add the gitkeep back -_- (2)

.gitignore

@@ -1,4 +1,5 @@
 build/*
+!build/.gitkeep
 *.tar
 *.exe
 *.wasm

CMakeLists.txt

@@ -240,7 +240,7 @@ CPMAddPackage(
 ### Resource compilation
 CMRC_ADD_RESOURCE_LIBRARY(umskt-rc ALIAS umskt::rc NAMESPACE umskt keys.json)
 
-SET(LIBUMSKT_SRC src/libumskt/libumskt.cpp src/libumskt/pidgen3/BINK1998.cpp src/libumskt/pidgen3/BINK2002.cpp src/libumskt/pidgen3/key.cpp src/libumskt/pidgen3/util.cpp src/libumskt/confid/confid.cpp src/libumskt/pidgen2/PIDGEN2.cpp src/libumskt/debugoutput.cpp)
+SET(LIBUMSKT_SRC src/libumskt/libumskt.cpp src/libumskt/sha1/sha1.cpp src/libumskt/pidgen3/BINK1998.cpp src/libumskt/pidgen3/BINK2002.cpp src/libumskt/pidgen3/key.cpp src/libumskt/pidgen3/util.cpp src/libumskt/confid/confid.cpp src/libumskt/pidgen2/PIDGEN2.cpp src/libumskt/debugoutput.cpp)
 
 #### Separate Build Path for emscripten
 IF (EMSCRIPTEN)
@@ -298,4 +298,4 @@ ELSE()
         message(STATUS "[UMSKT] CWSDSTUB_LOCATION set to: ${CWSDSTUB_LOCATION}")
         message(STATUS "[UMSKT] DJGPP_BIN_LOCATION set to: ${DJGPP_BIN_LOCATION}")
     ENDIF()
-ENDIF()
+ENDIF()

src/libumskt/libumskt.cpp

@@ -59,7 +59,33 @@ FNEXPORT int PIDGEN2_GenerateOEM(char* year, char* day, char* oem, char* keyout)
     return PIDGEN2::GenerateOEM(year, day, oem, keyout);
 }
 
-// RNG utility functions
+// RNG implementation
+std::mt19937_64& UMSKT::get_rng() {
+    static std::mt19937_64 rng = []() {
+        // Seed the generator with multiple entropy sources
+        std::random_device rd;
+        std::array<std::uint64_t, std::mt19937_64::state_size> seed_data;
+        
+        // Mix in random_device entropy
+        std::generate(seed_data.begin(), seed_data.end(), std::ref(rd));
+        
+        // Mix in high-resolution time
+        auto now = std::chrono::high_resolution_clock::now();
+        auto nanos = std::chrono::duration_cast<std::chrono::nanoseconds>(
+            now.time_since_epoch()
+        ).count();
+        seed_data[0] ^= static_cast<std::uint64_t>(nanos);
+        
+        // Create a seed sequence
+        std::seed_seq seq(seed_data.begin(), seed_data.end());
+        
+        // Initialize RNG with the seed sequence
+        std::mt19937_64 generator(seq);
+        return generator;
+    }();
+    return rng;
+}
+
 int UMSKT::umskt_rand_bytes(unsigned char *buf, int num) {
 #if UMSKT_RNG_DJGPP
     // DOS-compatible RNG using DJGPP's random() function
@@ -89,14 +115,20 @@ int UMSKT::umskt_rand_bytes(unsigned char *buf, int num) {
     }
     return 1;
 #else
-    // Use OpenSSL's RAND_bytes for non-DOS systems
-    return RAND_bytes(buf, num);
+    // Use C++ std::uniform_int_distribution for better randomness
+    std::uniform_int_distribution<unsigned short> dist(0, 255);
+    auto& rng = get_rng();
+    
+    for (int i = 0; i < num; i++) {
+        buf[i] = static_cast<unsigned char>(dist(rng));
+    }
+    return 1;
 #endif
 }
 
 int UMSKT::umskt_bn_rand(BIGNUM *rnd, int bits, int top, int bottom) {
 #if UMSKT_RNG_DJGPP
-    // DOS-compatible RNG implementation for BIGNUMs
+    // Keep existing DOS-compatible implementation
     unsigned char *buf = (unsigned char *)malloc((bits + 7) / 8);
     if (!buf) return 0;
     
