2023-06-04 22:01:09 +03:00
|
|
|
//
|
|
|
|
// Created by Andrew on 01/06/2023.
|
|
|
|
//
|
|
|
|
|
2023-06-01 19:24:07 +03:00
|
|
|
#include "header.h"
|
2019-08-21 21:26:59 +03:00
|
|
|
|
2023-06-05 18:25:46 +03:00
|
|
|
/* Unpacks the Windows XP-like Product Key. */
|
2023-06-04 23:39:02 +03:00
|
|
|
void unpackServer(
|
2023-06-05 18:25:46 +03:00
|
|
|
QWORD (&pRaw)[2],
|
2023-06-04 23:39:02 +03:00
|
|
|
DWORD &pChannelID,
|
|
|
|
DWORD &pHash,
|
2023-06-05 01:24:20 +03:00
|
|
|
QWORD &pSignature,
|
2023-06-04 23:39:02 +03:00
|
|
|
DWORD &pAuthInfo
|
|
|
|
) {
|
2023-06-02 17:13:57 +03:00
|
|
|
// We're assuming that the quantity of information within the product key is at most 114 bits.
|
|
|
|
// log2(24^25) = 114.
|
|
|
|
|
2023-06-05 18:25:46 +03:00
|
|
|
// Channel ID = Bits [0..10] -> 11 bits
|
|
|
|
pChannelID = FIRSTNBITS(pRaw[0], 11);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// Hash = Bits [11..41] -> 31 bits
|
2023-06-05 18:25:46 +03:00
|
|
|
pHash = NEXTSNBITS(pRaw[0], 31, 11);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// Signature = Bits [42..103] -> 62 bits
|
2023-06-05 18:25:46 +03:00
|
|
|
// The quad-word signature overlaps AuthInfo in bits 104 and 105,
|
|
|
|
// hence Microsoft employs a secret technique called: Signature = HIDWORD(Signature) >> 2 | LODWORD(Signature)
|
|
|
|
pSignature = NEXTSNBITS(pRaw[1], 30, 10) << 32 | FIRSTNBITS(pRaw[1], 10) << 22 | NEXTSNBITS(pRaw[0], 22, 42);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 18:25:46 +03:00
|
|
|
// AuthInfo = Bits [104..113] -> 10 bits
|
|
|
|
pAuthInfo = NEXTSNBITS(pRaw[1], 10, 40);
|
2019-08-21 21:26:59 +03:00
|
|
|
}
|
|
|
|
|
2023-06-04 23:39:02 +03:00
|
|
|
void packServer(
|
2023-06-05 18:25:46 +03:00
|
|
|
QWORD (&pRaw)[2],
|
2023-06-04 23:39:02 +03:00
|
|
|
DWORD pChannelID,
|
|
|
|
DWORD pHash,
|
2023-06-05 01:24:20 +03:00
|
|
|
QWORD &pSignature,
|
2023-06-04 23:39:02 +03:00
|
|
|
DWORD pAuthInfo
|
|
|
|
) {
|
2023-06-05 18:25:46 +03:00
|
|
|
// AuthInfo [113..104] <- Signature [103..42] <- Hash [41..11] <- Channel ID [10..1] <- Upgrade [0]
|
|
|
|
pRaw[0] = FIRSTNBITS(pSignature, 22) << 42 | (QWORD)pHash << 11 | pChannelID;
|
|
|
|
pRaw[1] = FIRSTNBITS(pAuthInfo, 10) << 40 | NEXTSNBITS(pSignature, 40, 22);
|
2019-08-21 21:26:59 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2023-06-05 12:13:15 +03:00
|
|
|
bool verifyServerKey(
|
|
|
|
EC_GROUP *eCurve,
|
|
|
|
EC_POINT *basePoint,
|
|
|
|
EC_POINT *publicKey,
|
|
|
|
char (&cdKey)[25]
|
|
|
|
) {
|
2023-06-02 17:13:57 +03:00
|
|
|
BN_CTX *context = BN_CTX_new();
|
2023-06-02 07:25:43 +03:00
|
|
|
|
2023-06-02 17:13:57 +03:00
|
|
|
// Convert Base24 CD-key to bytecode.
