Unified work (#269)

* Some work on line endings

* Enable buildkit

* Update documentation

* Settle the newline and tab vs spaces for now

Not perfect, but it's a standard

* Change wording

* Update version memo

* Add correct definition for markdown

* Make things clearer

.circleci/config.yml

@@ -1,15 +1,21 @@
-version: 2
+version: 2.1
 jobs:
   build:
-    docker:
-      - image: microsoft/dotnet:2-sdk
+    machine: true
     steps:
       - checkout
       - run:
           name: Print the Current Time
           command: date
-      - setup_remote_docker
-      - run: { name: 'Get docker', command: 'curl -fsSL get.docker.com -o get-docker.sh && sh get-docker.sh' }
+      - run:
+          name: Generate Keys
+          command: ./generateKeys.sh
       - run:
           name: Build script
-          command: ./build.sh
+          command: ./build.sh update
+      - run:
+          name: Test generating user license
+          command: ./licenseGen.sh user TestName TestEmail@example.com 4a619d4a-522d-4c70-8596-affb5b607c23
+      - run:
+          name: Test generating organization license
+          command: ./licenseGen.sh org TestName TestEmail@example.com 4a619d4a-522d-4c70-8596-affb5b607c23

.editorconfig

@@ -0,0 +1,19 @@
+root=true
+
+############################### 
+# Core EditorConfig Options   # 
+############################### 
+# All files 
+[*]
+indent_style=tab
+indent_size=4
+trim_trailing_whitespace=true
+end_of_line=lf
+charset=utf-8
+
+[*.{cs}]
+insert_final_newline=false
+
+[*.{md,mkdn}]
+trim_trailing_whitespace = true
+indent_style = space

.gitattributes

@@ -0,0 +1 @@
+* text eol=lf

.gitignore

@@ -1,7 +1,12 @@
 .idea/
 bin/
 obj/
+src/licenseGen/.vs/*
+src/bitBetter/.vs/*
 *.dll
 *.pem
 .vscode/
-*.pfx
+*.pfx
+*.cer
+*.vsidx
+.DS_Store

.keys/generate-keys.sh

@@ -1,15 +0,0 @@
-#!/bin/sh
-
-# Check for openssl
-command -v openssl >/dev/null 2>&1 || { echo >&2 "openssl required but not found.  Aborting."; exit 1; }
-
-# Remove any existing key files
-[ ! -e cert.pem ]  || rm cert.pem
-[ ! -e key.pem ]   || rm key.pem
-[ ! -e cert.cert ] || rm cert.cert
-[ ! -e cert.pfx ]  || rm cert.pfx
-
-# Generate new keys
-openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
-openssl x509 -inform DER -in cert.cert -out cert.pem
-openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test

.servers/serverlist.txt

@@ -0,0 +1,4 @@
+# Uncomment a line below and fill in the missing values or add your own. Every line in this file will be called by build.[sh|ps1] once the patched image is built.
+# docker run -d --name bitwarden --restart=always -v <full-local-path>\logs:/var/log/bitwarden -v <full-local-path>\bwdata:/etc/bitwarden -p 80:8080 --env-file <full-local-path>\settings.env bitwarden-patched
+# <OR>
+# docker-compose -f <full-local-path>/docker-compose.yml up -d

README.md

@@ -1,124 +1,174 @@
-# BitBetter
+# BitBetter lite
 
-BitBetter is is a tool to modify bitwardens core dll to allow you to generate your own individual and organisation licenses. Please see the FAQ below for details on why this software was created.
+BitBetter is is a tool to modify Bitwarden's core dll to allow you to generate your own individual and organisation licenses.
 
-_Beware! BitBetter does janky IL magic to rewrite the bitwarden core dll and install a self signed certificate. Use at your own risk!_
+Please see the FAQ below for details on why this software was created.
 
-Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/BitBetter 
+Be aware that this branch is **only** for the lite (formerly unified) version of bitwarden. It has been rewritten and works in different ways than the master branch.
+
+_Beware! BitBetter is a solution that generates a personal certificate and uses that to generate custom licences. This requires (automated) modifying of libraries. Use at your own risk!_
+
+Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/BitBetter and https://github.com/GieltjE/BitBetter
 
 # Table of Contents
-1. [Getting Started](#gettingstarted)
-    + [Pre-requisites](#prereq)
-    + [Setting up BitBetter](#setup)
-    + [Building BitBetter](#building)
-    + [Generating Signed Licenses](#generating)
-2. [FAQ](#faq)
-3. [Footnotes](#footnotes)
+- [BitBetter](#bitbetter)
+- [Table of Contents](#table-of-contents)
+- [Getting Started](#getting-started)
+  - [Dependencies](#dependencies)
+  - [Setting up BitBetter](#setting-up-bitbetter)
+    - [Optional: Manually generating Certificate & Key](#optional-manually-generating-certificate--key)
+  - [Building BitBetter](#building-bitbetter)
+  - [Updating Bitwarden and BitBetter](#updating-bitwarden-and-bitbetter)
+  - [Generating Signed Licenses](#generating-signed-licenses)
+    - [Note: Alternative Ways to Generate License](#note-alternative-ways-to-generate-license)
+- [FAQ: Questions you might have.](#faq-questions-you-might-have)
+  - [Why build a license generator for open source software?](#why-build-a-license-generator-for-open-source-software)
+  - [Shouldn't you have reached out to Bitwarden to ask them for alternative licensing structures?](#shouldnt-you-have-reached-out-to-bitwarden-to-ask-them-for-alternative-licensing-structures)
+- [Footnotes](#footnotes)
 
-# Getting Started <a name=#gettingstarted></a>
-The following instructions are for unix-based systems (Linux, BSD, macOS), it is possible to use a Windows systems assuming you are able to enable and install [WSL](https://docs.microsoft.com/en-us/windows/wsl/install-win10).
+# Getting Started
+The following instructions are for unix-based systems (Linux, BSD, macOS) and Windows, just choose the correct script extension (.sh or .ps1 respectively).
 
-## Pre-requisites <a name=#prereq></a>
+## Dependencies
 Aside from docker, which you also need for Bitwarden, BitBetter requires the following:
 
-* openssl (probably already installed on most Linux or WSL systems)
-* dotnet-sdk-2.1 (install instructions can be found [here](https://dotnet.microsoft.com/download/linux-package-manager/rhel/sdk-2.1.604))
+* Bitwarden (tested with 2025.11.1 might work on lower versions), for safety always stay up to date
+* openssl (probably already installed on most Linux or WSL systems, any version should work, on Windows it will be auto installed using winget)
 
-## Setting up BitBetter <a name=#setup></a>
-With your pre-requisites installed, begin the installation of BitBetter by downloading it through Github or using the git command:
+## Setting up BitBetter
+With your dependencies installed, begin the installation of BitBetter by downloading it through Github or using the git command:
 
-```bash
-git clone https://github.com/online-stuff/BitBetter.git
+```
+git clone https://github.com/jakeswenson/BitBetter.git
 ```
 
-First, we need to add the correct version of Newtonsoft.Json to the license generator and the BitBetter docker directories.
+### Optional: Manually generating Certificate & Key
+
+If you wish to generate your self-signed cert & key manually, you can run the following commands.
 
 ```bash
-cd BitBetter/src/licenseGen/
-dotnet add package Newtonsoft.Json --version 12.0.1 
-
-cd ../bitBetter
-dotnet add package Newtonsoft.Json --version 12.0.1 
-```
-
-Next, we need to generate the self-signed certificate we will use to sign any licenses we generate.
-
-To sign your own license you first need to generate your own signing cert using the `.keys/generate-keys.sh` script.
-
-Running this script will prompt you to enter some information about your new certificate, you may leave these at the defaults or set them to your preference. The script will then create a pkcs12 file (.pfx) containing your new key/cert.
-
-You may also choose to do this manually via the following commands.
-
-```bash
-openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
-openssl x509 -inform DER -in cert.cert -out cert.pem
+cd .keys
+openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cer -days 36500 -outform DER -passout pass:test
+openssl x509 -inform DER -in cert.cer -out cert.pem
 openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test
 ```
 
-Note that the password here must be `test`.<sup>[1](#f1)</sup>
+> Note that the password here must be `test`.<sup>[1](#f1)</sup>
+---
 
-## Building BitBetter <a name=#building></a>
 
-Now that you've generated your own own self-signed certificate, you can run the main `BitBetter/build.sh` script to generate a modified version of the `bitwarden/api` docker image.
+## Building BitBetter
+
+Now that you've set up your build environment, we need to specify which servers to start after the work is done.
+The scripts supports running and patching multi instances.
+
+Edit the .servers/serverlist.txt file and fill in the missing values, they can be replaced with existing installation values.
+This file may be empty, but there will be no containers will be spun up automatically.
+
+Now it is time to **run the main build script** to generate a modified version of the `ghcr.io/bitwarden/lite` docker image and the license generator.
 
 From the BitBetter directory, simply run:
-```bash
-./build.sh
+```
+./build.[sh|ps1]
 ```
 
-This will create a modified version of the official `bitwarden/api` called `bitbetter/api`. You may now simply edit your bitwarden docker-compose.yml to utilize the modified image.
+This will create a new self-signed certificate in the `.keys` directory if one does not already exist and then create a modified version of the official `ghcr.io/bitwarden/lite` image called `bitwarden-patched`.
 
