WindowsXPKg/src/server.cpp

//
// Created by Andrew on 01/06/2023.
//

#include "header.h"

char pCharset[] = "BCDFGHJKMPQRTVWXY2346789";

void unpackServer(
        DWORD (&pRaw)[4],
        DWORD &pChannelID,
        DWORD &pHash,
        DWORD (&pSignature)[2],
        DWORD &pAuthInfo
) {
    // We're assuming that the quantity of information within the product key is at most 114 bits.
    // log2(24^25) = 114.

    // OS Family = Bits [0..10] -> 11 bits
    pChannelID = pRaw[0] & 0x7ff;

    // Hash = Bits [11..41] -> 31 bits
    pHash = ((pRaw[0] >> 11) | (pRaw[1] << 21)) & 0x7fffffff;

    // Signature = Bits [42..103] -> 62 bits
    pSignature[0] = (pRaw[1] >> 10) | (pRaw[2] << 22);
    pSignature[1] = ((pRaw[2] >> 10) | (pRaw[3] << 22)) & 0x3fffffff;

    // Prefix = Bits [104..113] -> 10 bits
    pAuthInfo = (pRaw[3] >> 8) & 0x3ff;
}

void packServer(
        DWORD (&pRaw)[4],
        DWORD pChannelID,
        DWORD pHash,
        DWORD (&pSignature)[2],
        DWORD pAuthInfo
) {
    pRaw[0] = pChannelID | (pHash << 11);
    pRaw[1] = (pHash >> 21) | (pSignature[0] << 10);
    pRaw[2] = (pSignature[0] >> 22) | (pSignature[1] << 10);
    pRaw[3] = (pSignature[1] >> 22) | (pAuthInfo << 8);
}


bool verifyServerKey(EC_GROUP *eCurve, EC_POINT *generator, EC_POINT *publicKey, char *cdKey) {
    BN_CTX *context = BN_CTX_new();

    // Convert Base24 CD-key to bytecode.
    DWORD pChannelID, pHash, pSignature[2], pAuthInfo;
    DWORD bKey[4]{};

    unbase24((BYTE *)bKey, cdKey);

    // Extract segments from the bytecode and reverse the signature.
    unpackServer(bKey, pChannelID, pHash, pSignature, pAuthInfo);

    BYTE    msgDigest[SHA_DIGEST_LENGTH]{},
            msgBuffer[SHA_MSG_LENGTH_2003]{},
            xBin[FIELD_BYTES_2003]{},
            yBin[FIELD_BYTES_2003]{};

    // H = SHA-1(5D || OS Family || Hash || Prefix || 00 00)
    msgBuffer[0x00] = 0x5D;
    msgBuffer[0x01] = (pChannelID & 0x00FF);
    msgBuffer[0x02] = (pChannelID & 0xFF00) >> 8;
    msgBuffer[0x03] = (pHash & 0x000000FF);
    msgBuffer[0x04] = (pHash & 0x0000FF00) >> 8;
    msgBuffer[0x05] = (pHash & 0x00FF0000) >> 16;
    msgBuffer[0x06] = (pHash & 0xFF000000) >> 24;
    msgBuffer[0x07] = (pAuthInfo & 0x00FF);
    msgBuffer[0x08] = (pAuthInfo & 0xFF00) >> 8;
    msgBuffer[0x09] = 0x00;
    msgBuffer[0x0A] = 0x00;

    SHA1(msgBuffer, 11, msgDigest);

    QWORD newHash = (BYDWORD(&msgDigest[4]) >> 2 & BITMASK(30)) << 32 | BYDWORD(msgDigest);

    BIGNUM *x = BN_new();
    BIGNUM *y = BN_new();
    BIGNUM *s = BN_lebin2bn((BYTE *)pSignature, sizeof(pSignature), nullptr);
    BIGNUM *e = BN_lebin2bn((BYTE *)&newHash, sizeof(newHash), nullptr);

    EC_POINT *u = EC_POINT_new(eCurve);
    EC_POINT *v = EC_POINT_new(eCurve);

    // EC_POINT_mul calculates r = generator * n + q * m.
    // v = s * (s * generator + e * publicKey)

    // u = generator * s
    EC_POINT_mul(eCurve, u, nullptr, generator, s, context);

    // v = publicKey * e
    EC_POINT_mul(eCurve, v, nullptr, publicKey, e, context);

    // v += u
    EC_POINT_add(eCurve, v, u, v, context);

