首页 > 代码库 > 手动添加PE文件数字签名信息及格式详解图之下(历史代码,贴出学习)

手动添加PE文件数字签名信息及格式详解图之下(历史代码,贴出学习)

#include <windows.h> 
HANDLE hWriteFileHandle = NULL ; 
HANDLE hReadFileHandle = NULL ; 
HANDLE hFileMapping = NULL ; 
LPVOID lpVoidFileBaseAddress = NULL ; 
IMAGE_DOS_HEADER * lpidh_Dos_Header= NULL ; 
IMAGE_NT_HEADERS * lpinh_NTHeader= NULL ; 

#define RETURN_FAIL -1
#define RETURN_SUCC  1


typedef struct __DIGITAL_SIGNATURE_DATA_PARAM
{
    DWORD dwVirtulAddress;
    DWORD dwSize;
}

SIGNATURE_DATA_PARAM,LPSIGNATURE_DATA_PARAM;

#include <iostream>
using namespace std;

void UsingFuction()
{
    cout<<"---------import cer to exe---------------->>"<<endl;
    cout<<"--EX:srcpath[*.cer] despath [*.exe]------->>"<<endl;
    cout<<"------------------------------------------>>"<<endl;
}
int main( int argc,char **argv) 
{ 
    switch (argc)
    {
    case 1:
        cout<<"help using usage -h"<<endl;
        break;
    case 2:
        {
            if (strcmp(argv[1],"-h"))
            {
                UsingFuction();
                return RETURN_FAIL;
            }
        }
        break;
    case 3:
        cout<<"all argument is ok"<<endl;
        break;
    default:
        cout<<"argument is error"<<endl;
        break;
    }
    if (argc!=3)
    {
        UsingFuction();
        return RETURN_FAIL;
    }
    TCHAR* lpcerFilePath=argv[1];
    TCHAR* lpPeFilePath=argv[2];
    hWriteFileHandle = CreateFile(lpPeFilePath, GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ, NULL ,     OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL ) ; 
    if ( hWriteFileHandle==INVALID_HANDLE_VALUE ) 
        return RETURN_FAIL; 
    hFileMapping = CreateFileMapping( hWriteFileHandle, NULL , PAGE_READWRITE, 0, 0, NULL ) ; 
    if ( ! hFileMapping ) 
    { 
        CloseHandle( hWriteFileHandle) ; 
        return RETURN_FAIL; 
    } 
    lpVoidFileBaseAddress = MapViewOfFile( hFileMapping, FILE_MAP_ALL_ACCESS, 0, 0, 0) ; 
    if ( ! lpVoidFileBaseAddress ) 
    { 
        CloseHandle( hFileMapping) ; 
        CloseHandle( hWriteFileHandle) ; 
        return RETURN_FAIL; 
    } 
    lpidh_Dos_Header = (PIMAGE_DOS_HEADER) lpVoidFileBaseAddress; 
    if ( lpidh_Dos_Header->e_magic!=IMAGE_DOS_SIGNATURE ) 
        return RETURN_FAIL; 

    lpinh_NTHeader=(PIMAGE_NT_HEADERS)((char*)lpVoidFileBaseAddress+lpidh_Dos_Header->e_lfanew) ; 
    if ( lpinh_NTHeader->Signature!=IMAGE_NT_SIGNATURE ) 
        return RETURN_FAIL; 
    //

    SIGNATURE_DATA_PARAM sdp;
    sdp.dwVirtulAddress=lpinh_NTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].VirtualAddress;
    sdp.dwSize=lpinh_NTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].Size;

    //if exist sn
    if (sdp.dwSize!=0)
    {
        //
        return RETURN_FAIL;
    }
    //
    hReadFileHandle = CreateFile(lpcerFilePath, GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL ,    OPEN_EXISTING, FILE_ATTRIBUTE_ARCHIVE, NULL ) ; 
    if ( hReadFileHandle==INVALID_HANDLE_VALUE ) 
        return RETURN_FAIL; 
    DWORD dwReadedSize=0;   
    DWORD dwWritedSize=0;

    SetFilePointer(hReadFileHandle,-4,0,FILE_END);
    ReadFile(hReadFileHandle,&sdp.dwSize,sizeof(DWORD),&dwReadedSize,NULL);

    PBYTE pbBufferSignture=new byte[sdp.dwSize];
    SetFilePointer(hReadFileHandle,0,0,FILE_BEGIN);
    ReadFile(hReadFileHandle,pbBufferSignture,sdp.dwSize,&dwReadedSize,NULL);

    PIMAGE_SECTION_HEADER lppsh_SECTION_HEADER=(PIMAGE_SECTION_HEADER)((DWORD)&lpinh_NTHeader->OptionalHeader+lpinh_NTHeader    ->FileHeader.SizeOfOptionalHeader);
    lppsh_SECTION_HEADER=lppsh_SECTION_HEADER+(lpinh_NTHeader->FileHeader.NumberOfSections-1);
    sdp.dwVirtulAddress=lppsh_SECTION_HEADER->PointerToRawData+lppsh_SECTION_HEADER->SizeOfRawData;

    SetFilePointer(hWriteFileHandle,sdp.dwVirtulAddress,0,FILE_BEGIN);
    WriteFile(hWriteFileHandle,pbBufferSignture,sdp.dwSize,&dwWritedSize,NULL);

    lpinh_NTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].VirtualAddress=sdp.dwVirtulAddress;
    lpinh_NTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].Size=sdp.dwSize;
    delete pbBufferSignture;

    UnmapViewOfFile( lpVoidFileBaseAddress) ; 
    CloseHandle( hFileMapping); 
    CloseHandle( hReadFileHandle); 
    CloseHandle(hWriteFileHandle);


    return RETURN_SUCC; 
}