|
2023-06-05 01:24:20 +03:00
|
|
|
DWORD pChannelID, pHash, pAuthInfo;
|
2023-06-05 18:25:46 +03:00
|
|
|
QWORD bKey[2]{};
|
2023-06-01 16:09:22 +03:00
|
|
|
|
2023-06-05 01:24:20 +03:00
|
|
|
QWORD pSignature = 0;
|
|
|
|
|
2023-06-04 22:26:58 +03:00
|
|
|
unbase24((BYTE *)bKey, cdKey);
|
2023-06-01 16:09:22 +03:00
|
|
|
|
2023-06-02 17:13:57 +03:00
|
|
|
// Extract segments from the bytecode and reverse the signature.
|
2023-06-05 00:52:10 +03:00
|
|
|
unpackServer(bKey, pChannelID, pHash, pSignature, pAuthInfo);
|
2023-06-02 07:25:43 +03:00
|
|
|
|
2023-06-07 01:04:39 +03:00
|
|
|
if (options.verbose) {
|
|
|
|
fmt::print("Validation results:\n");
|
|
|
|
fmt::print(" Serial: 0x{:08x}\n", pChannelID);
|
|
|
|
fmt::print(" Hash: 0x{:08x}\n", pHash);
|
|
|
|
fmt::print(" Signature: 0x{:08x}\n", pSignature);
|
|
|
|
fmt::print(" AuthInfo: 0x{:08x}\n", pAuthInfo);
|
|
|
|
fmt::print("\n");
|
|
|
|
}
|
2023-06-05 18:25:46 +03:00
|
|
|
|
2023-06-05 00:52:10 +03:00
|
|
|
BYTE msgDigest[SHA_DIGEST_LENGTH]{},
|
|
|
|
msgBuffer[SHA_MSG_LENGTH_2003]{},
|
|
|
|
xBin[FIELD_BYTES_2003]{},
|
|
|
|
yBin[FIELD_BYTES_2003]{};
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// H = SHA-1(5D || OS Family || Hash || Prefix || 00 00)
|
2023-06-05 00:52:10 +03:00
|
|
|
msgBuffer[0x00] = 0x5D;
|
|
|
|
msgBuffer[0x01] = (pChannelID & 0x00FF);
|
|
|
|
msgBuffer[0x02] = (pChannelID & 0xFF00) >> 8;
|
|
|
|
msgBuffer[0x03] = (pHash & 0x000000FF);
|
|
|
|
msgBuffer[0x04] = (pHash & 0x0000FF00) >> 8;
|
|
|
|
msgBuffer[0x05] = (pHash & 0x00FF0000) >> 16;
|
|
|
|
msgBuffer[0x06] = (pHash & 0xFF000000) >> 24;
|
|
|
|
msgBuffer[0x07] = (pAuthInfo & 0x00FF);
|
|
|
|
msgBuffer[0x08] = (pAuthInfo & 0xFF00) >> 8;
|
|
|
|
msgBuffer[0x09] = 0x00;
|
|
|
|
msgBuffer[0x0A] = 0x00;
|
|
|
|
|
|
|
|
SHA1(msgBuffer, 11, msgDigest);
|
|
|
|
|
2023-06-05 18:25:46 +03:00
|
|
|
QWORD newHash = NEXTSNBITS(BYDWORD(&msgDigest[4]), 30, 2) << 32 | BYDWORD(msgDigest);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
BIGNUM *x = BN_new();
|
|
|
|
BIGNUM *y = BN_new();
|
2023-06-05 01:24:20 +03:00
|
|
|
BIGNUM *s = BN_lebin2bn((BYTE *)&pSignature, sizeof(pSignature), nullptr);
|
2023-06-05 15:26:51 +03:00
|
|
|
BIGNUM *e = BN_lebin2bn((BYTE *)&newHash, sizeof(newHash), nullptr);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
EC_POINT *u = EC_POINT_new(eCurve);
|
|
|
|
EC_POINT *v = EC_POINT_new(eCurve);
|
|
|
|
|
2023-06-05 12:13:15 +03:00
|
|
|
// EC_POINT_mul calculates r = basePoint * n + q * m.