    // v *= s
    EC_POINT_mul(eCurve, v, nullptr, v, s, context);

    // EC_POINT_get_affine_coordinates() sets x and y, either of which may be nullptr, to the corresponding coordinates of p.
    // x = v.x; y = v.y;
    EC_POINT_get_affine_coordinates(eCurve, v, x, y, context);

    // Convert resulting point coordinates to bytes.
    BN_bn2lebin(x, xBin, FIELD_BYTES_2003);
    BN_bn2lebin(y, yBin, FIELD_BYTES_2003);

    // Assemble the SHA message.
    msgBuffer[0x00] = 0x79;
    msgBuffer[0x01] = (pChannelID & 0x00FF);
    msgBuffer[0x02] = (pChannelID & 0xFF00) >> 8;

    memcpy((void *)&msgBuffer[3], (void *)xBin, FIELD_BYTES_2003);
    memcpy((void *)&msgBuffer[3 + FIELD_BYTES_2003], (void *)yBin, FIELD_BYTES_2003);

    // Retrieve the message digest.
    SHA1(msgBuffer, SHA_MSG_LENGTH_2003, msgDigest);

    // Translate the byte digest into a 32-bit integer - this is our computed pHash.
    // Truncate the pHash to 28 bits.
    // Hash = First31(SHA-1(79 || OS Family || v.x || v.y))
    DWORD compHash = BYDWORD(msgDigest) & BITMASK(31);

    BN_free(s);
    BN_free(e);
    BN_free(x);
    BN_free(y);

    BN_CTX_free(context);

    EC_POINT_free(v);
    EC_POINT_free(u);

    // If we managed to generate a key with the same pHash, the key is correct.
    return compHash == pHash;
}

void generateServerKey(char *pKey, EC_GROUP *eCurve, EC_POINT *generator, BIGNUM *order, BIGNUM *privateKey, DWORD *osFamily, DWORD *prefix) {
    EC_POINT *r = EC_POINT_new(eCurve);
    BN_CTX *ctx = BN_CTX_new();

    DWORD bKey[4]{},
            bSig[2]{};

    do {
        BIGNUM *c = BN_new();
        BIGNUM *s = BN_new();
        BIGNUM *x = BN_new();
        BIGNUM *y = BN_new();
        BIGNUM *b = BN_new();

        DWORD hash = 0, h[2]{};

        memset(bKey, 0, 4);
        memset(bSig, 0, 2);

        // Generate a random number c consisting of 512 bits without any constraints.
        BN_rand(c, FIELD_BITS_2003, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY);

        // r = generator * c
        EC_POINT_mul(eCurve, r, nullptr, generator, c, ctx);

        // x = r.x; y = r.y;
        EC_POINT_get_affine_coordinates(eCurve, r, x, y, ctx);

        SHA_CTX hContext;
        BYTE md[SHA_DIGEST_LENGTH]{}, buf[FIELD_BYTES_2003]{};

        // Hash = SHA-1(79 || OS Family || r.x || r.y)
        SHA1_Init(&hContext);

        buf[0] = 0x79;

        buf[1] = (*osFamily & 0xff);
        buf[2] = (*osFamily & 0xff00) >> 8;

        SHA1_Update(&hContext, buf, 3);

        memset(buf, 0, FIELD_BYTES_2003);

        BN_bn2bin(x, buf);
        endian((BYTE *)buf, FIELD_BYTES_2003);
        SHA1_Update(&hContext, buf, FIELD_BYTES_2003);

        memset(buf, 0, FIELD_BYTES_2003);

        BN_bn2bin(y, buf);
        endian((BYTE *)buf, FIELD_BYTES_2003);

        SHA1_Update(&hContext, buf, FIELD_BYTES_2003);
        SHA1_Final(md, &hContext);

        hash = (md[0] | (md[1] << 8) | (md[2] << 16) | (md[3] << 24)) & 0x7fffffff;

        // H = SHA-1(5D || OS Family || Hash || Prefix || 00 00)
        SHA1_Init(&hContext);
        buf[0] = 0x5D;

        buf[1] = (*osFamily & 0xff);
        buf[2] = (*osFamily & 0xff00) >> 8;

        buf[3] = (hash & 0xff);
        buf[4] = (hash & 0xff00) >> 8;
        buf[5] = (hash & 0xff0000) >> 16;
        buf[6] = (hash & 0xff000000) >> 24;

        buf[7] = prefix[0] & 0xff;
        buf[8] = (prefix[0] & 0xff00) >> 8;

        buf[9] = 0x00;
        buf[10] = 0x00;

