You might want to have a look at this articleon how to implement a serial number validation function. It also goes into some advanced techniques such as how to keep on top of keygens, leaked keys, etc.

您可能想看看这篇关于如何实现序列号验证功能的文章。它还涉及一些高级技术，例如如何掌握密钥生成器、泄漏的密钥等。

In short, there are typically three underlying fields in such a key:

简而言之，这样的键通常包含三个底层字段：

• the actual serial number, which the article calls a "seed"
• some verification data; only part of the verification data is actually checked by the code
• a checksum, CRC or other simple typo-proofing mechanism

• 实际的序列号，文章称之为“种子”
• 一些验证数据；仅部分验证数据被代码实际检查
• 校验和、CRC 或其他简单的打字错误机制

By only implementing part of the verification data checking in your code, you can do things like "genuine validation" (in which case the rest of the verification happens on your server) or trip up keygens by checking different subsets of the validation data in new releases.

通过仅在您的代码中实施部分验证数据检查，您可以执行诸如“真正验证”之类的操作（在这种情况下，验证的其余部分发生在您的服务器上）或通过检查新的验证数据的不同子集来触发密钥生成器发布。

For Microsoft products in particular, is some knowledge available.

特别是对于微软产品，有一些可用的知识。

Product keys on Windows XP are base24-encoded using a custom alphabet. It consists of a serial number (the source calls it "Raw Product Key") and a digital signature over it. source

Windows XP 上的产品密钥使用自定义字母表进行 base24 编码。它由一个序列号（消息来源称其为“原始产品密钥”）和一个数字签名组成。来源

Product keys on Windows 8 and above have some documentation in the software patent application WO 2012067888 A1. It is still base24 encoded (act 57 et seq., which in practice means that the position of the 'N' is used as the very first character to decode). The gist of it is that there are these parts to a Windows 8 and above product key:

Windows 8 及更高版本的产品密钥在软件专利申请WO 2012067888 A1 中有一些文档。它仍然是 base24 编码的（第 57 条等，这实际上意味着“N”的位置被用作要解码的第一个字符）。它的要点是 Windows 8 及更高版本的产品密钥有这些部分：

• Group ID, which indicates the type/edition/family/distribution channel, see act 34)
• Serial number (forms "Raw Product Key" together with Group ID)
• Security values 1 and 2 (of varying grades of security, both are probably signatures, cf. acts 34 et seqq., 46, 55)
• Checksum (act 56, in practice a truncated POSIX cksum over the key)
• Upgrade bit

• 组 ID，表示类型/版本/系列/发行渠道，参见第 34 条）
• 序列号（与组 ID 一起形成“原始产品密钥”）
• 安全值 1 和 2（安全等级不同，两者都可能是签名，参见第 34 条和后续第 46、55 条）
• 校验和（第 56 条，实际上是在密钥上截断的 POSIX cksum）
• 升级位

There are four ways to confirm a key.

有四种方法可以确认密钥。

1. Simple compare to an existing string in the exe (extremely easy to crack)
2. Algorithmic compare to an entered string of characters (almost as easy as #1. Depends entirely on the reverse engineering skills of the cracker).
3. Compare with a server over the internet. (can be circumvented)
4. Hardware dongle.

1. 简单对比exe中已有的字符串（极易破解）
2. 算法与输入的字符串进行比较（几乎和#1 一样简单。完全取决于破解者的逆向工程技能）。
3. 与互联网上的服务器进行比较。（可以绕过）
4. 硬件加密狗。

Depending on the product you have from microsoft, they use one of the first 3 mechanisms above. For example, their OS's usually phone home; but their dev tools either have the key baked in or do an algorithmic compare. Some of their older OS's used to do the algorithm.

根据您从 microsoft 获得的产品，他们使用上述前 3 种机制之一。例如，他们的操作系统通常是电话回家；但他们的开发工具要么内置密钥，要么进行算法比较。他们的一些较旧的操作系统用于执行该算法。

There is a modified option 3, but that is simply having the app phone home every so often, typically based on some event. In the case of OS's, MS has it validate the entered product key for certain windows updates and other product downloads. Also, depending on the license key itself it might phone home once a month or so. As a side note, there is a reason why China has the #1 installed base of IE6.

有一个修改后的选项 3，但这只是让应用程序经常打电话回家，通常是基于某个事件。在操作系统的情况下，MS 会验证输入的某些 Windows 更新和其他产品下载的产品密钥。此外，根据许可证密钥本身，它可能一个月左右给家里打电话一次。作为旁注， CN 拥有 IE6 的#1 安装基础是有原因的。

The 4th option can also be circumvented. Usually the cracker will just patch your product to bypass the part of the code which does the hardware check.

也可以绕过第四个选项。通常，破解者只会修补您的产品以绕过进行硬件检查的代码部分。