-Edit your  `/path/to/bwdata/docker/docker-compose.yml`.
+Afterwards it will automatically generate the license generator and start all previously specified containers which are **now ready to accept self-issued licenses.**
 
-> Replace `image: bitwarden/api:x.xx.x`<br>with `image: bitbetter/api`
 
-You'll also want to edit the `/path/to/bwdata/scripts/run.sh` file. In the `function restart()` block, comment out the call to `dockerComposePull`.
+---
 
-> Replace `dockerComposePull`<br>with `#dockerComposePull`
+## Updating Bitwarden and BitBetter
 
-You can now start or restart Bitwarden as normal and the modified api will be used. <b>It is now ready to accept self-issued licenses.</b>
+To update Bitwarden, the same `build.[sh|ps1]` script can be used. It will rebuild the BitBetter image and automatically update Bitwarden before doing so.
 
-## Generating Signed Licenses <a name=#generating></a>
+## Generating Signed Licenses
 
-There is a tool included in the directory `src/licenseGen/` that will generate new individual and organization licenses. These licenses will be accepted by the modified Bitwarden because they will be signed by the certificate you generated in earlier steps.
+There is a tool included in the directory `licenseGen/` that will generate new individual and organization licenses. These licenses will be accepted by the modified Bitwarden because they will be signed by the certificate you generated in earlier steps.
 
-First, from the `BitBetter/src/licenseGen` directory, build the license generator.<sup>[2](#f2)</sup>
+In order to run the tool and generate a license you'll need to get a **user's GUID** in order to generate an **invididual license** or the server's **install ID** to generate an **Organization license**. These can be retrieved most easily through the Bitwarden [Admin Portal](https://help.bitwarden.com/article/admin-portal/).
 
-```bash
-./build.sh
+**The user must have a verified email address at the time of license import, otherwise Bitwarden will reject the license key. Nevertheless, the license key can be generated even before the user's email is verified.**
+
+If you ran the build script, you can **simply run the license gen in interactive mode** from the `Bitbetter` directory and **follow the prompts to generate your license**.
+
+```
+./licenseGen.[sh|ps1] interactive
 ```
 
-Now, from the `BitBetter/src/licenseGen` directory, you can run the tool to generate licenses.
+**The license generator will spit out a JSON-formatted license which can then be used within the Bitwarden web front-end to license your user or org!**
 
-You'll need to get a user's <b>GUID</b> in order to generate an <b>invididual license</b> and the server's <b>install ID</b> to generate an <b>Organization license</b>. These can be retrieved most easily through the Bitwarden [Admin Portal](https://help.bitwarden.com/article/admin-portal/).
 
-```bash
-./run.sh ~/BitBetter/.keys/cert.pfx user "Name" "EMail" "User-GUID"
-./run.sh ~/BitBetter/.keys/cert.pfx org "Name" "EMail" "Install-ID used to install the server"
+## Migrating from mssql to a real database
+
+Prepare a new database and bwdata directory, download and prepare the new settings.env (https://raw.githubusercontent.com/bitwarden/self-host/refs/heads/main/bitwarden-lite/settings.env)
+
+Make sure you can get the data from either the backup file or by connecting directly to the mssql database (navicat has a trial).
+
+If required (e.g. you cannot connect to your docker mssql server directly) download Microsoft SQL Server 2022 and SQL Server Management Studio (the latter can be used to import the .bak file)
+
+After cloning this repo and modifying .servers/serverlist.txt to suit your new environment do the following:
+
+```
+docker exec -i bitwarden-mssql /backup-db.sh
+./bitwarden.sh stop
 ```
 
-<b>The license generator will spit out a JSON-formatted license which can then be used within the Bitwarden web front-end to license your user or org!</b>
+Run build.sh and ensure your new instance serves a webpage AND has populated the new database with the tables (should be empty now)
 
-# FAQ: Questions (you might have?) <a name=#faq></a>
+Proceed to stop the new container for now.
 
-I'll work on updates in the next couple weeks, right now, I just wanted something to start with.
+Copy from the old to the new bwdata directory (do not copy/overwrite identity.pfx!):
+ - bwdata/core/licenses to bwdata-new/licenses
+ - bwdata/core/aspnet-dataprotection to bwdata-new/data-protection
+ - bwdata/core/attachments to bwdata-new/attachments
 
-## But why? Its open source?
+Export data only from the old sql server database, if needed import the .bak file to a local mssql instance.
 
-Yes, bitwarden is great. If I didn't care about it i wouldn't be doing this.
-I was bothered that if i want to host bitwarden myself, at my house, 
-for my family to use (with the ability to share access) I would still have to pay a monthly ENTERPRISE organization fee.
-To host it myself. And maintain it myself. Basically WTH was bitwarden doing that I was paying them for?
+Only export tables that have rows, makes it much quicker, .json is the easiest with navicat.
 
-## You should have reached out to bitwarden
+Import the rows to the real database, start the new docker container.
 
-Thanks, good idea. And I did. Currently they're not focused on solving this issue - yet. 
-To be clear i'm totally happy to give them my money. Offer a perpetual server license, and i'd pay for it.  Let me license the server, period.  Allow an orginzation to have Premium for all users..  500 seats, let the 500 users in the orginzation have the Premium features too.
+---
 
-I'm still in the testing/evaluating phase.  If I am hosting the server/data, let me license the server, period.  How many licenses does one user need to have...
+# FAQ: Questions you might have.
 
-# Footnotes <a name=#footnotes></a>
+## Why build a license generator for open source software?
 
-<a name="#f1"><sup>1</sup></a> If you wish to change this you'll need to change the value that `src/licenseGen/Program.cs` uses for it's `GenerateUserLicense` and `GenerateOrgLicense` calls, but this is really unnecessary as this certificate does not represent any type of security issue.
+We agree that Bitwarden is great. If we didn't care about it then we wouldn't be doing this. We believe that if a user wants to host Bitwarden themselves, in their house, for their family to use and with the ability to share access, they would still have to pay a **monthly** enterprise organization fee. When hosting and maintaining the software yourself there is no need to pay for the level of service that an enterprise customer needs.
 
-<a name="#f2"><sup>2</sup></a>This tool build ontop of the `bitbetter/api` container image so make sure you've built that above using the root `./build.sh` script.
+Unfortunately, Bitwarden doesn't seem to have any method for receiving donations so we recommend making a one-time donation to your open source project of choice for each BitBetter license you generate if you can afford to do so.
+
+## Shouldn't you have reached out to Bitwarden to ask them for alternative licensing structures?
+
+In the past we have done so but they were not focused on the type of customer that would want a one-time license and would be happy to sacrifice customer service. We believe the features that are currently behind this subscription paywall to be critical ones and believe they should be available to users who can't afford an enterprise payment structure. We'd even be happy to see a move towards a Gitlab-like model where premium features are rolled out *first* to the enterprise subscribers before being added to the fully free version.
+
+UPDATE: Bitwarden now offers a cheap license called [Families Organization](https://bitwarden.com/pricing/) that provides premium features and the ability to self-host Bitwarden for six persons.
+
+## 2fa doesn't work
+
+Unfortunately the new BitWarden container doesn't set the timezone and ignores TZ= from the environment, can be fixed by:
+
+```
+docker exec bitwarden ln -s /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime
+```
+
+## Changes in settings.env
+
+Require a recreation of the docker container, build.sh will suffice too.
+
+## Migrating from the old unified branch
+
+```
+git branch -m unified lite
+git fetch origin
+git branch -u origin/lite lite
+git remote set-head origin -a
+```
+
+# Footnotes
+
+<a name="#f1"><sup>1</sup></a>This tool builds on top of the `bitbetter/api` container image so make sure you've built that above using the root `./build.sh` script.
+
+<a name="#f2"><sup>2</sup></a> If you wish to change this you'll need to change the value that `licenseGen/Program.cs` uses for its `GenerateUserLicense` and `GenerateOrgLicense` calls. Remember, this is really unnecessary as this certificate does not represent any type of security-related certificate.

