先贴汇编:
+[NSDictionary authenticationParams]:
000a4754 push {r4, r5, r6, r7, lr} ; Objective C Implementation defined at 0x5a2958 (class)
000a4756 add r7, sp, #0xc
000a4758 push.w {r8, r10, r11}
000a475c sub sp, #0x10
000a475e movw r8, #0x776a
000a4762 movt r8, #0x59 ; 0x59776a
000a4766 movw r0, #0xd852
000a476a movt r0, #0x58 ; 0x58d852
000a476e movw r2, #0x77b0
000a4772 movt r2, #0x59 ; 0x5977b0
000a4776 add r0, pc ; @selector(date)
000a4778 add r2, pc ; objc_cls_ref_NSDate
000a477a add r8, pc ; objc_cls_ref_NSString
000a477c ldr r1, [r0] ; @selector(date), argument #2 for method imp___picsymbolstub4__objc_msgSend
000a477e ldr r0, [r2] ; objc_cls_ref_NSDate, argument #1 for method imp___picsymbolstub4__objc_msgSend
000a4780 ldr.w r4, [r8] ; objc_cls_ref_NSString
000a4784 blx imp___picsymbolstub4__objc_msgSend
000a4788 mov r7, r7
000a478a blx imp___picsymbolstub4__objc_retainAutoreleasedReturnValue
000a478e mov r5, r0
000a4790 movw r0, #0xd834
000a4794 movt r0, #0x58 ; 0x58d834
000a4798 add r0, pc ; @selector(timeIntervalSince1970)
000a479a ldr r1, [r0] ; @selector(timeIntervalSince1970), argument #2 for method imp___picsymbolstub4__objc_msgSend
000a479c mov r0, r5
000a479e blx imp___picsymbolstub4__objc_msgSend
000a47a2 vmov d16, r0, r1
000a47a6 movw r0, #0xc52a
000a47aa movt r0, #0x58 ; 0x58c52a
000a47ae vcvt.s32.f64 s0, d16
000a47b2 add r0, pc
000a47b4 ldr r6, [r0]
000a47b6 mov r0, r4 ; argument #1 for method imp___picsymbolstub4__objc_msgSend
000a47b8 str r6, [sp, #0x4]
000a47ba movw r2, #0x1c32
000a47be movt r2, #0x4c ; 0x4c1c32
000a47c2 add r2, pc ; @"%d"
000a47c4 mov r1, r6 ; argument #2 for method imp___picsymbolstub4__objc_msgSend
000a47c6 vmov r3, s0
000a47ca blx imp___picsymbolstub4__objc_msgSend
000a47ce mov r7, r7
000a47d0 blx imp___picsymbolstub4__objc_retainAutoreleasedReturnValue
000a47d4 mov r4, r0
000a47d6 mov r0, r5 ; argument #1 for method imp___picsymbolstub4__objc_release
000a47d8 str r4, [sp, #0xc]
000a47da blx imp___picsymbolstub4__objc_release
000a47de movw r0, #0xc56a
000a47e2 movt r0, #0x58 ; 0x58c56a
000a47e6 movw r2, #0x7750
000a47ea movt r2, #0x59 ; 0x597750
000a47ee add r0, pc ; @selector(alloc)
000a47f0 add r2, pc ; objc_cls_ref_NSMutableDictionary
000a47f2 ldr r1, [r0] ; @selector(alloc), argument #2 for method imp___picsymbolstub4__objc_msgSend
000a47f4 ldr r0, [r2] ; objc_cls_ref_NSMutableDictionary
000a47f6 blx imp___picsymbolstub4__objc_msgSend
000a47fa movw r1, #0xc4ca
000a47fe movt r1, #0x58 ; 0x58c4ca
000a4802 add r1, pc ; @selector(init)
000a4804 ldr r1, [r1] ; @selector(init)
000a4806 blx imp___picsymbolstub4__objc_msgSend
000a480a mov r10, r0
000a480c movw r0, #0xc4cc