@@ -129,7 +161,37 @@ int UMSKT::umskt_bn_rand(BIGNUM *rnd, int bits, int top, int bottom) {
     
     return 1;
 #else
-    // Use OpenSSL's BN_rand for non-DOS systems
-    return BN_rand(rnd, bits, top, bottom);
+    // Generate random bytes using C++ RNG
+    unsigned char *buf = (unsigned char *)malloc((bits + 7) / 8);
+    if (!buf) return 0;
+    
+    // Generate random bytes
+    umskt_rand_bytes(buf, (bits + 7) / 8);
+    
+    // Convert to BIGNUM
+    if (!BN_bin2bn(buf, (bits + 7) / 8, rnd)) {
+        free(buf);
+        return 0;
+    }
+    
+    free(buf);
+    
+    // Apply top/bottom constraints
+    if (top != -1) {
+        if (top) {
+            if (bits == 0) {
+                BN_zero(rnd);
+                return 1;
+            }
+            BN_set_bit(rnd, bits - 1);
+        }
+        BN_mask_bits(rnd, bits);
+    }
+    
+    if (bottom) {
+        BN_set_bit(rnd, 0);
+    }
+    
+    return 1;
 #endif
 }

src/libumskt/libumskt.h

@@ -28,13 +28,16 @@
 #include <string>
 #include <iostream>
 #include <sstream>
+#include <random>
+#include <chrono>
+#include <algorithm>
+#include <array>
 
 #include <openssl/bn.h>
 #include <openssl/ec.h>
-#include <openssl/sha.h>
 #include <openssl/evp.h>
-#include <openssl/rand.h>
 
+#include "sha1/sha1.h"
 #include <fmt/core.h>
 #include <fmt/format.h>
 
@@ -75,6 +78,9 @@ extern "C" {
 #endif
 
 class UMSKT {
+private:
+    static std::mt19937_64& get_rng();
+
 public:
     static std::FILE* debug;
     class PIDGEN2;

src/libumskt/pidgen3/BINK1998.cpp

@@ -154,7 +154,7 @@ bool PIDGEN3::BINK1998::Verify(
     memcpy((void *)&msgBuffer[4 + FIELD_BYTES], (void *)yBin, FIELD_BYTES);
 
     // compHash = SHA1(pSerial || P.x || P.y)
-    SHA1(msgBuffer, SHA_MSG_LENGTH_XP, msgDigest);
+    SHA1_DIGEST(msgBuffer, SHA_MSG_LENGTH_XP, msgDigest);
 
     // Translate the byte digest into a 32-bit integer - this is our computed hash.
     // Truncate the hash to 28 bits.
@@ -226,7 +226,7 @@ void PIDGEN3::BINK1998::Generate(
         memcpy((void *)&msgBuffer[4 + FIELD_BYTES], (void *)yBin, FIELD_BYTES);
 
         // pHash = SHA1(pSerial || R.x || R.y)
-        SHA1(msgBuffer, SHA_MSG_LENGTH_XP, msgDigest);
+        SHA1_DIGEST(msgBuffer, SHA_MSG_LENGTH_XP, msgDigest);
 
         // Translate the byte digest into a 32-bit integer - this is our computed pHash.
         // Truncate the pHash to 28 bits.

src/libumskt/pidgen3/BINK2002.cpp

@@ -127,7 +127,7 @@ bool PIDGEN3::BINK2002::Verify(
     msgBuffer[0x0A] = 0x00;
 
     // newSignature = SHA1(5D || Channel ID || Hash || AuthInfo || 00 00)
-    SHA1(msgBuffer, 11, msgDigest);
+    SHA1_DIGEST(msgBuffer, 11, msgDigest);
 
     // Translate the byte digest into a 64-bit integer - this is our computed intermediate signature.
     // As the signature is only 62 bits long at most, we have to truncate it by shifting the high DWORD right 2 bits (per spec).
@@ -185,7 +185,7 @@ bool PIDGEN3::BINK2002::Verify(
     memcpy((void *)&msgBuffer[3 + FIELD_BYTES_2003], (void *)yBin, FIELD_BYTES_2003);
 