build.ps1

@@ -0,0 +1,132 @@
+$ErrorActionPreference = 'Stop'
+$PSNativeCommandUseErrorActionPreference = $true
+
+# detect buildx, ErrorActionPreference will ensure the script stops execution if not found
+docker buildx version
+
+# Enable BuildKit for better build experience and to ensure platform args are populated
+$env:DOCKER_BUILDKIT=1
+$env:COMPOSE_DOCKER_CLI_BUILD=1
+
+# define temporary directory
+$tempdirectory = "$pwd\temp"
+# define services to patch
+$components = "Api","Identity"
+
+# delete old directories / files if applicable
+if (Test-Path "$tempdirectory" -PathType Container) {
+	Remove-Item "$tempdirectory" -Recurse -Force
+}
+
+if (Test-Path -Path "$pwd\src\licenseGen\Core.dll" -PathType Leaf) {
+	Remove-Item "$pwd\src\licenseGen\Core.dll" -Force
+}
+
+if (Test-Path -Path "$pwd\src\licenseGen\cert.pfx" -PathType Leaf) {
+	Remove-Item "$pwd\src\licenseGen\cert.pfx" -Force
+}
+
+if (Test-Path -Path "$pwd\src\bitBetter\cert.cer" -PathType Leaf) {
+	Remove-Item "$pwd\src\bitBetter\cert.cer" -Force
+}
+
+if (Test-Path "$pwd\.keys\cert.cert" -PathType Leaf) {
+	Rename-Item -Path "$pwd\.keys\cert.cert" -NewName "$pwd\.keys\cert.cer"
+}
+
+# generate keys if none are available
+if (!(Test-Path "$pwd\.keys" -PathType Container)) {
+	.\generateKeys.ps1
+}
+
+# copy the key to bitBetter
+Copy-Item "$pwd\.keys\cert.cer" -Destination "$pwd\src\bitBetter"
+
+# build bitBetter and clean the source directory after
+docker build --no-cache -t bitbetter/bitbetter "$pwd\src\bitBetter"
+Remove-Item "$pwd\src\bitBetter\cert.cer" -Force
+
+# gather all running instances, cannot run a wildcard filter on Ancestor= :(, does find all where name = *bitwarden*
+$oldinstances = docker container ps --all -f Name=bitwarden --format '{{.ID}}'
+
+# stop and remove all running instances
+foreach ($instance in $oldinstances) {
+	docker stop $instance
+	docker rm $instance
+}
+
+# update bitwarden itself
+if ($args[0] -eq 'update') {
+	docker pull ghcr.io/bitwarden/lite:latest
+} else {
+	$confirmation = Read-Host "Update (or get) bitwarden source container (y/n)"
+	if ($confirmation -eq 'y') {
+		docker pull ghcr.io/bitwarden/lite:latest
+	}
+}
+
+# stop and remove previous existing patch(ed) container
+$oldinstances = docker container ps --all -f Ancestor=bitwarden-patched --format '{{.ID}}'
+foreach ($instance in $oldinstances) {
+	docker stop $instance
+	docker rm $instance
+}
+$oldinstances = docker image ls bitwarden-patched --format '{{.ID}}'
+foreach ($instance in $oldinstances) {
+	docker image rm $instance
+}
+
+# remove old extract containers
+$oldinstances = docker container ps --all -f Name=bitwarden-extract --format '{{.ID}}'
+foreach ($instance in $oldinstances) {
+	docker stop $instance
+	docker rm $instance
+}
+
+# start a new bitwarden instance so we can patch it
+$patchinstance = docker run -d --name bitwarden-extract ghcr.io/bitwarden/lite:latest
+
+# create our temporary directory
+New-item -ItemType Directory -Path $tempdirectory
+
+# extract the files that need to be patched from the services that need to be patched into our temporary directory
+foreach ($component in $components) {
+	New-item -itemtype Directory -path "$tempdirectory\$component"
+	docker cp $patchinstance`:/app/$component/Core.dll "$tempdirectory\$component\Core.dll"
+}
+
+# stop and remove our temporary container
+docker stop bitwarden-extract
+docker rm bitwarden-extract
+
+# run bitBetter, this applies our patches to the required files
+docker run -v "$tempdirectory`:/app/mount" --rm bitbetter/bitbetter
+
+# create a new image with the patched files
+docker build . --tag bitwarden-patched --file "$pwd\src\bitBetter\Dockerfile-bitwarden-patch"
+
+# start all user requested instances
+if (Test-Path -Path "$pwd\.servers\serverlist.txt" -PathType Leaf) {
+	foreach($line in Get-Content "$pwd\.servers\serverlist.txt") {
+		if (!($line.StartsWith("#"))) {
+			Invoke-Expression "& $line"
+		}
+	}
+}
+
+# remove our bitBetter image
+docker image rm bitbetter/bitbetter
+
+# copy our patched library to the licenseGen source directory
+Copy-Item "$tempdirectory\Identity\Core.dll" -Destination "$pwd\src\licenseGen"
+Copy-Item "$pwd\.keys\cert.pfx" -Destination "$pwd\src\licenseGen"
+
+# build the licenseGen
+docker build -t bitbetter/licensegen "$pwd\src\licenseGen"
+
+# clean the licenseGen source directory
+Remove-Item "$pwd\src\licenseGen\Core.dll" -Force
+Remove-Item "$pwd\src\licenseGen\cert.pfx" -Force
+
+# remove our temporary directory
+Remove-Item "$tempdirectory" -Recurse -Force

build.sh

@@ -1,13 +1,135 @@
 #!/bin/bash
+set -e
 
-mkdir ./src/bitBetter/.keys
+# detect buildx, set -e will ensure the script stops execution if not found
+docker buildx version
 
-cp .keys/cert.cert ./src/bitBetter/.keys
+# Enable BuildKit for better build experience and to ensure platform args are populated
+export DOCKER_BUILDKIT=1
+export COMPOSE_DOCKER_CLI_BUILD=1
 
-cd ./src/bitBetter
+# define temporary directory
+TEMPDIRECTORY="$PWD/temp"
 
-dotnet restore
-dotnet publish
+# define services to patch
+COMPONENTS=("Api" "Identity")
 
-docker build --pull . -t bitbetter/api # --squash
+# delete old directories / files if applicable
+if [ -d "$TEMPDIRECTORY" ]; then
+	rm -rf "$TEMPDIRECTORY"
+fi
 