        // Input length is 11 BYTEs.
        SHA1_Update(&hContext, buf, 11);
        SHA1_Final(md, &hContext);

        // First word.
        h[0] = md[0] | (md[1] << 8) | (md[2] << 16) | (md[3] << 24);

        // Second word, right shift 2 bits.
        h[1] = (md[4] | (md[5] << 8) | (md[6] << 16) | (md[7] << 24)) >> 2;
        h[1] &= 0x3FFFFFFF;

        endian((BYTE *)h, 8);
        BN_bin2bn((BYTE *)h, 8, b);

        /*
         * Signature * (Signature * G + H * K) = rG (mod p)
         * ↓ K = kG ↓
         *
         * Signature * (Signature * G + H * k * G) = rG (mod p)
         * Signature^2 * G + Signature * HkG = rG (mod p)
         * G(Signature^2 + Signature * HkG) = G (mod p) * r
         * ↓ G^(-1)(G (mod p)) = (mod n), n = order of G ↓
         *
         * Signature^2 + Hk * Signature = r (mod n)
         * Signature = -(b +- sqrt(D)) / 2a → Signature = (-Hk +- sqrt((Hk)^2 + 4r)) / 2
         *
         * S = (-Hk +- sqrt((Hk)^2 + 4r)) (mod n) / 2
         *
         * S = s
         * H = b
         * k = privateKey
         * n = order
         * r = c
         *
         * s = ( ( -b * privateKey +- sqrt( (b * privateKey)^2 + 4c ) ) / 2 ) % order
         */

        // b = (b * privateKey) % order
        BN_mod_mul(b, b, privateKey, order, ctx);

        // s = b
        BN_copy(s, b);

        // s = (s % order)^2
        BN_mod_sqr(s, s, order, ctx);

        // c <<= 2 (c = 4c)
        BN_lshift(c, c, 2);

        // s = s + c
        BN_add(s, s, c);

        // s^2 = s % order (order must be prime)
        BN_mod_sqrt(s, s, order, ctx);

        // s = s - b
        BN_mod_sub(s, s, b, order, ctx);

        // if s is odd, s = s + order
        if (BN_is_odd(s)) {
            BN_add(s, s, order);
        }

        // s >>= 1 (s = s / 2)
        BN_rshift1(s, s);

        // Convert s from BigNum back to bytecode and reverse the endianness.
        BN_bn2bin(s, (BYTE *)bSig);
        endian((BYTE *)bSig, BN_num_bytes(s));

        // Pack product key.
        packServer(bKey, *osFamily, hash, bSig, *prefix);

        BN_free(c);
        BN_free(s);
        BN_free(x);
        BN_free(y);
        BN_free(b);
    } while (bSig[1] >= 0x40000000);

    base24(pKey, (BYTE *)bKey);

    BN_CTX_free(ctx);
    EC_POINT_free(r);
}

int main()
{
	BIGNUM *a, *b, *p, *gx, *gy, *pubx, *puby, *n, *priv;
	BN_CTX *ctx = BN_CTX_new();
	
	a = BN_new();
	b = BN_new();
	p = BN_new();
	gx = BN_new();
	gy = BN_new();
	pubx = BN_new();
	puby = BN_new();
	n = BN_new();
	priv = BN_new();

	/* Windows Sever 2003 VLK */
	BN_set_word(a, 1);
	BN_set_word(b, 0);
	BN_hex2bn(&p,    "C9AE7AED19F6A7E100AADE98134111AD8118E59B8264734327940064BC675A0C682E19C89695FBFA3A4653E47D47FD7592258C7E3C3C61BBEA07FE5A7E842379");
	BN_hex2bn(&gx,   "85ACEC9F9F9B456A78E43C3637DC88D21F977A9EC15E5225BD5060CE5B892F24FEDEE574BF5801F06BC232EEF2161074496613698D88FAC4B397CE3B475406A7");
	BN_hex2bn(&gy,   "66B7D1983F5D4FE43E8B4F1E28685DE0E22BBE6576A1A6B86C67533BF72FD3D082DBA281A556A16E593DB522942C8DD7120BA50C9413DF944E7258BDDF30B3C4");
	BN_hex2bn(&pubx, "90BF6BD980C536A8DB93B52AA9AEBA640BABF1D31BEC7AA345BB7510194A9B07379F552DA7B4A3EF81A9B87E0B85B5118E1E20A098641EE4CCF2045558C98C0E");
	BN_hex2bn(&puby, "6B87D1E658D03868362945CDD582E2CF33EE4BA06369E0EFE9E4851F6DCBEC7F15081E250D171EA0CC4CB06435BCFCFEA8F438C9766743A06CBD06E7EFB4C3AE");
	BN_hex2bn(&n,    "4CC5C56529F0237D"); // from mskey 4in1
	BN_hex2bn(&priv, "2606120F59C05118");
	