|
|
|
|
// v = s * (s * basePoint + e * publicKey)
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 12:13:15 +03:00
|
|
|
// u = basePoint * s
|
|
|
|
EC_POINT_mul(eCurve, u, nullptr, basePoint, s, context);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// v = publicKey * e
|
|
|
|
EC_POINT_mul(eCurve, v, nullptr, publicKey, e, context);
|
|
|
|
|
|
|
|
// v += u
|
|
|
|
EC_POINT_add(eCurve, v, u, v, context);
|
|
|
|
|
|
|
|
// v *= s
|
|
|
|
EC_POINT_mul(eCurve, v, nullptr, v, s, context);
|
|
|
|
|
|
|
|
// EC_POINT_get_affine_coordinates() sets x and y, either of which may be nullptr, to the corresponding coordinates of p.
|
|
|
|
// x = v.x; y = v.y;
|
2023-06-05 00:27:50 +03:00
|
|
|
EC_POINT_get_affine_coordinates(eCurve, v, x, y, context);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 00:27:50 +03:00
|
|
|
// Convert resulting point coordinates to bytes.
|
|
|
|
BN_bn2lebin(x, xBin, FIELD_BYTES_2003);
|
|
|
|
BN_bn2lebin(y, yBin, FIELD_BYTES_2003);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 00:27:50 +03:00
|
|
|
// Assemble the SHA message.
|
2023-06-05 00:52:10 +03:00
|
|
|
msgBuffer[0x00] = 0x79;
|
|
|
|
msgBuffer[0x01] = (pChannelID & 0x00FF);
|
|
|
|
msgBuffer[0x02] = (pChannelID & 0xFF00) >> 8;
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 00:27:50 +03:00
|
|
|
memcpy((void *)&msgBuffer[3], (void *)xBin, FIELD_BYTES_2003);
|
|
|
|
memcpy((void *)&msgBuffer[3 + FIELD_BYTES_2003], (void *)yBin, FIELD_BYTES_2003);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 00:27:50 +03:00
|
|
|
// Retrieve the message digest.
|
|
|
|
SHA1(msgBuffer, SHA_MSG_LENGTH_2003, msgDigest);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 00:52:10 +03:00
|
|
|
// Translate the byte digest into a 32-bit integer - this is our computed pHash.
|
|
|
|
// Truncate the pHash to 28 bits.
|
2023-06-02 17:13:57 +03:00
|
|
|
// Hash = First31(SHA-1(79 || OS Family || v.x || v.y))
|
2023-06-05 00:27:50 +03:00
|
|
|
DWORD compHash = BYDWORD(msgDigest) & BITMASK(31);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
BN_free(s);
|
|
|
|
BN_free(e);
|
|
|
|
BN_free(x);
|
|
|
|
BN_free(y);
|
|
|
|
|
|
|
|
BN_CTX_free(context);
|
|
|
|
|
|
|
|
EC_POINT_free(v);
|
|
|
|
EC_POINT_free(u);
|
|
|
|
|
2023-06-05 00:52:10 +03:00
|
|
|
// If we managed to generate a key with the same pHash, the key is correct.