+if [ -f "$PWD/src/licenseGen/Core.dll" ]; then
+	rm -f "$PWD/src/licenseGen/Core.dll"
+fi
+
+if [ -f "$PWD/src/licenseGen/cert.pfx" ]; then
+	rm -f "$PWD/src/licenseGen/cert.pfx"
+fi
+
+if [ -f "$PWD/src/bitBetter/cert.cer" ]; then
+	rm -f "$PWD/src/bitBetter/cert.cer"
+fi
+
+if [ -f "$PWD/.keys/cert.cert" ]; then
+	mv "$PWD/.keys/cert.cert" "$PWD/.keys/cert.cer"
+fi
+
+# generate keys if none are available
+if [ ! -d "$PWD/.keys" ]; then
+	./generateKeys.sh
+fi
+
+# copy the key to bitBetter
+cp -f "$PWD/.keys/cert.cer" "$PWD/src/bitBetter"
+
+# build bitBetter and clean the source directory after
+docker build --no-cache -t bitbetter/bitbetter "$PWD/src/bitBetter"
+rm -f "$PWD/src/bitBetter/cert.cer"
+
+# gather all running instances, cannot run a wildcard filter on Ancestor= :(, does find all where name = *bitwarden*
+OLDINSTANCES=$(docker container ps --all -f Name=bitwarden --format '{{.ID}}')
+
+# stop and remove all running instances
+for INSTANCE in ${OLDINSTANCES[@]}; do
+	docker stop $INSTANCE
+	docker rm $INSTANCE
+done
+
+# update bitwarden itself
+if [ "$1" = "update" ]; then
+	docker pull ghcr.io/bitwarden/lite:latest
+else
+	read -p "Update (or get) bitwarden source container (y/n): "
+	if [[ $REPLY =~ ^[Yy]$ ]]; then
+		docker pull ghcr.io/bitwarden/lite:latest
+	fi
+fi
+
+# stop and remove previous existing patch(ed) container
+OLDINSTANCES=$(docker container ps --all -f Ancestor=bitwarden-patched --format '{{.ID}}')
+for INSTANCE in ${OLDINSTANCES[@]}; do
+	docker stop $INSTANCE
+	docker rm $INSTANCE
+done
+OLDINSTANCES=$(docker image ls bitwarden-patched --format '{{.ID}}')
+for INSTANCE in ${OLDINSTANCES[@]}; do
+	docker image rm $INSTANCE
+done
+
+# remove old extract containers
+OLDINSTANCES=$(docker container ps --all -f Name=bitwarden-extract --format '{{.ID}}')
+for INSTANCE in ${OLDINSTANCES[@]}; do
+	docker stop $INSTANCE
+	docker rm $INSTANCE
+done
+
+# start a new bitwarden instance so we can patch it
+PATCHINSTANCE=$(docker run -d --name bitwarden-extract ghcr.io/bitwarden/lite:latest)
+
+# create our temporary directory
+mkdir $TEMPDIRECTORY
+
+# extract the files that need to be patched from the services that need to be patched into our temporary directory
+for COMPONENT in ${COMPONENTS[@]}; do
+	mkdir "$TEMPDIRECTORY/$COMPONENT"
+	docker cp $PATCHINSTANCE:/app/$COMPONENT/Core.dll "$TEMPDIRECTORY/$COMPONENT/Core.dll"
+done
+
+# stop and remove our temporary container
+docker stop bitwarden-extract
+docker rm bitwarden-extract
+
+# run bitBetter, this applies our patches to the required files
+docker run -v "$TEMPDIRECTORY:/app/mount" --rm bitbetter/bitbetter
+
+# create a new image with the patched files
+docker build . --tag bitwarden-patched --file "$PWD/src/bitBetter/Dockerfile-bitwarden-patch"
+
+# start all user requested instances
+if [ -f "$PWD/.servers/serverlist.txt" ]; then
+	# convert line endings to unix
+	sed -i 's/\r$//' "$PWD/.servers/serverlist.txt"
+	cat "$PWD/.servers/serverlist.txt" | while read -r LINE; do
+		if [[ $LINE != "#"* ]]; then
+			bash -c "$LINE"
+		fi
+	done
+fi
+
+# remove our bitBetter image
+docker image rm bitbetter/bitbetter
+
+# copy our patched library to the licenseGen source directory
+cp -f "$TEMPDIRECTORY/Identity/Core.dll" "$PWD/src/licenseGen"
+cp -f "$PWD/.keys/cert.pfx" "$PWD/src/licenseGen"
+
+# build the licenseGen
+docker build -t bitbetter/licensegen "$PWD/src/licenseGen"
+
+# clean the licenseGen source directory
+rm -f "$PWD/src/licenseGen/Core.dll"
+rm -f "$PWD/src/licenseGen/cert.pfx"
+
+# remove our temporary directory
+rm -rf "$TEMPDIRECTORY"

generateKeys.ps1

@@ -0,0 +1,25 @@
+$ErrorActionPreference = 'Stop'
+$PSNativeCommandUseErrorActionPreference = $true
+
+# get the basic openssl binary path
+$opensslbinary = "$Env:Programfiles\OpenSSL-Win64\bin\openssl.exe"
+
+# if openssl is not installed attempt to install it
+if (!(Get-Command $opensslbinary -errorAction SilentlyContinue))
+{
+	winget install openssl
+}
+
+# if previous keys exist, remove them
+if (Test-Path "$pwd\.keys")
+{
+	Remove-Item "$pwd\.keys" -Recurse -Force
+}
+
+# create new directory 
+New-item -ItemType Directory -Path "$pwd\.keys"
+
+# generate actual keys
+Invoke-Expression "& '$opensslbinary' req -x509 -newkey rsa:4096 -keyout `"$pwd\.keys\key.pem`" -out `"$pwd\.keys\cert.cer`" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test"
+Invoke-Expression "& '$opensslbinary' x509 -inform DER -in `"$pwd\.keys\cert.cer`" -out `"$pwd\.keys\cert.pem`""
+Invoke-Expression "& '$opensslbinary' pkcs12 -export -out `"$pwd\.keys\cert.pfx`" -inkey `"$pwd\.keys\key.pem`" -in `"$pwd\.keys\cert.pem`" -passin pass:test -passout pass:test"

generateKeys.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e
+
+# Check for openssl
+command -v openssl >/dev/null 2>&1 || { echo >&2 "openssl required but not found.  Aborting."; exit 1; }
+
+DIR="$PWD/.keys"
+
+# if previous keys exist, remove them
+if [ -d "$DIR" ]; then
+	rm -rf "$DIR"
+fi
+
+# create new directory 
+mkdir "$DIR"
+
+# Generate new keys
+openssl	req -x509 -newkey rsa:4096 -keyout "$DIR/key.pem" -out "$DIR/cert.cer" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US'  -outform DER -passout pass:test
+openssl x509 -inform DER -in "$DIR/cert.cer" -out "$DIR/cert.pem"
+openssl pkcs12 -export -out "$DIR/cert.pfx" -inkey "$DIR/key.pem" -in "$DIR/cert.pem" -passin pass:test -passout pass:test

licenseGen.ps1

@@ -0,0 +1,17 @@
+$ErrorActionPreference = 'Stop'
+$PSNativeCommandUseErrorActionPreference = $true
+
+if ($($args.Count) -lt 1) {
+	echo "USAGE: <License Gen action> [License Gen args...]"
+	echo "ACTIONS:"
+	echo " interactive"
+	echo " user"
+	echo " org"
+	Exit 1
+}
+
+if ($args[0] -eq "interactive") {
+	docker run -it --rm bitbetter/licensegen interactive
+} else {
+	docker run bitbetter/licensegen $args
+}

licenseGen.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+if [ $# -lt 1 ]; then
+	echo "USAGE: <License Gen action> [License Gen args...]"
+	echo "ACTIONS:"
+	echo " interactive"
+	echo " user"
+	echo " org"
+	exit 1
+fi
+
+if [ "$1" = "interactive" ]; then
+	docker run -it --rm bitbetter/licensegen interactive
+else
+	docker run --rm bitbetter/licensegen "$@"
+fi

src/bitBetter/Dockerfile

@@ -1,12 +1,14 @@
-FROM bitwarden/api
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
+WORKDIR /bitBetter
 
-COPY bin/Debug/netcoreapp2.0/publish/* /bitBetter/
-COPY ./.keys/cert.cert /newLicensing.cer
+COPY . /bitBetter
+COPY cert.cer /app/
 
-RUN dotnet /bitBetter/bitBetter.dll && \
-    echo "modified dll" && \
-    mv /app/Core.dll /app/Core.orig.dll && \
-    mv /app/modified.dll /app/Core.dll && \
-    echo "replaced dll" && \
-    rm -rf /bitBetter && rm -rf /newLicensing.cer && \
-    echo "cleaned up"
+RUN dotnet restore
+RUN dotnet publish -c Release -o /app --no-restore
+
+FROM mcr.microsoft.com/dotnet/sdk:8.0
+WORKDIR /app
+COPY --from=build /app .
+
+ENTRYPOINT ["dotnet", "/app/bitBetter.dll"]

