md5test.cpp

本代码实现了用MD5进行数据校验 是一个VC完整应用程序代码

// Md5Test.cpp : Defines the class behaviors for the application.
// by king_koo@163.net	www.otiana.com/vcanlge

#include "stdafx.h"
#include "Md5Test.h"
#include "Md5TestDlg.h"
#include "md5.h"

#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

/////////////////////////////////////////////////////////////////////////////
// CMd5TestApp

BEGIN_MESSAGE_MAP(CMd5TestApp, CWinApp)
	//{{AFX_MSG_MAP(CMd5TestApp)
		// NOTE - the ClassWizard will add and remove mapping macros here.
		//    DO NOT EDIT what you see in these blocks of generated code!
	//}}AFX_MSG
	ON_COMMAND(ID_HELP, CWinApp::OnHelp)
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// CMd5TestApp construction

CMd5TestApp::CMd5TestApp()
{
	// TODO: add construction code here,
	// Place all significant initialization in InitInstance
}

/////////////////////////////////////////////////////////////////////////////
// The one and only CMd5TestApp object

CMd5TestApp theApp;

/********************************************************
 功能 判断pe文件资源校验值是否被改变。
 参数 m_filename：	pe文件名
      Orgin：		预设校验值
 返回 TRUE：		已被改变
      FALSE：		未曾改变
********************************************************/
BOOL IsRcChange(LPCTSTR m_filename,unsigned char Orgin[8])
{
	MD5_CTX context;
	FILE* ff;
	unsigned char buff[8];
	unsigned char *rbuff;
	DWORD i,j;
	short k;
	DWORD dwAddr,dwSize;
	_IMAGE_NT_HEADERS	stPEHeader;		//NT文件头
	if(!(ff=fopen(m_filename,"rb")))return TRUE;
	fseek(ff,0x3c,SEEK_SET);//PE文件头地址
	fread(&k,2,1,ff);
	fseek(ff,k,SEEK_SET);
	fread(&stPEHeader,1,sizeof(_IMAGE_NT_HEADERS),ff);
	for(i=0;(DWORD)i<stPEHeader.OptionalHeader.NumberOfRvaAndSizes;i++)//其实i=16
	{
		dwAddr=stPEHeader.OptionalHeader.DataDirectory[i].VirtualAddress;
		if(dwAddr&&i==2)//2为资源节
		{
			dwSize=stPEHeader.OptionalHeader.DataDirectory[i].Size;
			rbuff=new unsigned char[dwSize];
			fseek(ff,dwAddr,SEEK_SET);
			fread(rbuff,sizeof(char),dwSize,ff);
			j=dwSize/8;
			for(i=0;i<j;i++)
			{
				MD5Init(&context);//每次加密8byte
				MD5Update(&context, (unsigned char*)(rbuff+8*i),8);
				MD5Final(&context);
				memcpy(buff,(unsigned char*)context.state,8);
				if(i>j-2)break;
				for(k=0;k<8;k++)//把前面8byte加密结果和后8byte与或
					rbuff[8*i+8+k]=rbuff[8*i+8+k]^buff[k];
			}
			delete[] rbuff;
			fclose(ff);
			if(memcmp(Orgin,(unsigned char*)context.state,8))k=TRUE;
			else k=FALSE;
			memcpy(Orgin,(unsigned char*)context.state,8);//返回加密结果，便于调试
			return k;
		}
	}
	fclose(ff);
	return TRUE;
}

/////////////////////////////////////////////////////////////////////////////
// CMd5TestApp initialization

BOOL CMd5TestApp::InitInstance()
{
	AfxEnableControlContainer();

	// Standard initialization
	// If you are not using these features and wish to reduce the size
	//  of your final executable, you should remove from the following
	//  the specific initialization routines you do not need.

#ifdef _AFXDLL
	Enable3dControls();			// Call this when using MFC in a shared DLL
#else
	Enable3dControlsStatic();	// Call this when linking to MFC statically
#endif

	char buff[255]={0};
	char szDB[512]={0};
	unsigned char buff8[8];
	memcpy(buff8,"\xa1\x97\xff\x49\x64\xfe\xbf\xd7",8);
	GetModuleFileName(NULL,szDB,512);//取得exe文件名
	bIsRCChange=IsRcChange(szDB,buff8);
	sprintf(szDB,"%02x %02x %02x %02x %02x %02x %02x %02x",
		buff8[0],buff8[1],buff8[2],buff8[3],buff8[4],buff8[5],buff8[6],buff8[7]);
	if(bIsRCChange)
	{
		MessageBox(NULL,"    文件不完整,可能中毒了!\n请重新下载本程序!",szDB,MB_OK);
		return FALSE;
	}

	CMd5TestDlg dlg;
	m_pMainWnd = &dlg;
	int nResponse = dlg.DoModal();
	if (nResponse == IDOK)
	{
		// TODO: Place code here to handle when the dialog is
		//  dismissed with OK
	}
	else if (nResponse == IDCANCEL)
	{
		// TODO: Place code here to handle when the dialog is
		//  dismissed with Cancel
	}

	// Since the dialog has been closed, return FALSE so that we exit the
	//  application, rather than start the application's message pump.
	return FALSE;
}