diff --git a/main.cpp b/main.cpp index f5e8043..22a250c 100644 --- a/main.cpp +++ b/main.cpp @@ -1,557 +1,367 @@ +/* + Windows XP CD Key Verification/Generator v0.03 + by z22 + + Compile with OpenSSL libs, modify to suit your needs. + http://www.slproweb.com/download/Win32OpenSSL-v0.9.8b.exe + + History: + 0.03 Stack corruptionerror on exit fixed (now pkey is large enough) + More Comments added + 0.02 Changed name the *.cpp; + Fixed minor bugs & Make it compilable on VC++ + 0.01 First version compilable MingW + + +*/ + #include - #include - #include - #include - #include - #include + #define FIELD_BITS 384 - #define FIELD_BYTES 48 - unsigned char cset[] = "BCDFGHJKMPQRTVWXY2346789"; + static void unpack(unsigned long *pid, unsigned long *hash, unsigned long *sig, unsigned long *raw) - { - -// pid = Bit 0..30 - -pid[0] = raw[0] & 0x7fffffff; - -// hash(s) = Bit 31..58 - -hash[0] = ((raw[0] >> 31) | (raw[1] << 1)) & 0xfffffff; - -// sig(e) = bit 58..113 - -sig[0] = (raw[1] >> 27) | (raw[2] << 5); - -sig[1] = (raw[2] >> 27) | (raw[3] << 5); - + // pid = Bit 0..30 + pid[0] = raw[0] & 0x7fffffff; + + // hash(s) = Bit 31..58 + hash[0] = ((raw[0] >> 31) | (raw[1] << 1)) & 0xfffffff; + + // sig(e) = bit 58..113 + sig[0] = (raw[1] >> 27) | (raw[2] << 5); + sig[1] = (raw[2] >> 27) | (raw[3] << 5); } static void pack(unsigned long *raw, unsigned long *pid, unsigned long *hash, unsigned long *sig) - { - -raw[0] = pid[0] | ((hash[0] & 1) << 31); - -raw[1] = (hash[0] >> 1) | ((sig[0] & 0x1f) << 27); - -raw[2] = (sig[0] >> 5) | (sig[1] << 27); - -raw[3] = sig[1] >> 5; - + raw[0] = pid[0] | ((hash[0] & 1) << 31); + raw[1] = (hash[0] >> 1) | ((sig[0] & 0x1f) << 27); + raw[2] = (sig[0] >> 5) | (sig[1] << 27); + raw[3] = sig[1] >> 5; } // Reverse data - static void endian(unsigned char *data, int len) - { - -int i; - -for (i = 0; i < len/2; i++) { - -unsigned char temp; - -temp = data; - -data = data[len-i-1]; - -data[len-i-1] = temp; - -} - + int i; + for (i = 0; i < len/2; i++) { + unsigned char temp; + temp = data[i]; + data[i] = data[len-i-1]; + data[len-i-1] = temp; + } } void unbase24(unsigned long *x, unsigned char *c) - { -memset(x, 0, 16); - -int i, n; - -BIGNUM *y = BN_new(); - -BN_zero(y); - -for (i = 0; i < 25; i++) - -{ - -BN_mul_word(y, 24); - -BN_add_word(y, c); - -} - -n = BN_num_bytes(y); - -BN_bn2bin(y, (unsigned char *)x); - -BN_free(y); - -endian((unsigned char *)x, n); + memset(x, 0, 16); + int i, n; + BIGNUM *y = BN_new(); + BN_zero(y); + + for (i = 0; i < 25; i++) + { + BN_mul_word(y, 24); + BN_add_word(y, c[i]); + } + n = BN_num_bytes(y); + BN_bn2bin(y, (unsigned char *)x); + BN_free(y); + + endian((unsigned char *)x, n); } void base24(unsigned char *c, unsigned long *x) - { + unsigned char y[16]; + int i; + BIGNUM *z; -unsigned char y[16]; + // Convert x to BigNum z + memcpy(y, x, sizeof(y)); // Copy X to Y; Y=X + for (i = 15; y[i] == 0; i--) {} i++; // skip following nulls + endian(y, i); // Reverse y + z = BN_bin2bn(y, i, NULL); // Convert y to BigNum z -int i; -BIGNUM *z; - -// Convert x to BigNum z - -memcpy(y, x, sizeof(y)); // Copy X to Y; Y=X - -for (i = 15; y == 0; i--) {} i++; // skip following nulls - -endian(y, i); // Reverse y - -z = BN_bin2bn(y, i, NULL); // Convert y to BigNum z - -// Divide z by 24 and convert remainder with cset to Base24-CDKEY Char - -c[25] = 0; - -for (i = 24; i >= 0; i--) { - -unsigned char t = BN_div_word(z, 24); - -c = cset[t]; - -} - -BN_free(z); + // Divide z by 24 and convert remainder with cset to Base24-CDKEY Char + c[25] = 0; + for (i = 24; i >= 0; i--) { + unsigned char t = BN_div_word(z, 24); + c[i] = cset[t]; + } + BN_free(z); } void print_product_id(unsigned long *pid) - { + char raw[12]; + char b[6], c[8]; + int i, digit = 0; + + // Cut a away last bit of pid and convert it to an accii-number (=raw) + sprintf(raw, "%d", pid[0] >> 1); + + // Make b-part {640-....} + strncpy(b, raw, 3); + b[3] = 0; -char raw[12]; + // Make c-part {...-123456X...} + strcpy(c, raw + 3); -char b[6], c[8]; - -int i, digit = 0; - -// Cut a away last bit of pid and convert it to an accii-number (=raw) - -sprintf(raw, "%d", pid[0] >> 1); - -// Make b-part {640-....} - -strncpy(b, raw, 3); - -b[3] = 0; - -// Make c-part {...-123456X...} - -strcpy(c, raw + 3); - -// Make checksum digit-part {...56X-} - -assert(strlenĀ© == 6); - -for (i = 0; i < 6; i++) - -digit -= c - '0'; // Sum digits - -while (digit < 0) - -digit += 7; - -c[6] = digit + '0'; - -c[7] = 0; - -printf("Product ID: 55274-%s-%s-23xxx\n", b, c); + // Make checksum digit-part {...56X-} + assert(strlen(c) == 6); + for (i = 0; i < 6; i++) + digit -= c[i] - '0'; // Sum digits + while (digit < 0) + digit += 7; + c[6] = digit + '0'; + c[7] = 0; + + printf("Product ID: 55274-%s-%s-23xxx\n", b, c); } void print_product_key(unsigned char *pk) - { - -int i; - -assert(strlen((const char *)pk) == 25); - -for (i = 0; i < 25; i++) { - -putchar(pk); - -if (i != 24 && i % 5 == 4) putchar('-'); - -} - + int i; + assert(strlen((const char *)pk) == 25); + for (i = 0; i < 25; i++) { + putchar(pk[i]); + if (i != 24 && i % 5 == 4) putchar('-'); + } } void verify(EC_GROUP *ec, EC_POINT *generator, EC_POINT *public_key, char *cdkey) - { + unsigned char key[25]; + int i, j, k; -unsigned char key[25]; - -int i, j, k; - -BN_CTX *ctx = BN_CTX_new(); - + BN_CTX *ctx = BN_CTX_new(); // remove Dashs from CDKEY - -for (i = 0, k = 0; i < strlen(cdkey); i++) { - -for (j = 0; j < 24; j++) { - -if (cdkey != '-' && cdkey == cset[j]) { - -key[k++] = j; - -break; - -} - -assert(j < 24); - -} - -if (k >= 25) break; - -} - -// Base24_CDKEY -> Bin_CDKEY - -unsigned long bkey[4] = {0}; - -unsigned