src/bitBetter/Dockerfile-bitwarden-patch

@@ -0,0 +1,3 @@
+FROM ghcr.io/bitwarden/lite:latest
+
+COPY ./temp/ /app/

src/bitBetter/Program.cs

@@ -1,93 +1,67 @@
-using System;
-using System.IO;
-using System.Linq;
-using System.Security.Cryptography.X509Certificates;
-using Mono.Cecil;
-using Mono.Cecil.Cil;
-using Mono.Cecil.Rocks;
-
-namespace bitwardenSelfLicensor
-{
-    class Program
-    {
-        static int Main(string[] args)
-        {
-            string cerFile;
-            string corePath;
-
-            if(args.Length >= 2) {
-                cerFile = args[0];
-                corePath = args[1];
-            } else if (args.Length == 1) {
-                cerFile = args[0];
-                corePath = "/app/Core.dll";
-            }
-            else {
-                cerFile = "/newLicensing.cer";
-                corePath = "/app/Core.dll";
-            }
-
-
-            var module =  ModuleDefinition.ReadModule(new MemoryStream(File.ReadAllBytes(corePath)));
-            var cert = File.ReadAllBytes(cerFile);
-
-            var x = module.Resources.OfType<EmbeddedResource>()
-                                    .Where(r => r.Name.Equals("Bit.Core.licensing.cer"))
-                                    .First();
-
-            Console.WriteLine(x.Name);
-
-            var e = new EmbeddedResource("Bit.Core.licensing.cer", x.Attributes, cert);
-
-            module.Resources.Add(e);
-            module.Resources.Remove(x);
-
-            var services = module.Types.Where(t => t.Namespace == "Bit.Core.Services");
-            
-
-            var type = services.First(t => t.Name == "LicensingService");
-
-            var licensingType =  type.Resolve();
-
-            var existingCert = new X509Certificate2(x.GetResourceData());
-
-            Console.WriteLine($"Existing Cert Thumbprin: {existingCert.Thumbprint}");
-            X509Certificate2 certificate = new X509Certificate2(cert);
-
-            Console.WriteLine($"New cert Thumbprint: {certificate.Thumbprint}");
-
-            var ctor = licensingType.GetConstructors().Single();
-
-
-            var rewriter = ctor.Body.GetILProcessor();
-
-            var instToReplace = 
-                ctor.Body.Instructions.Where(i => i.OpCode == OpCodes.Ldstr
-                    && string.Equals((string)i.Operand, existingCert.Thumbprint, StringComparison.InvariantCultureIgnoreCase))
-                .FirstOrDefault();
-
-            if(instToReplace != null) {
-                rewriter.Replace(instToReplace, Instruction.Create(OpCodes.Ldstr, certificate.Thumbprint));
-            }
-            else {
-                Console.WriteLine("Cant find inst");
-            }
-
-            // foreach (var inst in ctor.Body.Instructions)
-            // {
-            //     Console.Write(inst.OpCode.Name + " " + inst.Operand?.GetType() + " = ");
-            //     if(inst.OpCode.FlowControl == FlowControl.Call) {
-            //         Console.WriteLine(inst.Operand);
-            //     }
-            //     else if(inst.OpCode == OpCodes.Ldstr) {
-            //         Console.WriteLine(inst.Operand);
-            //     }
-            //     else {Console.WriteLine();}
-            // }
-
-            module.Write("modified.dll");
-
-            return 0;
-        }
-    }
-}
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Security.Cryptography.X509Certificates;
+using dnlib.DotNet;
+using dnlib.DotNet.Emit;
+using dnlib.DotNet.Writer;
+using dnlib.IO;
+
+namespace bitBetter;
+
+internal class Program
+{
+	private static Int32 Main()
+	{
+		const String certFile = "/app/cert.cer";
+		String[] files = Directory.GetFiles("/app/mount", "Core.dll", SearchOption.AllDirectories);
+
+		foreach (String file in files)
+		{
+			Console.WriteLine(file);
+			ModuleDefMD moduleDefMd = ModuleDefMD.Load(file);
+			Byte[] cert = File.ReadAllBytes(certFile);
+
+			EmbeddedResource embeddedResourceToRemove = moduleDefMd.Resources.OfType<EmbeddedResource>().First(r => r.Name.Equals("Bit.Core.licensing.cer"));
+			EmbeddedResource embeddedResourceToAdd = new("Bit.Core.licensing.cer", cert) { Attributes = embeddedResourceToRemove.Attributes };
+			moduleDefMd.Resources.Add(embeddedResourceToAdd);
+			moduleDefMd.Resources.Remove(embeddedResourceToRemove);
+
+			DataReader reader = embeddedResourceToRemove.CreateReader();
+			X509Certificate2 existingCert = new(reader.ReadRemainingBytes());
+			
+			Console.WriteLine($"Existing Cert Thumbprint: {existingCert.Thumbprint}");
+			X509Certificate2 certificate = new(cert);
+
+			Console.WriteLine($"New Cert Thumbprint: {certificate.Thumbprint}");
+
+			IEnumerable<TypeDef> services = moduleDefMd.Types.Where(t => t.Namespace == "Bit.Core.Billing.Services");
+			TypeDef type = services.First(t => t.Name == "LicensingService");
+			MethodDef constructor = type.FindConstructors().First();
+			
+			Instruction instructionToPatch = constructor.Body.Instructions.FirstOrDefault(i => i.OpCode == OpCodes.Ldstr && String.Equals((String)i.Operand, existingCert.Thumbprint, StringComparison.InvariantCultureIgnoreCase));
+			
+			if (instructionToPatch != null)
+			{
+				instructionToPatch.Operand = certificate.Thumbprint;
+			}
+			else
+			{
+				Console.WriteLine("Can't find constructor to patch");
+			}
+
+			ModuleWriterOptions moduleWriterOptions = new(moduleDefMd);
+			moduleWriterOptions.MetadataOptions.Flags |= MetadataFlags.KeepOldMaxStack;
+			moduleWriterOptions.MetadataOptions.Flags |= MetadataFlags.PreserveAll;
+			moduleWriterOptions.MetadataOptions.Flags |= MetadataFlags.PreserveRids;
+
+			moduleDefMd.Write(file + ".new");
+			moduleDefMd.Dispose();
+			File.Delete(file);
+			File.Move(file + ".new", file);
+		}
+
+		return 0;
+	}
+}

src/bitBetter/bitBetter.csproj

@@ -1,12 +1,9 @@
 <Project Sdk="Microsoft.NET.Sdk">
-
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>netcoreapp2.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
-
   <ItemGroup>
-    <PackageReference Include="Mono.Cecil" Version="0.10.0-beta6" />
+    <PackageReference Include="dnlib" Version="4.5.0" />
   </ItemGroup>
-
-</Project>
+</Project>

src/licenseGen/Dockerfile

@@ -1,5 +1,15 @@
-FROM bitbetter/api
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
+WORKDIR /licenseGen
 
-COPY bin/Debug/netcoreapp2.0/publish/* /app/
+COPY . /licenseGen
+COPY Core.dll /app/
+COPY cert.pfx /app/
 
-ENTRYPOINT [ "dotnet", "/app/licenseGen.dll", "--core", "/app/Core.dll", "--cert", "/cert.pfx" ]
+RUN dotnet restore
+RUN dotnet publish -c Release -o /app --no-restore
+
+FROM mcr.microsoft.com/dotnet/sdk:8.0
+WORKDIR /app
+COPY --from=build /app .
+
+ENTRYPOINT ["dotnet", "/app/licenseGen.dll", "--cert=/app/cert.pfx", "--core=/app/Core.dll"]