	
	EC_GROUP *ec = EC_GROUP_new_curve_GFp(p, a, b, ctx);
	EC_POINT *g = EC_POINT_new(ec);
	EC_POINT_set_affine_coordinates_GFp(ec, g, gx, gy, ctx);
	EC_POINT *pub = EC_POINT_new(ec);
	EC_POINT_set_affine_coordinates_GFp(ec, pub, pubx, puby, ctx);
	
	assert(EC_POINT_is_on_curve(ec, g, ctx) == 1);
	assert(EC_POINT_is_on_curve(ec, pub, ctx) == 1);

    char pkey[25];
    DWORD osfamily[1], prefix[1];
	
	osfamily[0] = 1280;
	RAND_bytes((BYTE *)prefix, 4);
	prefix[0] &= 0x3ff;
	
	do {
		generateServerKey(pkey, ec, g, n, priv, osfamily, prefix);
	} while (!verifyServerKey(ec, g, pub, pkey));
	
	print_product_key(pkey);
    std::cout << std::endl << std::endl;

	BN_CTX_free(ctx);
	
	return 0;
}
Complete rewrite of XP Algorithm (w/ comments). Now fully optimized and readable 2023-06-04 22:01:09 +03:00			`//`
			`// Created by Andrew on 01/06/2023.`
			`//`

Remove BINK.h dependency on header.h 2023-06-01 19:24:07 +03:00			`#include "header.h"`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00
Slight refactor, prepare for QWORD upgrade 2023-06-04 15:40:08 +03:00			`char pCharset[] = "BCDFGHJKMPQRTVWXY2346789";`
remove bink generation script add runtime json parsing add cmake.cpm update cmake to reflect this fix compilation errors ** breaks 2k3 key generation, work in progress 2023-06-01 20:55:36 +03:00
Fix pack functions 2023-06-04 23:39:02 +03:00			`void unpackServer(`
			`DWORD (&pRaw)[4],`
			`DWORD &pChannelID,`
			`DWORD &pHash,`
			`DWORD (&pSignature)[2],`
			`DWORD &pAuthInfo`
			`) {`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`// We're assuming that the quantity of information within the product key is at most 114 bits.`
			`// log2(24^25) = 114.`

			`// OS Family = Bits [0..10] -> 11 bits`
Fix pack functions 2023-06-04 23:39:02 +03:00			`pChannelID = pRaw[0] & 0x7ff;`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`// Hash = Bits [11..41] -> 31 bits`
Fix pack functions 2023-06-04 23:39:02 +03:00			`pHash = ((pRaw[0] >> 11) \| (pRaw[1] << 21)) & 0x7fffffff;`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`// Signature = Bits [42..103] -> 62 bits`
Fix pack functions 2023-06-04 23:39:02 +03:00			`pSignature[0] = (pRaw[1] >> 10) \| (pRaw[2] << 22);`
			`pSignature[1] = ((pRaw[2] >> 10) \| (pRaw[3] << 22)) & 0x3fffffff;`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`// Prefix = Bits [104..113] -> 10 bits`
Fix pack functions 2023-06-04 23:39:02 +03:00			`pAuthInfo = (pRaw[3] >> 8) & 0x3ff;`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00			`}`

Fix pack functions 2023-06-04 23:39:02 +03:00			`void packServer(`
			`DWORD (&pRaw)[4],`
			`DWORD pChannelID,`
			`DWORD pHash,`
			`DWORD (&pSignature)[2],`
			`DWORD pAuthInfo`
			`) {`
			`pRaw[0] = pChannelID \| (pHash << 11);`
			`pRaw[1] = (pHash >> 21) \| (pSignature[0] << 10);`
			`pRaw[2] = (pSignature[0] >> 22) \| (pSignature[1] << 10);`
			`pRaw[3] = (pSignature[1] >> 22) \| (pAuthInfo << 8);`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00			`}`


Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`bool verifyServerKey(EC_GROUP eCurve, EC_POINT generator, EC_POINT publicKey, char cdKey) {`
			`BN_CTX *context = BN_CTX_new();`
Fix datatypes to use platform independent values, Add command line switch scaffolding Allow users to chose which bink/channelid they'd like to generate with Add rudimentary help system, Sanitize user input 2023-06-02 07:25:43 +03:00
Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`// Convert Base24 CD-key to bytecode.`
QWORD upgrade 1/3 2023-06-05 00:52:10 +03:00			`DWORD pChannelID, pHash, pSignature[2], pAuthInfo;`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`DWORD bKey[4]{};`
Refactor, improved readability 2023-06-01 16:09:22 +03:00
fix server2k3 compile error 2023-06-04 22:26:58 +03:00			`unbase24((BYTE *)bKey, cdKey);`
Refactor, improved readability 2023-06-01 16:09:22 +03:00
Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`// Extract segments from the bytecode and reverse the signature.`
QWORD upgrade 1/3 2023-06-05 00:52:10 +03:00			`unpackServer(bKey, pChannelID, pHash, pSignature, pAuthInfo);`
Fix datatypes to use platform independent values, Add command line switch scaffolding Allow users to chose which bink/channelid they'd like to generate with Add rudimentary help system, Sanitize user input 2023-06-02 07:25:43 +03:00
QWORD upgrade 1/3 2023-06-05 00:52:10 +03:00			`BYTE msgDigest[SHA_DIGEST_LENGTH]{},`
			`msgBuffer[SHA_MSG_LENGTH_2003]{},`
			`xBin[FIELD_BYTES_2003]{},`
			`yBin[FIELD_BYTES_2003]{};`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`// H = SHA-1(5D \|\| OS Family \|\| Hash \|\| Prefix \|\| 00 00)`
QWORD upgrade 1/3 2023-06-05 00:52:10 +03:00			`msgBuffer[0x00] = 0x5D;`
			`msgBuffer[0x01] = (pChannelID & 0x00FF);`
			`msgBuffer[0x02] = (pChannelID & 0xFF00) >> 8;`
			`msgBuffer[0x03] = (pHash & 0x000000FF);`
			`msgBuffer[0x04] = (pHash & 0x0000FF00) >> 8;`
			`msgBuffer[0x05] = (pHash & 0x00FF0000) >> 16;`
			`msgBuffer[0x06] = (pHash & 0xFF000000) >> 24;`
			`msgBuffer[0x07] = (pAuthInfo & 0x00FF);`
			`msgBuffer[0x08] = (pAuthInfo & 0xFF00) >> 8;`
			`msgBuffer[0x09] = 0x00;`
			`msgBuffer[0x0A] = 0x00;`

			`SHA1(msgBuffer, 11, msgDigest);`

			`QWORD newHash = (BYDWORD(&msgDigest[4]) >> 2 & BITMASK(30)) << 32 \| BYDWORD(msgDigest);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`BIGNUM *x = BN_new();`
			`BIGNUM *y = BN_new();`
QWORD upgrade 1/3 2023-06-05 00:52:10 +03:00			`BIGNUM s = BN_lebin2bn((BYTE )pSignature, sizeof(pSignature), nullptr);`
			`BIGNUM e = BN_lebin2bn((BYTE )&newHash, sizeof(newHash), nullptr);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`EC_POINT *u = EC_POINT_new(eCurve);`
			`EC_POINT *v = EC_POINT_new(eCurve);`

			`// EC_POINT_mul calculates r = generator * n + q * m.`
			`// v = s * (s * generator + e * publicKey)`

			`// u = generator * s`
			`EC_POINT_mul(eCurve, u, nullptr, generator, s, context);`

			`// v = publicKey * e`
			`EC_POINT_mul(eCurve, v, nullptr, publicKey, e, context);`