long pid[1], hash[1], sig[2]; - -unbase24(bkey, key); - -// Output Bin_CDKEY - -printf("%.8x %.8x %.8x %.8x\n", bkey[3], bkey[2], bkey[1], bkey[0]); - -// Divide/Extract pid_data, hash, sig from Bin_CDKEY - -unpack(pid, hash, sig, bkey); - -print_product_id(pid); - -printf("PID: %.8x\nHash: %.8x\nSig: %.8x %.8x\n", pid[0], hash[0], sig[1], sig[0]); - -BIGNUM *e, *s; - -/* e = hash, s = sig */ - -e = BN_new(); - -BN_set_word(e, hash[0]); - -endian((unsigned char *)sig, sizeof(sig)); - -s = BN_bin2bn((unsigned char *)sig, sizeof(sig), NULL); - -BIGNUM *x = BN_new(); - -BIGNUM *y = BN_new(); - -EC_POINT *u = EC_POINT_new(ec); - -EC_POINT *v = EC_POINT_new(ec); - -/* v = s*generator + e*(-public_key) */ - -EC_POINT_mul(ec, u, NULL, generator, s, ctx); - -EC_POINT_mul(ec, v, NULL, public_key, e, ctx); - -EC_POINT_add(ec, v, u, v, ctx); - -EC_POINT_get_affine_coordinates_GFp(ec, v, x, y, ctx); - -unsigned char buf[FIELD_BYTES], md[20]; - -unsigned long h; - -unsigned char t[4]; - -SHA_CTX h_ctx; - -/* h = (fist 32 bits of SHA1(pid || v.x, v.y)) >> 4 */ - -SHA1_Init(&h_ctx); - -t[0] = pid[0] & 0xff; - -t[1] = (pid[0] & 0xff00) >> 8; - -t[2] = (pid[0] & 0xff0000) >> 16; - -t[3] = (pid[0] & 0xff000000) >> 24; - -SHA1_Update(&h_ctx, t, sizeof(t)); - -memset(buf, 0, sizeof(buf)); - -BN_bn2bin(x, buf); - -endian((unsigned char *)buf, sizeof(buf)); - -SHA1_Update(&h_ctx, buf, sizeof(buf)); - -memset(buf, 0, sizeof(buf)); - -BN_bn2bin(y, buf); - -endian((unsigned char *)buf, sizeof(buf)); - -SHA1_Update(&h_ctx, buf, sizeof(buf)); - -SHA1_Final(md, &h_ctx); - -h = (md[0] | (md[1] << 8) | (md[2] << 16) | (md[3] << 24)) >> 4; - -h &= 0xfffffff; - -printf("Calculated hash: %.8x\n", h); - -if (h == hash[0]) printf("Key valid\n"); - -else printf("Key invalid\n"); - -putchar('\n'); - -BN_free(e); - -BN_free(s); - -BN_free(x); - -BN_free(y); - -EC_POINT_free(u); - -EC_POINT_free(v); - -BN_CTX_free(ctx); - + for (i = 0, k = 0; i < strlen(cdkey); i++) { + for (j = 0; j < 24; j++) { + if (cdkey[i] != '-' && cdkey[i] == cset[j]) { + key[k++] = j; + break; + } + assert(j < 24); + } + if (k >= 25) break; + } + + // Base24_CDKEY -> Bin_CDKEY + unsigned long bkey[4] = {0}; + unsigned long pid[1], hash[1], sig[2]; + unbase24(bkey, key); + + // Output Bin_CDKEY + printf("%.8x %.8x %.8x %.8x\n", bkey[3], bkey[2], bkey[1], bkey[0]); + + // Divide/Extract pid_data, hash, sig from Bin_CDKEY + unpack(pid, hash, sig, bkey); + print_product_id(pid); + + printf("PID: %.8x\nHash: %.8x\nSig: %.8x %.8x\n", pid[0], hash[0], sig[1], sig[0]); + + + BIGNUM *e, *s; + + /* e = hash, s = sig */ + e = BN_new(); + BN_set_word(e, hash[0]); + endian((unsigned char *)sig, sizeof(sig)); + s = BN_bin2bn((unsigned char *)sig, sizeof(sig), NULL); + + BIGNUM *x = BN_new(); + BIGNUM *y = BN_new(); + EC_POINT *u = EC_POINT_new(ec); + EC_POINT *v = EC_POINT_new(ec); + + /* v = s*generator + e*(-public_key) */ + EC_POINT_mul(ec, u, NULL, generator, s, ctx); + EC_POINT_mul(ec, v, NULL, public_key, e, ctx); + EC_POINT_add(ec, v, u, v, ctx); + EC_POINT_get_affine_coordinates_GFp(ec, v, x, y, ctx); + + unsigned char buf[FIELD_BYTES], md[20]; + unsigned long h; + unsigned char t[4]; + SHA_CTX h_ctx; + + /* h = (fist 32 bits of SHA1(pid || v.x, v.y)) >> 4 */ + SHA1_Init(&h_ctx); + t[0] = pid[0] & 0xff; + t[1] = (pid[0] & 0xff00) >> 8; + t[2] = (pid[0] & 0xff0000) >> 16; + t[3] = (pid[0] & 0xff000000) >> 24; + SHA1_Update(&h_ctx, t, sizeof(t)); + + memset(buf, 0, sizeof(buf)); + BN_bn2bin(x, buf); + endian((unsigned char *)buf, sizeof(buf)); + SHA1_Update(&h_ctx, buf, sizeof(buf)); + + memset(buf, 0, sizeof(buf)); + BN_bn2bin(y, buf); + endian((unsigned char *)buf, sizeof(buf)); + SHA1_Update(&h_ctx, buf, sizeof(buf)); + + SHA1_Final(md, &h_ctx); + h = (md[0] | (md[1] << 8) | (md[2] << 16) | (md[3] << 24)) >> 4; + h &= 0xfffffff; + + printf("Calculated hash: %.8x\n", h); + if (h == hash[0]) printf("Key valid\n"); + else printf("Key invalid\n"); + putchar('\n'); + + BN_free(e); + BN_free(s); + BN_free(x); + BN_free(y); + EC_POINT_free(u); + EC_POINT_free(v); + + BN_CTX_free(ctx); } void generate(unsigned char *pkey, EC_GROUP *ec, EC_POINT *generator, BIGNUM *order, BIGNUM *priv, unsigned long *pid) - { + BN_CTX *ctx = BN_CTX_new(); -BN_CTX *ctx = BN_CTX_new(); + BIGNUM *k = BN_new(); + BIGNUM *s = BN_new(); + BIGNUM *x = BN_new(); + BIGNUM *y = BN_new(); + EC_POINT *r = EC_POINT_new(ec); + unsigned long bkey[4]; -BIGNUM *k = BN_new(); + // Loop in case signaturepart will make cdkey(base-24 "digits") longer than 25 + do { + BN_pseudo_rand(k, FIELD_BITS, -1, 0); + EC_POINT_mul(ec, r, NULL, generator, k, ctx); + EC_POINT_get_affine_coordinates_GFp(ec, r, x, y, ctx); + + SHA_CTX h_ctx; + unsigned char t[4], md[20], buf[FIELD_BYTES]; + unsigned long hash[1]; + /* h = (fist 32 bits of SHA1(pid || r.x, r.y)) >> 4 */ + SHA1_Init(&h_ctx); + t[0] = pid[0] & 0xff; + t[1] = (pid[0] & 0xff00) >> 8; + t[2] = (pid[0] & 0xff0000) >> 16; + t[3] = (pid[0] & 0xff000000) >> 24; + SHA1_Update(&h_ctx, t, sizeof(t)); + + memset(buf, 0, sizeof(buf)); + BN_bn2bin(x, buf); + endian((unsigned char *)buf, sizeof(buf)); + SHA1_Update(&h_ctx, buf, sizeof(buf)); + + memset(buf, 0, sizeof(buf)); + BN_bn2bin(y, buf); + endian((unsigned char *)buf, sizeof(buf)); + SHA1_Update(&h_ctx, buf, sizeof(buf)); + + SHA1_Final(md, &h_ctx); + hash[0] = (md[0] | (md[1] << 8) | (md[2] << 16) | (md[3] << 24)) >> 4; + hash[0] &= 0xfffffff; + + /* s = priv*h + k */ + BN_copy(s, priv); + BN_mul_word(s, hash[0]); + BN_mod_add(s, s, k, order, ctx); + + unsigned long sig[2] = {0}; + BN_bn2bin(s, (unsigned char *)sig); + endian((unsigned char *)sig, BN_num_bytes(s)); + pack(bkey, pid, hash, sig); + printf("PID: %.8x\nHash: %.8x\nSig: %.8x %.8x\n", pid[0], hash[0], sig[1], sig[0]); + } while (bkey[3] >= 0x62a32); -BIGNUM *s = BN_new(); - -BIGNUM *x = BN_new(); - -BIGNUM *y = BN_new(); - -EC_POINT *r = EC_POINT_new(ec); - -unsigned long bkey[4]; - -// Loop in case signaturepart will make cdkey(base-24 "digits") longer than 25 - -do { - -BN_pseudo_rand(k, FIELD_BITS, -1, 0); - -EC_POINT_mul(ec, r, NULL, generator, k, ctx); - -EC_POINT_get_affine_coordinates_GFp(ec, r, x, y, ctx); - -SHA_CTX h_ctx; - -unsigned char t[4], md[20], buf[FIELD_BYTES]; - -unsigned long hash[1]; - -/* h = (fist 32 bits of SHA1(pid || r.x, r.y)) >> 4 */ - -SHA1_Init(&h_ctx); - -t[0] = pid[0] & 0xff; - -t[1] = (pid[0] & 0xff00) >> 8; - -t[2] = (pid[0] & 0xff0000) >> 16; - -t[3] = (pid[0] & 0xff000000) >> 24; - -SHA1_Update(&h_ctx, t, sizeof(t)); - -memset(buf, 0, sizeof(buf)); - -BN_bn2bin(x, buf); - -endian((unsigned char *)buf, sizeof(buf)); - -SHA1_Update(&h_ctx, buf, sizeof(buf)); - -memset(buf, 0, sizeof(buf)); - -BN_bn2bin(y, buf); - -endian((unsigned char *)buf, sizeof(buf)); - -SHA1_Update(&h_ctx, buf, sizeof(buf)); - -SHA1_Final(md, &h_ctx); - -hash[0] = (md[0] | (md[1] << 8) | (md[2] << 16) | (md[3] << 24)) >> 4; - -hash[0] &= 0xfffffff; - -/* s = priv*h + k */ - -BN_copy(s, priv); - -BN_mul_word(s, hash[0]); - -BN_mod_add(s, s, k, order, ctx); - -unsigned long sig[2] = {0}; - -BN_bn2bin(s, (unsigned char *)sig); - -endian((unsigned char *)sig, BN_num_bytes(s)); - -pack(bkey, pid, hash, sig); - -printf("PID: %.8x\nHash: %.8x\nSig: %.8x %.8x\n", pid[0], hash[0], sig[1], sig[0]); - -} while (bkey[3] >= 0x62a32); - -base24(pkey, bkey); - -BN_free(k); - -BN_free(s); - -BN_free(x); - -BN_free(y); - -EC_POINT_freeĀ®; - -BN_CTX_free(ctx); + base24(pkey, bkey); + + BN_free(k); + BN_free(s); + BN_free(x); + BN_free(y); + EC_POINT_free(r); + BN_CTX_free(ctx); } int main() - { + // Init + BIGNUM *a, *b, *p, *gx, *gy, *pubx, *puby, *n, *priv; + BN_CTX *ctx = BN_CTX_new(); + + // make BigNumbers + a = BN_new(); + b = BN_new(); + p = BN_new(); + gx = BN_new(); + gy = BN_new(); + pubx = BN_new(); + puby = BN_new(); + n = BN_new(); + priv = BN_new(); -// Init + // Data from pidgen-Bink-resources + /* Elliptic curve parameters: y^2 = x^3 + ax + b mod p */ + BN_hex2bn(&p, "92ddcf14cb9e71f4489a2e9ba350ae29454d98cb93bdbcc07d62b502ea12238ee904a8b20d017197aae0c103b32713a9"); + BN_set_word(a, 1); + BN_set_word(b, 0); + -BIGNUM *a, *b, *p, *gx, *gy, *pubx, *puby, *n, *priv; + /* base point (generator) G */ + BN_hex2bn(&gx, "46E3775ECE21B0898D39BEA57050D422A0AF989E497962BAEE2CB17E0A28D5360D5476B8DC966443E37A14F1AEF37742"); + BN_hex2bn(&gy, "7C8E741D2C34F4478E325469CD491603D807222C9C4AC09DDB2B31B3CE3F7CC191B3580079932BC6BEF70BE27604F65E"); -BN_CTX *ctx = BN_CTX_new(); + /* inverse