fetch the portable executable's checksum using ImageHelp?

Autor: Elias Bachaalany  

http://www.swissdelphicenter.ch/en/showcode.php?id=2434

可以用于对抗文件修改，破解之类

function ComputePEChecksum(FileName: string): DWORD;

var

 h, hMap: Cardinal;

 pMem: Pointer;

 headersum, checksum, fsizehigh, fsizelow: DWORD;

 nth: PImageNtHeaders;

Label

 cleanup;

begin

 pMem := nil;

 Result := 0;

 headersum := 0;

 checksum  := 0;

 h := Windows.CreateFile(PChar(FileName), GENERIC_READ, FILE_SHARE_READ,

   nil, OPEN_EXISTING, 0, 0);

 if (h = INVALID_HANDLE_VALUE) then

   Exit;

 fsizelow := Windows.GetFileSize(h, Pointer(@fsizehigh));

 hMap := Windows.CreateFileMapping(h, nil, PAGE_READONLY, fsizeHigh, fsizeLow, nil);

 if (hMap = 0) then

   goto cleanup;

 pMem := Windows.MapViewOfFile(hMap, FILE_MAP_READ, 0, 0, 0);

 if (pMem = nil) then

   goto cleanup;

 nth := CheckSumMappedFile(pMem, fsizeLow, @headersum, @checksum);

 if (nth = nil) then

   checksum := 0;

 cleanup:

 if (pMem <> nil) then

   Windows.UnmapViewOfFile(pMem);

 if (hMap <> 0) then

   Windows.CloseHandle(hMap);

 if (h <> 0) then

   Windows.CloseHandle(h);

 Result := checksum;

end;

var

 x1, x2: DWORD;

begin

 x1 := ComputePEChecksum('c:\1.exe'); // original filename

 x2 := ComputePEChecksum('c:\2.exe');

 // original filename but has a string in it lightly modified

 WriteLn('Checksum 1: ', x1, #13#10'Checksum 2: ', x2);

end.