000a4810 movt r0, #0x58 ; 0x58c4cc
000a4814 movw r3, #0x1be6
000a4818 add r0, pc ; @selector(setObject:forKeyedSubscript:)
000a481a movt r3, #0x4c ; 0x4c1be6
000a481e add r3, pc ; @"timestamp"
000a4820 mov r2, r4
000a4822 ldr.w r11, [r0] ; @selector(setObject:forKeyedSubscript:)
000a4826 mov r0, r10 ; argument #1 for method imp___picsymbolstub4__objc_msgSend
000a4828 mov r1, r11
000a482a blx imp___picsymbolstub4__objc_msgSend
000a482e movw r2, #0x1be4
000a4832 mov r1, r6 ; argument #2 for method imp___picsymbolstub4__objc_msgSend
000a4834 movt r2, #0x4c ; 0x4c1be4
000a4838 ldr.w r0, [r8] ; objc_cls_ref_NSString, argument #1 for method imp___picsymbolstub4__objc_msgSend
000a483c movw r3, #0x1b9c
000a4840 add r2, pc ; @"%@%@"
000a4842 movt r3, #0x4c ; 0x4c1b9c
000a4846 str r4, [sp]
000a4848 add r3, pc ; @"667a42d9f8db85001a4d287bb8351ae9"
000a484a blx imp___picsymbolstub4__objc_msgSend
000a484e mov r7, r7
000a4850 blx imp___picsymbolstub4__objc_retainAutoreleasedReturnValue
000a4854 mov r4, r0
000a4856 movw r0, #0xdf92
000a485a movt r0, #0x58 ; 0x58df92
000a485e add r0, pc ; @selector(MD5)
000a4860 ldr r5, [r0] ; @selector(MD5)
000a4862 mov r0, r4 ; argument #1 for method imp___picsymbolstub4__objc_msgSend
000a4864 mov r1, r5
000a4866 blx imp___picsymbolstub4__objc_msgSend
000a486a mov r7, r7
000a486c blx imp___picsymbolstub4__objc_retainAutoreleasedReturnValue
000a4870 movw r3, #0x1b98
000a4874 mov r6, r0
000a4876 movt r3, #0x4c ; 0x4c1b98
000a487a mov r0, r10 ; argument #1 for method imp___picsymbolstub4__objc_msgSend
000a487c add r3, pc ; @"auth1"
000a487e mov r1, r11 ; argument #2 for method imp___picsymbolstub4__objc_msgSend
000a4880 mov r2, r6
000a4882 blx imp___picsymbolstub4__objc_msgSend
000a4886 mov r0, r6
000a4888 blx imp___picsymbolstub4__objc_release
000a488c mov r0, r4
000a488e blx imp___picsymbolstub4__objc_release
000a4892 movw r0, #0xcbd
再贴Hopper反汇编(好像有点蛋疼):
void * +[NSDictionary authenticationParams](void * self, void * _cmd) {
STK35 = r7;
r7 = &arg_C;
sp = sp - 0x10;
r8 = objc_cls_ref_NSString;
r5 = [[NSDate date] retain];
@selector(timeIntervalSince1970) << 0x10 | [r5 timeIntervalSince1970];
asm{ vcvt.s32.f64 s0, d16 };
r6 = *0x630ce0;
arg_4 = r6;
asm{ vmov r3, s0 };
r4 = [objc_msgSend(NSString, r6) retain];
arg_C = r4;
[r5 release];
r0 = [NSMutableDictionary alloc];
r10 = [r0 init];
r11 = @selector(setObject:forKeyedSubscript:);
[r10 setObject:r2 forKeyedSubscript:STK3];
var_0 = r4;
r4 = [objc_msgSend(NSString, r6) retain];
r5 = @selector(MD5);
r6 = [[r4 MD5] retain];
[r10 setObject:r2 forKeyedSubscript:STK3];
[r6 release];
[r4 release];
........
}
这段代码是生成一个包含一堆参数的字典,我不太理解的是auth1的计算,我以为是md5(时间戳 << 16 | 时间戳),后来发现不对,请大大帮忙解惑
T.T