src/licenseGen/Program.cs

@@ -1,223 +1,485 @@
-using System;
-using System.IO;
-using System.Linq;
-using System.Runtime.Loader;
-using System.Security.Cryptography.X509Certificates;
-using Microsoft.Extensions.CommandLineUtils;
-using Newtonsoft.Json;
-
-namespace bitwardenSelfLicensor
-{
-    class Program
-    {
-        static int Main(string[] args)
-        {
-            var app = new Microsoft.Extensions.CommandLineUtils.CommandLineApplication();
-            var cert = app.Option("--cert", "cert file", CommandOptionType.SingleValue);
-            var coreDll = app.Option("--core", "path to core dll", CommandOptionType.SingleValue);
-
-            bool certExists()
-            {
-                return File.Exists(cert.Value());
-            }
-
-            bool coreExists()
-            {
-                return File.Exists(coreDll.Value());
-            }
-
-            bool verifyTopOptions()
-            {
-                return !string.IsNullOrWhiteSpace(cert.Value()) &&
-                       !string.IsNullOrWhiteSpace(coreDll.Value()) &&
-                       certExists() && coreExists();
-            }
-
-            app.Command("user", config =>
-            {
-                var name = config.Argument("Name", "your name");
-                var email = config.Argument("Email", "your email");
-                var userIdArg = config.Argument("User ID", "your user id");
-                var key = config.Argument("Key", "your key id (optional)");
-                var help = config.HelpOption("--help | -h | -?");
-
-                config.OnExecute(() =>
-                {
-                    if (!verifyTopOptions())
-                    {
-                        if (!coreExists())
-                        {
-                            config.Error.WriteLine($"Cant find core dll at: {coreDll.Value()}");
-                        }
-                        if (!certExists())
-                        {
-                            config.Error.WriteLine($"Cant find certificate at: {cert.Value()}");
-                        }
-
-                        config.ShowHelp();
-                        return 1;
-                    }
-                    else if (string.IsNullOrWhiteSpace(name.Value) || string.IsNullOrWhiteSpace(email.Value))
-                    {
-                        config.Error.WriteLine($"Some arguments are missing: Name='{name.Value}' Email='{email.Value}'");
-                        config.ShowHelp("user");
-                        return 1;
-                    }
-
-
-                    if (string.IsNullOrWhiteSpace(userIdArg.Value) || !Guid.TryParse(userIdArg.Value, out Guid userId))
-                    {
-                        config.Error.WriteLine($"User ID not provided");
-                        config.ShowHelp("user");
-                        return 1;
-                    }
-
-                    GenerateUserLicense(new X509Certificate2(cert.Value(), "test"), coreDll.Value(), name.Value, email.Value, userId, key.Value);
-
-                    return 0;
-                });
-            });
-            app.Command("org", config =>
-            {
-                var name = config.Argument("Name", "your name");
-                var email = config.Argument("Email", "your email");
-                var installId = config.Argument("InstallId", "your installation id (GUID)");
-                var key = config.Argument("Key", "your key id (optional)");
-                var help = config.HelpOption("--help | -h | -?");
-
-                config.OnExecute(() =>
-                {
-                    if (!verifyTopOptions())
-                    {
-                        if (!coreExists())
-                        {
-                            config.Error.WriteLine($"Cant find core dll at: {coreDll.Value()}");
-                        }
-                        if (!certExists())
-                        {
-                            config.Error.WriteLine($"Cant find certificate at: {cert.Value()}");
-                        }
-
-                        config.ShowHelp();
-                        return 1;
-                    }
-                    else if (string.IsNullOrWhiteSpace(name.Value) ||
-                            string.IsNullOrWhiteSpace(email.Value) ||
-                            string.IsNullOrWhiteSpace(installId.Value))
-                    {
-                        config.Error.WriteLine($"Some arguments are missing: Name='{name.Value}' Email='{email.Value}' InstallId='{installId.Value}'");
-                        config.ShowHelp("org");
-                        return 1;
-                    }
-
-                    if (!Guid.TryParse(installId.Value, out Guid installationId))
-                    {
-                        config.Error.WriteLine("Unable to parse your installation id as a GUID");
-                        config.Error.WriteLine($"Here's a new guid: {Guid.NewGuid()}");
-                        config.ShowHelp("org");
-                        return 1;
-                    }
-
-                    GenerateOrgLicense(new X509Certificate2(cert.Value(), "test"), coreDll.Value(), name.Value, email.Value, installationId, key.Value);
-
-                    return 0;
-                });
-            });
-
-            app.OnExecute(() =>
-            {
-                app.ShowHelp();
-                return 10;
-            });
-
-            app.HelpOption("-? | -h | --help");
-
-            try
-            {
-                return app.Execute(args);
-            }
-            catch (Exception e)
-            {
-                Console.Error.WriteLine("Oops: {0}", e);
-                return 100;
-            }
-        }
-
-        static void GenerateUserLicense(X509Certificate2 cert, string corePath,
-            string userName, string email, Guid userId, string key)
-        {
-            var core = AssemblyLoadContext.Default.LoadFromAssemblyPath(corePath);
-
-            var type = core.GetType("Bit.Core.Models.Business.UserLicense");
-
-            var license = Activator.CreateInstance(type);
-
-            void set(string name, object value)
-            {
-                type.GetProperty(name).SetValue(license, value);
-            }
-
-            set("LicenseKey", string.IsNullOrWhiteSpace(key) ? Guid.NewGuid().ToString("n") : key);
-            set("Id", userId);
-            set("Name", userName);
-            set("Email", email);
-            set("MaxStorageGb", short.MaxValue);
-            set("Premium", true);
-            set("Version", 1);
-            set("Issued", DateTime.UtcNow);
-            set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
-            set("Expires", DateTime.UtcNow.AddYears(100));
-            set("Trial", false);
-
-            set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
-            set("Signature", Convert.ToBase64String((byte[])type.GetMethod("Sign").Invoke(license, new object[] { cert })));
-
-            Console.WriteLine(JsonConvert.SerializeObject(license, Formatting.Indented));
-        }
-
-        static void GenerateOrgLicense(X509Certificate2 cert, string corePath,
-            string userName, string email, Guid instalId, string key)
-        {
-            var core = AssemblyLoadContext.Default.LoadFromAssemblyPath(corePath);
-
-            var type = core.GetType("Bit.Core.Models.Business.OrganizationLicense");
-
-            var license = Activator.CreateInstance(type);
-
-            void set(string name, object value)
-            {
-                type.GetProperty(name).SetValue(license, value);
-            }
-
-            set("LicenseKey", string.IsNullOrWhiteSpace(key) ? Guid.NewGuid().ToString("n") : key);
-            set("InstallationId", instalId);
-            set("Id", Guid.NewGuid());
-            set("Name", userName);
-            set("BillingEmail", email);
-            set("BusinessName", "BitBetter");
-            set("Enabled", true);
-            set("Plan", "Custom");
-            set("PlanType", (byte)6);
-            set("Seats", (short)32767);
-            set("MaxCollections", short.MaxValue);
-            set("UseGroups", true);
-            set("UseEvents", true);
-            set("UseDirectory", true);
-            set("UseTotp", true);
-            set("Use2fa", true);
-            set("MaxStorageGb", short.MaxValue);
-            set("SelfHost", true);
-            set("UsersGetPremium", true);
-            set("Version", 4);
-            set("Issued", DateTime.UtcNow);
-            set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
-            set("Expires", DateTime.UtcNow.AddYears(100));
-            set("Trial", false);
-
-            set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
-            set("Signature", Convert.ToBase64String((byte[])type.GetMethod("Sign").Invoke(license, new object[] { cert })));
-
