(res, 0);
Log.d("逆向有你",algorithm+"resulthex:"+reshex);
Log.d("逆向有你",algorithm+"resultb64:"+resb64);
Log.d("逆向有你","========================================================================");
}
});
XposedBridge.hookAllConstructors(XposedHelpers.findClass("javax.crypto.spec.SecretKeySpec", loadPackageParam.classLoader)
, new XC_MethodHook() {
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
super.afterHookedMethod(param);
Log.e("逆向有你", "Stack:", new Throwable("stack dump"));
byte[] secretKey = (byte[]) param.args[0];
int offset=0;
int size=0;
String algorithm=null;
if (param.args.length != 2) {
offset = ((Integer) param.args[1]).intValue();
size = ((Integer) param.args[2]).intValue();
algorithm = (String) param.args[3];
}else
{
size=secretKey.length;
algorithm= (String) param.args[1];
}
byte[] keyres=new byte[size];
System.arraycopy(secretKey,offset,keyres,0,size);
String keyreshex = b2s(keyres);
String keyresb64 = Base64.encodeToString(keyres, 0);
Log.d("逆向有你",algorithm+"secretkey:"+new String(keyres));
Log.d("逆向有你",algorithm+"secretkeyhex:"+keyreshex);
Log.d("逆向有你",algorithm+"secretkeyb64:"+keyresb64);
Log.d("逆向有你","========================================================================");
}
});
四、运行结果
禁止非法,后果自负