|
|
|
|
return compHash == pHash;
|
2019-08-21 21:26:59 +03:00
|
|
|
}
|
|
|
|
|
2023-06-05 12:13:15 +03:00
|
|
|
void generateServerKey(
|
|
|
|
EC_GROUP *eCurve,
|
|
|
|
EC_POINT *basePoint,
|
|
|
|
BIGNUM *genOrder,
|
|
|
|
BIGNUM *privateKey,
|
|
|
|
DWORD pChannelID,
|
|
|
|
DWORD pAuthInfo,
|
|
|
|
char (&pKey)[25]
|
|
|
|
) {
|
2023-06-05 16:07:37 +03:00
|
|
|
BN_CTX *numContext = BN_CTX_new();
|
2019-08-21 21:26:59 +03:00
|
|
|
|
2023-06-05 15:26:51 +03:00
|
|
|
BIGNUM *c = BN_new();
|
|
|
|
BIGNUM *s = BN_new();
|
|
|
|
BIGNUM *x = BN_new();
|
|
|
|
BIGNUM *y = BN_new();
|
2023-06-05 16:07:37 +03:00
|
|
|
BIGNUM *e = BN_new();
|
|
|
|
|
2023-06-05 18:25:46 +03:00
|
|
|
QWORD pRaw[2]{};
|
2023-06-05 16:07:37 +03:00
|
|
|
BOOL wrong = false;
|
|
|
|
QWORD pSignature = 0;
|
2023-06-05 15:26:51 +03:00
|
|
|
|
2023-06-02 17:13:57 +03:00
|
|
|
do {
|
2023-06-05 16:07:37 +03:00
|
|
|
EC_POINT *r = EC_POINT_new(eCurve);
|
|
|
|
|
2023-06-05 14:17:26 +03:00
|
|
|
wrong = false;
|
|
|
|
|
2023-06-05 18:25:46 +03:00
|
|
|
QWORD sig = 0;
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// Generate a random number c consisting of 512 bits without any constraints.
|
|
|
|
BN_rand(c, FIELD_BITS_2003, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY);
|
|
|
|
|
2023-06-05 12:13:15 +03:00
|
|
|
// r = basePoint * c
|
2023-06-05 16:07:37 +03:00
|
|
|
EC_POINT_mul(eCurve, r, nullptr, basePoint, c, numContext);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// x = r.x; y = r.y;
|
2023-06-05 16:07:37 +03:00
|
|
|
EC_POINT_get_affine_coordinates(eCurve, r, x, y, numContext);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 15:26:51 +03:00
|
|
|
BYTE msgDigest[SHA_DIGEST_LENGTH]{},
|
|
|
|
msgBuffer[SHA_MSG_LENGTH_2003]{},
|
|
|
|
xBin[FIELD_BYTES_2003]{},
|
|
|
|
yBin[FIELD_BYTES_2003]{};
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 15:26:51 +03:00
|
|
|
// Convert resulting point coordinates to bytes.
|
|
|
|
BN_bn2lebin(x, xBin, FIELD_BYTES_2003);
|
|
|
|
BN_bn2lebin(y, yBin, FIELD_BYTES_2003);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 15:26:51 +03:00
|
|
|
// Assemble the SHA message.
|
|
|
|
// Hash = SHA-1(79 || OS Family || r.x || r.y)
|
|
|
|
msgBuffer[0x00] = 0x79;
|
|
|
|
msgBuffer[0x01] = (pChannelID & 0x00FF);
|
|
|
|
msgBuffer[0x02] = (pChannelID & 0xFF00) >> 8;
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 15:26:51 +03:00
|
|
|
memcpy((void *)&msgBuffer[3], (void *)xBin, FIELD_BYTES_2003);
|
|
|
|
memcpy((void *)&msgBuffer[3 + FIELD_BYTES_2003], (void *)yBin, FIELD_BYTES_2003);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 15:26:51 +03:00
|
|
|
// Retrieve the message digest.