-            Console.WriteLine(JsonConvert.SerializeObject(license, Formatting.Indented));
-        }
-    }
-}
+using System;
+using System.IO;
+using System.Text.Json;
+using System.Reflection;
+using System.Runtime.Loader;
+using System.Security.Cryptography.X509Certificates;
+using McMaster.Extensions.CommandLineUtils;
+
+namespace licenseGen;
+
+internal class Program
+{
+	private static readonly CommandLineApplication App = new();
+	private static readonly CommandOption Cert = App.Option("--cert", "Certificate file", CommandOptionType.SingleValue);
+	private static readonly CommandOption CoreDll = App.Option("--core", "Path to Core.dll", CommandOptionType.SingleValue);
+
+	private static Int32 Main(String[] args)
+	{
+		App.Command("interactive", config =>
+		{
+			String buff, licenseType = "", name = "", email = "", businessName="";
+			Int16 storage = 0;
+			Boolean validGuid = false, validInstallid = false;
+			Guid guid = Guid.Empty, installid = Guid.Empty;
+
+			config.OnExecute(() =>
+			{
+				Check();
+				Console.WriteLine("Interactive license mode...");
+
+				while (licenseType == "")
+				{
+					Console.WriteLine("What would you like to generate, a [u]ser license or an [o]rg license: ");
+					buff = Console.ReadLine();
+
+					switch (buff)
+					{
+						case "u":
+						{
+							licenseType = "user";
+							Console.WriteLine("Okay, we will generate a user license.");
+
+							while (!validGuid)
+							{
+								Console.WriteLine("Please provide the user's guid — refer to the Readme for details on how to retrieve this. [GUID]: ");
+								buff = Console.ReadLine();
+
+								if (Guid.TryParse(buff, out guid))validGuid = true;
+								else Console.WriteLine("The user-guid provided does not appear to be valid!");
+							}
+							break;
+						}
+						case "o":
+						{
+							licenseType = "org";
+							Console.WriteLine("Okay, we will generate an organization license.");
+
+							while (!validInstallid)
+							{
+								Console.WriteLine("Please provide your Bitwarden Install-ID — refer to the Readme for details on how to retrieve this. [Install-ID]: ");
+								buff = Console.ReadLine();
+
+								if (Guid.TryParse(buff, out installid)) validInstallid = true;
+								else Console.WriteLine("The install-id provided does not appear to be valid.");
+							}
+
+							while (businessName == "")
+							{
+								Console.WriteLine("Please enter a business name, default is BitBetter. [Business Name]: ");
+								buff = Console.ReadLine();
+								if (buff == "")
+								{
+									businessName = "BitBetter";
+								}
+								else if (CheckBusinessName(buff))
+								{
+									businessName = buff;
+								}
+							}
+							break;
+						}
+						default:
+							Console.WriteLine("Unrecognized option \'" + buff + "\'.");
+							break;
+					}
+				}
+
+				while (name == "")
+				{
+					Console.WriteLine("Please provide the username this license will be registered to. [username]: ");
+					buff = Console.ReadLine();
+					if (CheckUsername(buff))   name = buff;
+				}
+
+				while (email == "")
+				{
+					Console.WriteLine("Please provide the email address for the user " + name + ". [email]: ");
+					buff = Console.ReadLine();
+					if (CheckEmail(buff))
+					{
+						email = buff;
+					}
+				}
+
+				while (storage == 0)
+				{
+					Console.WriteLine("Extra storage space for the user " + name + ". (max.: " + Int16.MaxValue + "). Defaults to maximum value. [storage]");
+					buff = Console.ReadLine();
+					if (String.IsNullOrWhiteSpace(buff))
+					{
+						storage = Int16.MaxValue;
+					}
+					else
+					{
+						if (CheckStorage(buff))
+						{
+							storage = Int16.Parse(buff);
+						}
+					}
+				}
+
+				switch (licenseType)
+				{
+					case "user":
+					{
+						Console.WriteLine("Confirm creation of \"user\" license for username: \"" + name + "\", email: \"" + email + "\", Storage: \"" + storage + " GB\", User-GUID: \"" + guid + "\"? Y/n");
+						buff = Console.ReadLine();
+						if (buff is "" or "y" or "Y")
+						{
+							GenerateUserLicense(new X509Certificate2(Cert.Value(), "test"), CoreDll.Value(), name, email, storage, guid, null);
+						}
+						else
+						{
+							Console.WriteLine("Exiting...");
+							return 0;
+						}
+
+						break;
+					}
+					case "org":
+					{
+						Console.WriteLine("Confirm creation of \"organization\" license for business name: \"" + businessName + "\", username: \"" + name + "\", email: \"" + email + "\", Storage: \"" + storage + " GB\", Install-ID: \"" + installid + "\"? Y/n");
+						buff = Console.ReadLine();
+						if (buff is "" or "y" or "Y")
+						{
+							GenerateOrgLicense(new X509Certificate2(Cert.Value(), "test"), CoreDll.Value(), name, email, storage, installid, businessName, null);
+						}
+						else
+						{
+							Console.WriteLine("Exiting...");
+							return 0;
+						}
+
+						break;
+					}
+				}
+
+				return 0;
+			});
+		});
+		App.Command("user", config =>
+		{
+			CommandArgument name = config.Argument("Name", "your name");
+			CommandArgument email = config.Argument("Email", "your email");
+			CommandArgument userIdArg = config.Argument("User ID", "your user id");
+			CommandArgument storage = config.Argument("Storage", "extra storage space in GB. Maximum is " + Int16.MaxValue + " (optional, default = max)");
+			CommandArgument key = config.Argument("Key", "your key id (optional)");
+
+			config.OnExecute(() =>
+			{
+				Check();
+
+				if (String.IsNullOrWhiteSpace(name.Value) || String.IsNullOrWhiteSpace(email.Value))
+				{
+					config.Error.WriteLine($"Some arguments are missing: Name='{name.Value}' Email='{email.Value}'");
+					config.ShowHelp(true);
+					return 1;
+				}
+
+				if (String.IsNullOrWhiteSpace(userIdArg.Value) || !Guid.TryParse(userIdArg.Value, out Guid userId))
+				{
+					config.Error.WriteLine("User ID not provided");
+					config.ShowHelp(true);
+					return 1;
+				}
+
+				Int16 storageShort = 0;
+				if (!String.IsNullOrWhiteSpace(storage.Value))
+				{
+					Double parsedStorage = Double.Parse(storage.Value);
+					if (parsedStorage is > Int16.MaxValue or < 0)
+					{
+						config.Error.WriteLine("The storage value provided is outside the accepted range of [0-" + Int16.MaxValue + "]");
+						config.ShowHelp(true);
+						return 1;
+					}
+					storageShort = (Int16) parsedStorage;
+				}
+
+				GenerateUserLicense(new X509Certificate2(Cert.Value()!, "test"), CoreDll.Value(), name.Value, email.Value, storageShort, userId, key.Value);
+
+				return 0;
+			});
+		});
+		App.Command("org", config =>
+		{
+			CommandArgument name = config.Argument("Name", "your name");
+			CommandArgument email = config.Argument("Email", "your email");
+			CommandArgument installId = config.Argument("InstallId", "your installation id (GUID)");
+			CommandArgument storage = config.Argument("Storage", "extra storage space in GB. Maximum is " + Int16.MaxValue + " (optional, default = max)");
+			CommandArgument businessName = config.Argument("BusinessName", "name for the organization (optional)");
+			CommandArgument key = config.Argument("Key", "your key id (optional)");
+
+			config.OnExecute(() =>
+			{
+				Check();
+
+				if (String.IsNullOrWhiteSpace(name.Value) || String.IsNullOrWhiteSpace(email.Value) || String.IsNullOrWhiteSpace(installId.Value))
+				{
+					config.Error.WriteLine($"Some arguments are missing: Name='{name.Value}' Email='{email.Value}' InstallId='{installId.Value}'");
+					config.ShowHelp(true);
+					return 1;
+				}
+
+				if (!Guid.TryParse(installId.Value, out Guid installationId))
+				{
+					config.Error.WriteLine("Unable to parse your installation id as a GUID");
+					config.Error.WriteLine($"Here's a new guid: {Guid.NewGuid()}");
+					config.ShowHelp(true);
+					return 1;
+				}
+
+				Int16 storageShort = 0;
+				if (!String.IsNullOrWhiteSpace(storage.Value))
+				{
+					Double parsedStorage = Double.Parse(storage.Value);
+					if (parsedStorage is > Int16.MaxValue or < 0)
+					{
+						config.Error.WriteLine("The storage value provided is outside the accepted range of [0-" + Int16.MaxValue + "]");
+						config.ShowHelp(true);
+						return 1;
+					}
+					storageShort = (Int16)parsedStorage;
+				}
+
+				GenerateOrgLicense(new X509Certificate2(Cert.Value()!, "test"), CoreDll.Value(), name.Value, email.Value, storageShort, installationId, businessName.Value, key.Value);
+
+				return 0;
+			});
+		});
+
+		App.OnExecute(() =>
+		{
+			App.ShowHelp();
+			return 10;
+		});
+
+		try
+		{
+			App.HelpOption("-? | -h | --help");
+			return App.Execute(args);
+		}
+		catch (Exception exception)
+		{
+			Console.Error.WriteLine("Oops: {0}", exception);
+			return 100;
+		}
+	}
+
+	private static void Check()
+	{
+		if (Cert == null || String.IsNullOrWhiteSpace(Cert.Value()))
+		{
+			App.Error.WriteLine("No certificate specified");
+			App.ShowHelp();
+			Environment.Exit(1);
+		}