			`// v += u`
			`EC_POINT_add(eCurve, v, u, v, context);`

			`// v *= s`
			`EC_POINT_mul(eCurve, v, nullptr, v, s, context);`

			`// EC_POINT_get_affine_coordinates() sets x and y, either of which may be nullptr, to the corresponding coordinates of p.`
			`// x = v.x; y = v.y;`
Verification procedure cleanup 2023-06-05 00:27:50 +03:00			`EC_POINT_get_affine_coordinates(eCurve, v, x, y, context);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
Verification procedure cleanup 2023-06-05 00:27:50 +03:00			`// Convert resulting point coordinates to bytes.`
			`BN_bn2lebin(x, xBin, FIELD_BYTES_2003);`
			`BN_bn2lebin(y, yBin, FIELD_BYTES_2003);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
Verification procedure cleanup 2023-06-05 00:27:50 +03:00			`// Assemble the SHA message.`
QWORD upgrade 1/3 2023-06-05 00:52:10 +03:00			`msgBuffer[0x00] = 0x79;`
			`msgBuffer[0x01] = (pChannelID & 0x00FF);`
			`msgBuffer[0x02] = (pChannelID & 0xFF00) >> 8;`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
Verification procedure cleanup 2023-06-05 00:27:50 +03:00			`memcpy((void )&msgBuffer[3], (void )xBin, FIELD_BYTES_2003);`
			`memcpy((void )&msgBuffer[3 + FIELD_BYTES_2003], (void )yBin, FIELD_BYTES_2003);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
Verification procedure cleanup 2023-06-05 00:27:50 +03:00			`// Retrieve the message digest.`
			`SHA1(msgBuffer, SHA_MSG_LENGTH_2003, msgDigest);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
QWORD upgrade 1/3 2023-06-05 00:52:10 +03:00			`// Translate the byte digest into a 32-bit integer - this is our computed pHash.`
			`// Truncate the pHash to 28 bits.`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`// Hash = First31(SHA-1(79 \|\| OS Family \|\| v.x \|\| v.y))`
Verification procedure cleanup 2023-06-05 00:27:50 +03:00			`DWORD compHash = BYDWORD(msgDigest) & BITMASK(31);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`BN_free(s);`
			`BN_free(e);`
			`BN_free(x);`
			`BN_free(y);`

			`BN_CTX_free(context);`

			`EC_POINT_free(v);`
			`EC_POINT_free(u);`

QWORD upgrade 1/3 2023-06-05 00:52:10 +03:00			`// If we managed to generate a key with the same pHash, the key is correct.`
			`return compHash == pHash;`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00			`}`

Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`void generateServerKey(char pKey, EC_GROUP eCurve, EC_POINT generator, BIGNUM order, BIGNUM privateKey, DWORD osFamily, DWORD *prefix) {`
			`EC_POINT *r = EC_POINT_new(eCurve);`
			`BN_CTX *ctx = BN_CTX_new();`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00
Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`DWORD bKey[4]{},`
			`bSig[2]{};`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00
Server Algorithm uplift 2023-06-02 17:13:57 +03:00			`do {`
			`BIGNUM *c = BN_new();`
			`BIGNUM *s = BN_new();`
			`BIGNUM *x = BN_new();`
			`BIGNUM *y = BN_new();`
			`BIGNUM *b = BN_new();`

			`DWORD hash = 0, h[2]{};`

			`memset(bKey, 0, 4);`
			`memset(bSig, 0, 2);`

			`// Generate a random number c consisting of 512 bits without any constraints.`
			`BN_rand(c, FIELD_BITS_2003, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY);`

			`// r = generator * c`
			`EC_POINT_mul(eCurve, r, nullptr, generator, c, ctx);`

			`// x = r.x; y = r.y;`
			`EC_POINT_get_affine_coordinates(eCurve, r, x, y, ctx);`

			`SHA_CTX hContext;`
			`BYTE md[SHA_DIGEST_LENGTH]{}, buf[FIELD_BYTES_2003]{};`

			`// Hash = SHA-1(79 \|\| OS Family \|\| r.x \|\| r.y)`
			`SHA1_Init(&hContext);`

			`buf[0] = 0x79;`

			`buf[1] = (*osFamily & 0xff);`
			`buf[2] = (*osFamily & 0xff00) >> 8;`

			`SHA1_Update(&hContext, buf, 3);`

			`memset(buf, 0, FIELD_BYTES_2003);`

			`BN_bn2bin(x, buf);`
			`endian((BYTE *)buf, FIELD_BYTES_2003);`
			`SHA1_Update(&hContext, buf, FIELD_BYTES_2003);`