|
|
|
|
SHA1(msgBuffer, SHA_MSG_LENGTH_2003, msgDigest);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 18:25:46 +03:00
|
|
|
DWORD hash = BYDWORD(msgDigest) & BITMASK(31);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// H = SHA-1(5D || OS Family || Hash || Prefix || 00 00)
|
2023-06-05 15:26:51 +03:00
|
|
|
msgBuffer[0x00] = 0x5D;
|
|
|
|
msgBuffer[0x01] = (pChannelID & 0x00FF);
|
|
|
|
msgBuffer[0x02] = (pChannelID & 0xFF00) >> 8;
|
|
|
|
msgBuffer[0x03] = (hash & 0x000000FF);
|
|
|
|
msgBuffer[0x04] = (hash & 0x0000FF00) >> 8;
|
|
|
|
msgBuffer[0x05] = (hash & 0x00FF0000) >> 16;
|
|
|
|
msgBuffer[0x06] = (hash & 0xFF000000) >> 24;
|
|
|
|
msgBuffer[0x07] = (pAuthInfo & 0x00FF);
|
|
|
|
msgBuffer[0x08] = (pAuthInfo & 0xFF00) >> 8;
|
|
|
|
msgBuffer[0x09] = 0x00;
|
|
|
|
msgBuffer[0x0A] = 0x00;
|
|
|
|
|
|
|
|
SHA1(msgBuffer, 11, msgDigest);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// First word.
|
2023-06-05 18:25:46 +03:00
|
|
|
sig = NEXTSNBITS(BYDWORD(&msgDigest[4]), 30, 2) << 32 | BYDWORD(msgDigest);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 18:25:46 +03:00
|
|
|
BN_lebin2bn((BYTE *)&sig, sizeof(sig), e);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Signature * (Signature * G + H * K) = rG (mod p)
|
|
|
|
* ↓ K = kG ↓
|
|
|
|
*
|
|
|
|
* Signature * (Signature * G + H * k * G) = rG (mod p)
|
|
|
|
* Signature^2 * G + Signature * HkG = rG (mod p)
|
|
|
|
* G(Signature^2 + Signature * HkG) = G (mod p) * r
|
2023-06-05 12:13:15 +03:00
|
|
|
* ↓ G^(-1)(G (mod p)) = (mod n), n = genOrder of G ↓
|
2023-06-02 17:13:57 +03:00
|
|
|
*
|
|
|
|
* Signature^2 + Hk * Signature = r (mod n)
|
2023-06-05 16:07:37 +03:00
|
|
|
* Signature = -(e +- sqrt(D)) / 2a → Signature = (-Hk +- sqrt((Hk)^2 + 4r)) / 2
|
2023-06-02 17:13:57 +03:00
|
|
|
*
|
|
|
|
* S = (-Hk +- sqrt((Hk)^2 + 4r)) (mod n) / 2
|
|
|
|
*
|
|
|
|
* S = s
|
2023-06-05 16:07:37 +03:00
|
|
|
* H = e
|
2023-06-02 17:13:57 +03:00
|
|
|
* k = privateKey
|
2023-06-05 12:13:15 +03:00
|
|
|
* n = genOrder
|
2023-06-02 17:13:57 +03:00
|
|
|
* r = c
|
|
|
|
*
|
2023-06-05 16:07:37 +03:00
|
|
|
* s = ( ( -e * privateKey +- sqrt( (e * privateKey)^2 + 4c ) ) / 2 ) % genOrder
|
2023-06-02 17:13:57 +03:00
|
|
|
*/
|
|
|
|
|
2023-06-05 16:07:37 +03:00
|
|
|
// e = (e * privateKey) % genOrder
|
|
|
|
BN_mod_mul(e, e, privateKey, genOrder, numContext);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 16:07:37 +03:00
|
|
|
// s = e
|
|
|
|
BN_copy(s, e);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 12:13:15 +03:00
|
|
|