     // compHash = SHA1(79 || Channel ID || p.x || p.y)
-    SHA1(msgBuffer, SHA_MSG_LENGTH_2003, msgDigest);
+    SHA1_DIGEST(msgBuffer, SHA_MSG_LENGTH_2003, msgDigest);
 
     // Translate the byte digest into a 32-bit integer - this is our computed hash.
     // Truncate the hash to 31 bits.
@@ -263,7 +263,7 @@ void PIDGEN3::BINK2002::Generate(
         memcpy((void *)&msgBuffer[3 + FIELD_BYTES_2003], (void *)yBin, FIELD_BYTES_2003);
 
         // pHash = SHA1(79 || Channel ID || R.x || R.y)
-        SHA1(msgBuffer, SHA_MSG_LENGTH_2003, msgDigest);
+        SHA1_DIGEST(msgBuffer, SHA_MSG_LENGTH_2003, msgDigest);
 
         // Translate the byte digest into a 32-bit integer - this is our computed hash.
         // Truncate the hash to 31 bits.
@@ -283,7 +283,7 @@ void PIDGEN3::BINK2002::Generate(
         msgBuffer[0x0A] = 0x00;
 
         // newSignature = SHA1(5D || Channel ID || Hash || AuthInfo || 00 00)
-        SHA1(msgBuffer, 11, msgDigest);
+        SHA1_DIGEST(msgBuffer, 11, msgDigest);
 
         // Translate the byte digest into a 64-bit integer - this is our computed intermediate signature.
         // As the signature is only 62 bits long at most, we have to truncate it by shifting the high DWORD right 2 bits (per spec).

src/libumskt/sha1/sha1.cpp

@@ -0,0 +1,140 @@
+#include "sha1.h"
+#include <cstring>
+#include <bit>
+
+namespace umskt {
+
+// Rotate left operation
+static inline uint32_t rotl(uint32_t value, unsigned int bits) {
+    return (value << bits) | (value >> (32 - bits));
+}
+
+SHA1::SHA1() {
+    reset();
+}
+
+void SHA1::reset() {
+    std::memcpy(state, INIT_STATE, sizeof(state));
+    totalBytes = 0;
+    bufferSize = 0;
+}
+
+void SHA1::update(const uint8_t* data, size_t len) {
+    while (len > 0) {
+        size_t copy = std::min(BLOCK_SIZE - bufferSize, len);
+        std::memcpy(buffer + bufferSize, data, copy);
+        bufferSize += copy;
+        data += copy;
+        len -= copy;
+        
+        if (bufferSize == BLOCK_SIZE) {
+            processBlock(buffer);
+            totalBytes += BLOCK_SIZE;
+            bufferSize = 0;
+        }
+    }
+}
+
+SHA1::Digest SHA1::finalize() {
+    // Total size including padding must be a multiple of 64 bytes
+    totalBytes += bufferSize;
+    
+    // Add padding byte
+    buffer[bufferSize++] = 0x80;
+    
+    // If there isn't enough room for the length (8 bytes), process this block and start a new one
+    if (bufferSize > BLOCK_SIZE - 8) {
+        std::memset(buffer + bufferSize, 0, BLOCK_SIZE - bufferSize);
+        processBlock(buffer);
+        bufferSize = 0;
+    }
+    
+    // Pad with zeros and add 64-bit length (in bits)
+    std::memset(buffer + bufferSize, 0, BLOCK_SIZE - 8 - bufferSize);
+    uint64_t bitCount = totalBytes * 8;
+    
+    // Store length in big-endian format
+    for (int i = 7; i >= 0; --i) {
+        buffer[BLOCK_SIZE - 1 - i] = static_cast<uint8_t>(bitCount >> (i * 8));
+    }
+    
+    processBlock(buffer);
+    
+    // Convert state to bytes (big-endian)
+    Digest digest;
+    for (int i = 0; i < 5; ++i) {
+        digest[i*4] = static_cast<uint8_t>(state[i] >> 24);
+        digest[i*4 + 1] = static_cast<uint8_t>(state[i] >> 16);
+        digest[i*4 + 2] = static_cast<uint8_t>(state[i] >> 8);
+        digest[i*4 + 3] = static_cast<uint8_t>(state[i]);
+    }
+    
+    return digest;
+}
+
+void SHA1::processBlock(const uint8_t* block) {
+    // Convert block to 16 32-bit words (big-endian)
+    uint32_t w[80];
+    for (int i = 0; i < 16; ++i) {
+        w[i] = (static_cast<uint32_t>(block[i*4]) << 24) |
+               (static_cast<uint32_t>(block[i*4 + 1]) << 16) |
+               (static_cast<uint32_t>(block[i*4 + 2]) << 8) |
+               static_cast<uint32_t>(block[i*4 + 3]);
+    }
+    
+    // Extend 16 words to 80 words
+    for (int i = 16; i < 80; ++i) {
+        w[i] = rotl(w[i-3] ^ w[i-8] ^ w[i-14] ^ w[i-16], 1);
+    }
+    
+    // Initialize working variables
+    uint32_t a = state[0];
+    uint32_t b = state[1];
+    uint32_t c = state[2];
+    uint32_t d = state[3];
+    uint32_t e = state[4];
+    
+    // Main loop
+    for (int i = 0; i < 80; ++i) {
+        uint32_t f, k;
+        
+        if (i < 20) {
+            f = (b & c) | ((~b) & d);
+            k = 0x5A827999;
+        }
+        else if (i < 40) {
+            f = b ^ c ^ d;
+            k = 0x6ED9EBA1;
+        }
+        else if (i < 60) {
+            f = (b & c) | (b & d) | (c & d);
+            k = 0x8F1BBCDC;
+        }
+        else {
+            f = b ^ c ^ d;
+            k = 0xCA62C1D6;
+        }
+        
+        uint32_t temp = rotl(a, 5) + f + e + k + w[i];
+        e = d;
+        d = c;
+        c = rotl(b, 30);
+        b = a;
+        a = temp;
+    }
+    
+    // Update state
+    state[0] += a;
+    state[1] += b;
+    state[2] += c;
+    state[3] += d;
+    state[4] += e;
+}
+
+SHA1::Digest SHA1::hash(const uint8_t* data, size_t len) {
+    SHA1 sha1;
+    sha1.update(data, len);
+    return sha1.finalize();
+}
+
+} // namespace umskt 