			`memset(buf, 0, FIELD_BYTES_2003);`

			`BN_bn2bin(y, buf);`
			`endian((BYTE *)buf, FIELD_BYTES_2003);`

			`SHA1_Update(&hContext, buf, FIELD_BYTES_2003);`
			`SHA1_Final(md, &hContext);`

			`hash = (md[0] \| (md[1] << 8) \| (md[2] << 16) \| (md[3] << 24)) & 0x7fffffff;`

			`// H = SHA-1(5D \|\| OS Family \|\| Hash \|\| Prefix \|\| 00 00)`
			`SHA1_Init(&hContext);`
			`buf[0] = 0x5D;`

			`buf[1] = (*osFamily & 0xff);`
			`buf[2] = (*osFamily & 0xff00) >> 8;`

			`buf[3] = (hash & 0xff);`
			`buf[4] = (hash & 0xff00) >> 8;`
			`buf[5] = (hash & 0xff0000) >> 16;`
			`buf[6] = (hash & 0xff000000) >> 24;`

			`buf[7] = prefix[0] & 0xff;`
			`buf[8] = (prefix[0] & 0xff00) >> 8;`

			`buf[9] = 0x00;`
			`buf[10] = 0x00;`

			`// Input length is 11 BYTEs.`
			`SHA1_Update(&hContext, buf, 11);`
			`SHA1_Final(md, &hContext);`

			`// First word.`
			`h[0] = md[0] \| (md[1] << 8) \| (md[2] << 16) \| (md[3] << 24);`

			`// Second word, right shift 2 bits.`
			`h[1] = (md[4] \| (md[5] << 8) \| (md[6] << 16) \| (md[7] << 24)) >> 2;`
			`h[1] &= 0x3FFFFFFF;`

			`endian((BYTE *)h, 8);`
			`BN_bin2bn((BYTE *)h, 8, b);`

			`/*`
			`* Signature * (Signature * G + H * K) = rG (mod p)`
			`* ↓ K = kG ↓`
			`*`
			`* Signature * (Signature * G + H * k * G) = rG (mod p)`
			`* Signature^2 * G + Signature * HkG = rG (mod p)`
			`* G(Signature^2 + Signature * HkG) = G (mod p) * r`
			`* ↓ G^(-1)(G (mod p)) = (mod n), n = order of G ↓`
			`*`
			`* Signature^2 + Hk * Signature = r (mod n)`
			`* Signature = -(b +- sqrt(D)) / 2a → Signature = (-Hk +- sqrt((Hk)^2 + 4r)) / 2`
			`*`
			`* S = (-Hk +- sqrt((Hk)^2 + 4r)) (mod n) / 2`
			`*`
			`* S = s`
			`* H = b`
			`* k = privateKey`
			`* n = order`
			`* r = c`
			`*`
			`* s = ( ( -b * privateKey +- sqrt( (b * privateKey)^2 + 4c ) ) / 2 ) % order`
			`*/`

			`// b = (b * privateKey) % order`
			`BN_mod_mul(b, b, privateKey, order, ctx);`

			`// s = b`
			`BN_copy(s, b);`

			`// s = (s % order)^2`
			`BN_mod_sqr(s, s, order, ctx);`

			`// c <<= 2 (c = 4c)`
			`BN_lshift(c, c, 2);`

			`// s = s + c`
			`BN_add(s, s, c);`

			`// s^2 = s % order (order must be prime)`
			`BN_mod_sqrt(s, s, order, ctx);`

			`// s = s - b`
			`BN_mod_sub(s, s, b, order, ctx);`

			`// if s is odd, s = s + order`
			`if (BN_is_odd(s)) {`
			`BN_add(s, s, order);`
			`}`

			`// s >>= 1 (s = s / 2)`
			`BN_rshift1(s, s);`

			`// Convert s from BigNum back to bytecode and reverse the endianness.`
			`BN_bn2bin(s, (BYTE *)bSig);`
			`endian((BYTE *)bSig, BN_num_bytes(s));`

			`// Pack product key.`
Fix pack functions 2023-06-04 23:39:02 +03:00			`packServer(bKey, osFamily, hash, bSig, prefix);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`BN_free(c);`
			`BN_free(s);`
			`BN_free(x);`
			`BN_free(y);`
			`BN_free(b);`
			`} while (bSig[1] >= 0x40000000);`

fix server2k3 compile error 2023-06-04 22:26:58 +03:00			`base24(pKey, (BYTE *)bKey);`
Server Algorithm uplift 2023-06-02 17:13:57 +03:00
			`BN_CTX_free(ctx);`
			`EC_POINT_free(r);`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00			`}`