// s = (s % genOrder)^2
|
2023-06-05 16:07:37 +03:00
|
|
|
BN_mod_sqr(s, s, genOrder, numContext);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// c <<= 2 (c = 4c)
|
|
|
|
BN_lshift(c, c, 2);
|
|
|
|
|
|
|
|
// s = s + c
|
|
|
|
BN_add(s, s, c);
|
|
|
|
|
2023-06-05 12:13:15 +03:00
|
|
|
// s^2 = s % genOrder (genOrder must be prime)
|
2023-06-05 16:07:37 +03:00
|
|
|
if (BN_mod_sqrt(s, s, genOrder, numContext) == nullptr) wrong = true;
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 16:07:37 +03:00
|
|
|
// s = s - e
|
|
|
|
BN_mod_sub(s, s, e, genOrder, numContext);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-05 12:13:15 +03:00
|
|
|
// if s is odd, s = s + genOrder
|
2023-06-02 17:13:57 +03:00
|
|
|
if (BN_is_odd(s)) {
|
2023-06-05 12:13:15 +03:00
|
|
|
BN_add(s, s, genOrder);
|
2023-06-02 17:13:57 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
// s >>= 1 (s = s / 2)
|
|
|
|
BN_rshift1(s, s);
|
|
|
|
|
|
|
|
// Convert s from BigNum back to bytecode and reverse the endianness.
|
2023-06-05 12:29:54 +03:00
|
|
|
BN_bn2lebinpad(s, (BYTE *)&pSignature, BN_num_bytes(s));
|
2023-06-02 17:13:57 +03:00
|
|
|
|
|
|
|
// Pack product key.
|
2023-06-05 16:07:37 +03:00
|
|
|
packServer(pRaw, pChannelID, hash, pSignature, pAuthInfo);
|
|
|
|
|
2023-06-07 01:04:39 +03:00
|
|
|
if (options.verbose) {
|
|
|
|
fmt::print("Generation results:\n");
|
|
|
|
fmt::print(" Serial: 0x{:08x}\n", pChannelID);
|
|
|
|
fmt::print(" Hash: 0x{:08x}\n", hash);
|
|
|
|
fmt::print(" Signature: 0x{:08x}\n", pSignature);
|
|
|
|
fmt::print(" AuthInfo: 0x{:08x}\n", pAuthInfo);
|
|
|
|
fmt::print("\n");
|
|
|
|
}
|
2023-06-05 18:25:46 +03:00
|
|
|
|
2023-06-05 16:07:37 +03:00
|
|
|
EC_POINT_free(r);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-07 01:04:39 +03:00
|
|
|
DWORD chkChannelID, chkHash, chkAuthInfo;
|
|
|
|
QWORD chkSignature;
|
|
|
|
|
|
|
|
unpackServer(pRaw, chkChannelID, chkHash, chkSignature, chkAuthInfo);
|
2023-06-02 17:13:57 +03:00
|
|
|
|
2023-06-07 01:04:39 +03:00
|
|
|
if (chkHash != hash || chkSignature != pSignature) {
|
|
|
|
wrong = true;
|
|
|
|
}
|
|
|
|
} while ((HIBYTES(pSignature, sizeof(DWORD)) >= 0x40000000) || wrong);
|
|
|
|
|
|
|
|
base24(pKey, (BYTE *)pRaw);
|
2023-06-05 12:29:54 +03:00
|
|
|
|
2023-06-05 15:26:51 +03:00
|
|
|
BN_free(c);
|
|
|
|
BN_free(s);
|
|
|
|
BN_free(x);
|
|
|
|
BN_free(y);
|
2023-06-05 16:07:37 +03:00
|
|
|
BN_free(e);
|
2023-06-05 15:26:51 +03:00
|
|
|
|
2023-06-05 16:07:37 +03:00
|
|
|
BN_CTX_free(numContext);
|
2023-06-07 01:04:39 +03:00
|
|
|
}
|