src/libumskt/sha1/sha1.h

@@ -0,0 +1,59 @@
+#ifndef UMSKT_SHA1_H
+#define UMSKT_SHA1_H
+
+#include "../../typedefs.h"
+#include <cstdint>
+#include <array>
+#include <string>
+
+// OpenSSL-compatible constants
+#define SHA_DIGEST_LENGTH 20
+#define SHA_CBLOCK    64
+#define SHA_LBLOCK    16
+
+namespace umskt {
+
+class SHA1 {
+public:
+    static constexpr size_t DIGEST_SIZE = SHA_DIGEST_LENGTH;  // SHA1 produces a 160-bit (20-byte) hash
+    using Digest = std::array<uint8_t, DIGEST_SIZE>;
+
+    SHA1();
+    
+    // Update the hash with more data
+    void update(const uint8_t* data, size_t len);
+    
+    // Finalize and get the hash
+    Digest finalize();
+    
+    // Reset the hash state
+    void reset();
+    
+    // Convenience method to hash data in one call
+    static Digest hash(const uint8_t* data, size_t len);
+
+private:
+    static constexpr size_t BLOCK_SIZE = SHA_CBLOCK;  // SHA1 operates on 512-bit (64-byte) blocks
+    static constexpr uint32_t INIT_STATE[5] = {
+        0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0
+    };
+
+    void processBlock(const uint8_t* block);
+    
+    uint32_t state[5];           // Hash state
+    uint8_t buffer[BLOCK_SIZE];  // Input buffer
+    uint64_t totalBytes;         // Total bytes processed
+    size_t bufferSize;          // Current bytes in buffer
+};
+
+// OpenSSL-compatible function
+inline void SHA1_wrapper(const unsigned char* data, size_t len, unsigned char* digest) {
+    auto result = SHA1::hash(data, len);
+    std::copy(result.begin(), result.end(), digest);
+}
+
+} // namespace umskt
+
+#define SHA1_DIGEST(d,n,md) umskt::SHA1_wrapper((d),(n),(md))
+
+#endif // UMSKT_SHA1_H