of public key */ + BN_hex2bn(&pubx, "5D8DBE75198015EC41C45AAB6143542EB098F6A5CC9CE4178A1B8A1E7ABBB5BC64DF64FAF6177DC1B0988AB00BA94BF8"); + BN_hex2bn(&puby, "23A2909A0B4803C89F910C7191758B48746CEA4D5FF07667444ACDB9512080DBCA55E6EBF30433672B894F44ACE92BFA"); -// make BigNumbers + // Computed data + /* order of G - computed in 18 hours using a P3-450 */ + BN_hex2bn(&n, "DB6B4C58EFBAFD"); -a = BN_new(); + /* THE private key - computed in 10 hours using a P3-450 */ + BN_hex2bn(&priv, "565B0DFF8496C8"); -b = BN_new(); + // Calculation + EC_GROUP *ec = EC_GROUP_new_curve_GFp(p, a, b, ctx); + EC_POINT *g = EC_POINT_new(ec); + EC_POINT_set_affine_coordinates_GFp(ec, g, gx, gy, ctx); + EC_POINT *pub = EC_POINT_new(ec); + EC_POINT_set_affine_coordinates_GFp(ec, pub, pubx, puby, ctx); + + unsigned char pkey[26]; + unsigned long pid[1]; + pid[0] = 640000000 << 1; /* <- change */ -p = BN_new(); - -gx = BN_new(); - -gy = BN_new(); - -pubx = BN_new(); - -puby = BN_new(); - -n = BN_new(); - -priv = BN_new(); - -// Data from pidgen-Bink-resources - -/* Elliptic curve parameters: y^2 = x^3 + ax + b mod p */ - -BN_hex2bn(&p, "92ddcf14cb9e71f4489a2e9ba350ae29454d98cb93bdbcc07d62b502ea12238ee904a8b20d017197aae0c103b32713a9"); - -BN_set_word(a, 1); - -BN_set_word(b, 0); - -/* base point (generator) G */ - -BN_hex2bn(&gx, "46E3775ECE21B0898D39BEA57050D422A0AF989E497962BAEE2CB17E0A28D5360D5476B8DC966443E37A14F1AEF37742"); - -BN_hex2bn(&gy, "7C8E741D2C34F4478E325469CD491603D807222C9C4AC09DDB2B31B3CE3F7CC191B3580079932BC6BEF70BE27604F65E"); - -/* inverse of public key */ - -BN_hex2bn(&pubx, "5D8DBE75198015EC41C45AAB6143542EB098F6A5CC9CE4178A1B8A1E7ABBB5BC64DF64FAF6177DC1B0988AB00BA94BF8"); - -BN_hex2bn(&puby, "23A2909A0B4803C89F910C7191758B48746CEA4D5FF07667444ACDB9512080DBCA55E6EBF30433672B894F44ACE92BFA"); - -// Computed data - -/* order of G - computed in 18 hours using a P3-450 */ - -BN_hex2bn(&n, "DB6B4C58EFBAFD"); - -/* THE private key - computed in 10 hours using a P3-450 */ - -BN_hex2bn(&priv, "565B0DFF8496C8"); - -// Calculation - -EC_GROUP *ec = EC_GROUP_new_curve_GFp(p, a, b, ctx); - -EC_POINT *g = EC_POINT_new(ec); - -EC_POINT_set_affine_coordinates_GFp(ec, g, gx, gy, ctx); - -EC_POINT *pub = EC_POINT_new(ec); - -EC_POINT_set_affine_coordinates_GFp(ec, pub, pubx, puby, ctx); - -unsigned char pkey[26]; - -unsigned long pid[1]; - -pid[0] = 640000000 << 1; /* <- change */ - -// generate a key - -generate(pkey, ec, g, n, priv, pid); - -print_product_key(pkey); printf("\n\n"); - -// verify the key - -verify(ec, g, pub, (char*)pkey); - -// Cleanup - -BN_CTX_free(ctx); - -return 0; + // generate a key + generate(pkey, ec, g, n, priv, pid); + print_product_key(pkey); printf("\n\n"); + // verify the key + verify(ec, g, pub, (char*)pkey); + + // Cleanup + BN_CTX_free(ctx); + + return 0; }