if the program is needing to modify the contents of the archive, then you wouldn't be able to hard code an SHA hash inside the executable (unless there is a way for the program to modify its own executable). You might be able to store the hash in the registry, but the user will be able to find it. You could, of course, sign the archive, using a private key hard coded into the executable. However, I think the simplest solution would be to encrypt the whole archive using AES, using a key hard coded into the executable. Even if secrecy is not necessary, that should provide sufficiently strong tamper detection. There is such a thing as a "resource", which seems to be a way of embedding files within a PE .exe file. However, I still haven't found a good explanation of it. The stuxnet virus embedded all its files, including 2 drivers, and configuration files which it would edit, as resources within an executable. I don't know if it is possible for an executable to directly modify its own image (there are certainly ways of doing it indirectly). Even if it is possible, I'm sure that would be considered virus-like behavior. I am still inexperienced with Windows programming. There are others who might be able to give you better information. Regards, Michael
|
