` Printed Icetips Article

Icetips Article



Windows API: CRC32 builtin Clarion function
2006-11-13 -- John E Singer
 
>> Calculate CRCs of your EXE and DLL files. Store those in encrypted tps
>> files that ship with the program. At program, recalculate the CRCs and
>> verify them against the tps-stored values and report something like
>> "program corrupted" if they don't match. Then repeat the check
>> periodically/at random from various places throughout your program.
>
> I like that method, it is unobtrusive and if implemented corrected
> could be hard to detect.  Do you have any Clarion code you can share
> for calculating the CRC?


     MODULE('BUILTIN_32BITS')
        CRC32(*String Buffer, ULong Bytes, ULong crc), ULong, Raw,
Name('CLA$CRC32')
     END


ValiditityCheck      PROCEDURE  (*CString NameToCheck, ULong keyCRC)
LOC:CRC    ULong, AUTO
LOC:Str    String(61),AUTO
returnValue  BYTE, AUTO
  CODE
   LOC:Str = clip(NameToCheck)
   LOC:CRC = CRC32(LOC:Str, len(LEN:Str), 0)
   returnValue = Choose(LOC:CRC = keyCRC, TRUE, FALSE)
   RETURN returnValue

This is exactly the method I use. At install time, the name of the
company is stored in a read-only field and then used to calcuate a CRC
and that value is stored in an encrypted TPS file. On startup, it passes
the name of the company, does a CRC on it and compares it to the CRC
that is stored. If they are different, then the name of the company has
been altered and the program halts with a message. I'm sure there are
more complicated and more secure ways of doing this, but for 99.999% of
my customers, this more than adequate.



Printed November 23, 2024, 10:16 pm
This article has been viewed/printed 35233 times.
Google search has resulted in 86 hits on this article since January 25, 2004.