Hello,
i am working on an arm linux elf file that has blowfish encryption algorithm inside. But whatever i did to reproduce them, i can't get the same results. this is what it's like in decompiled form.
Code:
unsigned int __fastcall CBlowFish::Encode(CBlowFish *this, unsigned __int8 *a2, unsigned __int8 *a3, unsigned int a4)
{
v4 = a3;
v26 = a2;
v23 = a4;
v25 = this;
v5 = CBlowFish::GetOutputLength(this, a4);
v6 = v5;
if ( v5 )
{
v7 = 0;
v8 = v23;
v9 = (unsigned int *)v4;
v10 = (unsigned int *)v26;
v24 = v23 - 7;
v22 = v5 - v23;
do
{
if ( v26 == v4 )
{
if ( v7 >= v24 )
{
v11 = (char *)v10 + v23;
if ( v22 > 0 )
{
v12 = (int)&v11[v22];
do
*v11++ = 0;
while ( v11 != (_BYTE *)v12 );
}
}
v13 = v10;
v14 = v10 + 1;
v10 += 2;
CBlowFish::Blowfish_encipher(v25, v13, v14);
goto LABEL_9;
}
if ( v7 >= v24 )
{
v17 = v8;
if ( v8 <= 0 )
{
v21 = (int)v9;
v17 = 0;
}
else
{
v18 = 0;
do
{
*((_BYTE *)v9 + v18) = *((_BYTE *)v10 + v18);
++v18;
}
while ( v8 != v18 );
v21 = (int)v9 + v8;
v10 = (unsigned int *)((char *)v10 + v8);
if ( v8 > 7 )
goto LABEL_14;
}
v19 = v21 - v17;
v20 = v17;
do
*(_BYTE *)(v19 + v20++) = 0;
while ( v20 <= 7 );
}
else
{
v16 = 0;
do
{
*((_BYTE *)v9 + v16) = *((_BYTE *)v10 + v16);
++v16;
}
while ( v16 != 8 );
}
LABEL_14:
v10 += 2;
CBlowFish::Blowfish_encipher(v25, v9, v9 + 1);
v9 += 2;
LABEL_9:
v7 += 8;
v8 -= 8;
}
while ( v6 > v7 );
}
return v6;
Code:
int __fastcall CBlowFish::Blowfish_encipher(CBlowFish *this, unsigned int *a2, unsigned int *a3)
v3 = *(_DWORD **)this;
v4 = *((_DWORD *)this + 1);
v5 = *a2 ^ **(_DWORD **)this;
v6 = *(_DWORD *)(*(_DWORD *)this + 20);
v7 = *a3 ^ (((*(_DWORD *)(v4 + 4 * ((v5 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v5 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v5 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v5 + 3072)) ^ *(_DWORD *)(*(_DWORD *)this + 4);
v8 = *(_DWORD *)(*(_DWORD *)this + 24);
v9 = v5 ^ (((*(_DWORD *)(v4 + 4 * ((v7 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v7 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v7 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v7 + 3072));
v10 = *(_DWORD *)(*(_DWORD *)this + 32);
v11 = v9 ^ *(_DWORD *)(*(_DWORD *)this + 8);
v12 = *(_DWORD *)(*(_DWORD *)this + 28);
v13 = *(_DWORD *)(*(_DWORD *)this + 36);
v14 = *(_DWORD *)(*(_DWORD *)this + 40);
v15 = *(_DWORD *)(*(_DWORD *)this + 44);
v16 = (((*(_DWORD *)(v4 + 4 * ((v11 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v11 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v11 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v11 + 3072)) ^ *(_DWORD *)(*(_DWORD *)this + 12) ^ v7;
v17 = v3[17];
v18 = (((*(_DWORD *)(v4 + 4 * ((v16 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v16 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v16 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v16 + 3072)) ^ v3[4] ^ v11;
v19 = v3[16];
v20 = (((*(_DWORD *)(v4 + 4 * ((v18 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v18 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v18 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v18 + 3072)) ^ v6 ^ v16;
v21 = (((*(_DWORD *)(v4 + 4 * ((v20 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v20 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v20 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v20 + 3072)) ^ v8 ^ v18;
v22 = (((*(_DWORD *)(v4 + 4 * ((v21 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v21 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v21 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v21 + 3072)) ^ v12 ^ v20;
v23 = (((*(_DWORD *)(v4 + 4 * ((v22 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v22 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v22 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v22 + 3072)) ^ v10 ^ v21;
v24 = (((*(_DWORD *)(v4 + 4 * ((v23 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v23 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v23 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v23 + 3072)) ^ v13 ^ v22;
v25 = (((*(_DWORD *)(v4 + 4 * ((v24 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v24 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v24 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v24 + 3072)) ^ v14 ^ v23;
v26 = (((*(_DWORD *)(v4 + 4 * ((v25 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v25 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v25 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v25 + 3072)) ^ v15 ^ v24;
v27 = (((*(_DWORD *)(v4 + 4 * ((v26 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v26 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v26 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v26 + 3072)) ^ v3[12] ^ v25;
v28 = (((*(_DWORD *)(v4 + 4 * ((v27 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v27 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v27 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v27 + 3072)) ^ v3[13] ^ v26;
v29 = (((*(_DWORD *)(v4 + 4 * ((v28 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v28 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v28 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v28 + 3072)) ^ v3[14] ^ v27;
v30 = (((*(_DWORD *)(v4 + 4 * ((v29 >> 16) & 0xFF) + 1024) + *(_DWORD *)(v4 + 4 * (v29 >> 24))) ^ *(_DWORD *)(v4 + 4 * ((unsigned __int16)v29 >> 8) + 2048))
+ *(_DWORD *)(v4 + 4 * (unsigned __int8)v29 + 3072)) ^ v3[15] ^ v28;
v31 = v4 + 4 * ((unsigned __int16)v30 >> 8);
v32 = *(_DWORD *)(v4 + 4 * (v30 >> 24));
v33 = v4 + 4 * (unsigned __int8)v30;
v34 = *(_DWORD *)(v4 + 4 * ((v30 >> 16) & 0xFF) + 1024);
result = v30 ^ v17;
*a3 = (((v34 + v32) ^ *(_DWORD *)(v31 + 2048)) + *(_DWORD *)(v33 + 3072)) ^ v19 ^ v29;
*a2 = result;
return result;
i upload the elf file here in case someone interested.
hxxps://filebin.net/yordbkvlpmofbaem
thanks in advance