lovette
commented
7 years ago I just noticed the same thing! Glad to see I'm not the only one stumped by this.
I was changing the last character of some codes just to test my logic statements and was surprised to get YES where I expected NO.
For example, given this code:
GAWQE-F9AWA-KDDGU-6AMPY-UPBDU-AJS6U-8W28F-VRPFB-A9KD9-SDAUH-BCYAK-AUG7W-6K2XZ-NWTPA-NZLNX-BVerification will succeed if the last "B" is any character between [A-P]. Changing any other character does cause verification to fail.
I'm not a crypto expert and just assume there is a sane reason why this is the case.
Hi,
I'm testing CocoaFob master branch (can't use no-openssl branch as I need to target 10.6) and have come across a false positive situation in objective-c.
I generated the licence code using the PHP script with the following input:
ProductCode: MyAppAB Name: mark email: test@mark.co.uk
Which produced the following licence code: GAWQE-F9A2F-TS2DW-ZYSZE-ZSK2N-PL23V-H76X8-G7NVX-A9KB3-8NFYW-L8WFD-3CD72-EYGHM-ZYKLG-BC8ZQ-Q
That, correctly, verifies in PHP and Objective-C. However, changing the final character (from Q to R for example) also verifies in Objective-C, but not PHP. PHP correctly says it's invalid and gives an error about "found non-zero padding in Base32Decode".
The same is true of licence code GAWQE-FBMG4-RB8NU-4642P-T4FZF-5224K-DGSXZ-M7FQC-CUALV-WDN7C-9X8KW-FQG5B-5TQTZ-B8NPR-5D5Y5-Q which was generated from the same input.