+		else if (CoreDll == null || String.IsNullOrWhiteSpace(CoreDll.Value()))
+		{
+			App.Error.WriteLine("No core dll specified");
+			App.ShowHelp();
+			Environment.Exit(1);
+		}
+		else if (!File.Exists(Cert.Value()))
+		{
+			App.Error.WriteLine($"Can't find certificate at: {Cert.Value()}");
+			App.ShowHelp();
+			Environment.Exit(1);
+		}
+		else if (!File.Exists(CoreDll.Value()))
+		{
+			App.Error.WriteLine($"Can't find core dll at: {CoreDll.Value()}");
+			App.ShowHelp();
+			Environment.Exit(1);
+		}
+	}
+
+	// checkUsername Checks that the username is a valid username
+	private static Boolean CheckUsername(String s)
+	{
+		// TODO: Actually validate
+		if (!String.IsNullOrWhiteSpace(s)) return true;
+
+		Console.WriteLine("The username provided doesn't appear to be valid!");
+		return false;
+	}
+
+	// checkBusinessName Checks that the Business Name is a valid username
+	private static Boolean CheckBusinessName(String s)
+	{
+		// TODO: Actually validate
+		if (!String.IsNullOrWhiteSpace(s)) return true;
+
+		Console.WriteLine("The Business Name provided doesn't appear to be valid!");
+		return false;
+	}
+
+	// checkEmail Checks that the email address is a valid email address
+	private static Boolean CheckEmail(String s)
+	{
+		// TODO: Actually validate
+		if (!String.IsNullOrWhiteSpace(s)) return true;
+
+		Console.WriteLine("The email provided doesn't appear to be valid!");
+		return false;
+	}
+
+	// checkStorage Checks that the storage is in a valid range
+	private static Boolean CheckStorage(String s)
+	{
+		if (String.IsNullOrWhiteSpace(s))
+		{
+			Console.WriteLine("The storage provided doesn't appear to be valid!");
+			return false;
+		}
+
+		if (!(Double.Parse(s) > Int16.MaxValue) && !(Double.Parse(s) < 0)) return true;
+
+		Console.WriteLine("The storage value provided is outside the accepted range of [0-" + Int16.MaxValue + "]!");
+		return false;
+	}
+
+	private static readonly JsonSerializerOptions JsonOptions = new() { WriteIndented = true };
+	private static void GenerateUserLicense(X509Certificate2 cert, String corePath, String userName, String email, Int16 storage, Guid userId, String key)
+	{
+		Assembly core = AssemblyLoadContext.Default.LoadFromAssemblyPath(Path.GetFullPath(corePath));
+
+		Type type = core.GetType("Bit.Core.Billing.Models.Business.UserLicense");
+		Type licenseTypeEnum = core.GetType("Bit.Core.Enums.LicenseType");
+
+		if (type == null)
+		{
+			Console.WriteLine("Could not find type!");
+			return;
+		}
+		if (licenseTypeEnum == null)
+		{
+			Console.WriteLine("Could not find license licenseTypeEnum!");
+			return;
+		}
+
+		Object license = Activator.CreateInstance(type);
+
+		MethodInfo computeHash = type.GetMethod("ComputeHash");
+		if (computeHash == null)
+		{
+			Console.WriteLine("Could not find ComputeHash!");
+			return;
+		}
+
+		MethodInfo sign = type.GetMethod("Sign");
+		if (sign == null)
+		{
+			Console.WriteLine("Could not find sign!");
+			return;
+		}
+
+		Set(type, license, "LicenseKey", String.IsNullOrWhiteSpace(key) ? Guid.NewGuid().ToString("n") : key);
+		Set(type, license, "Id", userId);
+		Set(type, license, "Name", userName);
+		Set(type, license, "Email", email);
+		Set(type, license, "Premium", true);
+		Set(type, license, "MaxStorageGb", storage == 0 ? Int16.MaxValue : storage);
+		Set(type, license, "Version", 1);
+		Set(type, license, "Issued", DateTime.UtcNow);
+		Set(type, license, "Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
+		Set(type, license, "Expires", DateTime.UtcNow.AddYears(100));
+		Set(type, license, "Trial", false);
+		Set(type, license, "LicenseType", Enum.Parse(licenseTypeEnum, "User"));
+		Set(type, license, "Hash", Convert.ToBase64String(((Byte[])computeHash.Invoke(license, []))!));
+		Set(type, license, "Signature", Convert.ToBase64String((Byte[])sign.Invoke(license, [cert])!));
+
+		Console.WriteLine(JsonSerializer.Serialize(license, JsonOptions));
+	}
+	private static void GenerateOrgLicense(X509Certificate2 cert, String corePath, String userName, String email, Int16 storage, Guid instalId, String businessName, String key)
+	{
+		Assembly core = AssemblyLoadContext.Default.LoadFromAssemblyPath(Path.GetFullPath(corePath));
+		Type type = core.GetType("Bit.Core.Billing.Organizations.Models.OrganizationLicense");
+		Type licenseTypeEnum = core.GetType("Bit.Core.Enums.LicenseType");
+		Type planTypeEnum = core.GetType("Bit.Core.Billing.Enums.PlanType");
+
+		if (type == null)
+		{
+			Console.WriteLine("Could not find type!");
+			return;
+		}
+		if (licenseTypeEnum == null)
+		{
+			Console.WriteLine("Could not find licenseTypeEnum!");
+			return;
+		}
+		if (planTypeEnum == null)
+		{
+			Console.WriteLine("Could not find planTypeEnum!");
+			return;
+		}
+
+		Object license = Activator.CreateInstance(type);
+
+		MethodInfo computeHash = type.GetMethod("ComputeHash");
+		if (computeHash == null)
+		{
+			Console.WriteLine("Could not find ComputeHash!");
+			return;
+		}
+
+		MethodInfo sign = type.GetMethod("Sign");
+		if (sign == null)
+		{
+			Console.WriteLine("Could not find sign!");
+			return;
+		}
+
+		Set(type, license, "LicenseKey", String.IsNullOrWhiteSpace(key) ? Guid.NewGuid().ToString("n") : key);
+		Set(type, license, "InstallationId", instalId);
+		Set(type, license, "Id", Guid.NewGuid());
+		Set(type, license, "Name", userName);
+		Set(type, license, "BillingEmail", email);
+		Set(type, license, "BusinessName", String.IsNullOrWhiteSpace(businessName) ? "BitBetter" : businessName);
+		Set(type, license, "Enabled", true);
+		Set(type, license, "Plan", "Enterprise (Annually)");
+		Set(type, license, "PlanType", Enum.Parse(planTypeEnum, "EnterpriseAnnually"));
+		Set(type, license, "Seats", Int32.MaxValue);
+		Set(type, license, "MaxCollections", Int16.MaxValue);
+		Set(type, license, "UsePolicies", true);
+		Set(type, license, "UseSso", true);
+		Set(type, license, "UseKeyConnector", true);
+		Set(type, license, "UseScim", true);
+		Set(type, license, "UseGroups", true);
+		Set(type, license, "UseEvents", true);
+		Set(type, license, "UseDirectory", true);
+		Set(type, license, "UseTotp", true);
+		Set(type, license, "Use2fa", true);
+		Set(type, license, "UseApi", true);
+		Set(type, license, "UseResetPassword", true);
+		Set(type, license, "MaxStorageGb", storage == 0 ? Int16.MaxValue : storage);
+		Set(type, license, "SelfHost", true);
+		Set(type, license, "UsersGetPremium", true);		
+		Set(type, license, "UseCustomPermissions", true);
+		Set(type, license, "Version", 16);
+		Set(type, license, "Issued", DateTime.UtcNow);
+		Set(type, license, "Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
+		Set(type, license, "Expires", DateTime.UtcNow.AddYears(100));
+		Set(type, license, "ExpirationWithoutGracePeriod", DateTime.UtcNow.AddYears(100));
+		Set(type, license, "UsePasswordManager", true);
+		Set(type, license, "UseSecretsManager", true);
+		Set(type, license, "SmSeats", Int32.MaxValue);
+		Set(type, license, "SmServiceAccounts", Int32.MaxValue);
+		Set(type, license, "UseRiskInsights", true);
+		Set(type, license, "LimitCollectionCreationDeletion", true);
+		Set(type, license, "AllowAdminAccessToAllCollectionItems", true);
+		Set(type, license, "Trial", false);
+		Set(type, license, "LicenseType", Enum.Parse(licenseTypeEnum, "Organization"));
+		Set(type, license, "UseOrganizationDomains", true);
+		Set(type, license, "UseAdminSponsoredFamilies", true);
+		Set(type, license, "Hash", Convert.ToBase64String((Byte[])computeHash.Invoke(license, [])!));
+		Set(type, license, "Signature", Convert.ToBase64String((Byte[])sign.Invoke(license, [cert])!));
+
+		Console.WriteLine(JsonSerializer.Serialize(license, JsonOptions));
+	}
+	private static void Set(Type type, Object license, String name, Object value)
+	{
+		type.GetProperty(name)?.SetValue(license, value);
+	}
+}

src/licenseGen/build.sh

@@ -1,11 +0,0 @@
-#!/bin/bash
-
-script_dir=`cd $(dirname $0); pwd`
-
-cd $script_dir
-
-dotnet restore
-dotnet publish
-
-docker build . -t bitbetter/licensegen # --squash
-

src/licenseGen/licenseGen.csproj

@@ -1,14 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk">
-
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>netcoreapp2.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
-
   <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.CommandLineUtils" Version="1.1.1" />
-    <PackageReference Include="Newtonsoft.Json" Version="12.0.1" />
+    <PackageReference Include="McMaster.Extensions.CommandLineUtils" Version="4.1.1" />
     <PackageReference Include="System.Runtime.Loader" Version="4.3.0" />
   </ItemGroup>
-
-</Project>
+</Project>

src/licenseGen/run.sh

@@ -1,12 +0,0 @@
-#!/bin/bash
-
-script_dir=`cd $(dirname $0); pwd`
-
-if [ "$#" -lt "1" ]; then
-    echo "USAGE: $0 <ABSOLUTE PATH TO CERT.PFX> [License Gen args...]"
-    exit 1
-fi
-cert_path=$1
-shift
-docker run -it -v "$cert_path:/cert.pfx" bitbetter/licensegen "$@"
-