Packet decrypt

[KaL]

I'm trying to make a tool which includes packet decryptation, however I'm stuck on decrypt results. My application gets KeyPacket and find the BF Key, then I use it with this formula:

 

public byte[] decryptRecv(byte[] raw, final int size)
{
	if (!_isEnabled)
		return null;

	int temp = 0;
	for (int i = 0; i < size; i++)
	{
		int temp2 = raw[i] & 0xFF;
		raw[i] = (byte) (temp2 ^ _inKey[i&15] ^ temp);
		temp = temp2;
	}

	int old = _inKey[8] &0xff;
	old |= _inKey[9] << 8 &0xff00;
	old |= _inKey[10] << 0x10 &0xff0000;
	old |= _inKey[11] << 0x18 &0xff000000;

	old += size;

	_inKey[8] = (byte)(old &0xff);
	_inKey[9] = (byte)(old >> 0x08 &0xff);
	_inKey[10] = (byte)(old >> 0x10 &0xff);
	_inKey[11] = (byte)(old >> 0x18 &0xff);

	return raw;
}

 

This is the formula used by the emulators (gameserver part) but with the return of modified raw instead of void.

 

I checked if the hex key is fine, and it is.

Dunno if the conversion to byte is wrong, I'm using this:

 

public byte[] hexToBytes(String hex)
{
	hex = hex.replaceAll(" ", "");
	byte[] b = new BigInteger(hex, 16).toByteArray();

	return b;
}

 

I'm comparing the decryptation results with PHX results. Once every 15 checks, it goes ok, but the others, some bytes are different from PHX.

For example:

 

RequestAuthLogin of PHX

08 73 00 6D 00 61 00 6C 00 6C 00 76 00 69 00 6C 00 6C 00 65 00 00 00 FB 3F 00 00 87 69 00 00 00 00 00 00 00 00 00 00 01 00 00 00

 

Now, the same packet on my application:

00 08 73 00 6D 00 61 00 6C 00 6C 00 76 00 69 00 FB 00 6C 00 65 00 00 00 FB 3F 00 00 87 69 00 00 97 00 00 00 00 00 00 00 01 00 00 7E

 

Bold hex are different of PHX. Also, the differences are always at these bytes.

 

What am I doing wrong?

 

Thanks