Update CMakeLists.txt (Refactor) 2023-06-01 18:56:26 +03:00			`int main()`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00			`{`
			`BIGNUM a, b, p, gx, gy, pubx, puby, n, *priv;`
			`BN_CTX *ctx = BN_CTX_new();`

			`a = BN_new();`
			`b = BN_new();`
			`p = BN_new();`
			`gx = BN_new();`
			`gy = BN_new();`
			`pubx = BN_new();`
			`puby = BN_new();`
			`n = BN_new();`
			`priv = BN_new();`

			`/* Windows Sever 2003 VLK */`
			`BN_set_word(a, 1);`
			`BN_set_word(b, 0);`
			`BN_hex2bn(&p, "C9AE7AED19F6A7E100AADE98134111AD8118E59B8264734327940064BC675A0C682E19C89695FBFA3A4653E47D47FD7592258C7E3C3C61BBEA07FE5A7E842379");`
			`BN_hex2bn(&gx, "85ACEC9F9F9B456A78E43C3637DC88D21F977A9EC15E5225BD5060CE5B892F24FEDEE574BF5801F06BC232EEF2161074496613698D88FAC4B397CE3B475406A7");`
			`BN_hex2bn(&gy, "66B7D1983F5D4FE43E8B4F1E28685DE0E22BBE6576A1A6B86C67533BF72FD3D082DBA281A556A16E593DB522942C8DD7120BA50C9413DF944E7258BDDF30B3C4");`
			`BN_hex2bn(&pubx, "90BF6BD980C536A8DB93B52AA9AEBA640BABF1D31BEC7AA345BB7510194A9B07379F552DA7B4A3EF81A9B87E0B85B5118E1E20A098641EE4CCF2045558C98C0E");`
			`BN_hex2bn(&puby, "6B87D1E658D03868362945CDD582E2CF33EE4BA06369E0EFE9E4851F6DCBEC7F15081E250D171EA0CC4CB06435BCFCFEA8F438C9766743A06CBD06E7EFB4C3AE");`
			`BN_hex2bn(&n, "4CC5C56529F0237D"); // from mskey 4in1`
			`BN_hex2bn(&priv, "2606120F59C05118");`


			`EC_GROUP *ec = EC_GROUP_new_curve_GFp(p, a, b, ctx);`
			`EC_POINT *g = EC_POINT_new(ec);`
			`EC_POINT_set_affine_coordinates_GFp(ec, g, gx, gy, ctx);`
			`EC_POINT *pub = EC_POINT_new(ec);`
			`EC_POINT_set_affine_coordinates_GFp(ec, pub, pubx, puby, ctx);`

			`assert(EC_POINT_is_on_curve(ec, g, ctx) == 1);`
			`assert(EC_POINT_is_on_curve(ec, pub, ctx) == 1);`
Fix datatypes to use platform independent values, Add command line switch scaffolding Allow users to chose which bink/channelid they'd like to generate with Add rudimentary help system, Sanitize user input 2023-06-02 07:25:43 +03:00
			`char pkey[25];`
Data type consistency uplift 2023-06-04 13:31:24 +03:00			`DWORD osfamily[1], prefix[1];`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00
			`osfamily[0] = 1280;`
Data type consistency uplift 2023-06-04 13:31:24 +03:00			`RAND_bytes((BYTE *)prefix, 4);`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00			`prefix[0] &= 0x3ff;`
Add BN_mod_sqrt() check outside of generation 2023-05-28 20:44:25 +03:00
			`do {`
add confirmation ID generator, fix server.cpp (#14) * add confirmation ID generator, fix server.cpp * made an oopsie * Update README.md * Remove unused platform-dependent code 2023-06-03 17:14:11 +03:00			`generateServerKey(pkey, ec, g, n, priv, osfamily, prefix);`
			`} while (!verifyServerKey(ec, g, pub, pkey));`
Add BN_mod_sqrt() check outside of generation 2023-05-28 20:44:25 +03:00
Fix datatypes to use platform independent values, Add command line switch scaffolding Allow users to chose which bink/channelid they'd like to generate with Add rudimentary help system, Sanitize user input 2023-06-02 07:25:43 +03:00			`print_product_key(pkey);`
			`std::cout << std::endl << std::endl;`
Create Srv2003KGmain.cpp Same as XP keygen, but code modified to adapt to server 2003 key system. 2019-08-21 21:26:59 +03:00
			`BN_CTX_free(ctx);`

			`return 0;`
			`}`