NOVIRUS, UTILITIES, Validates images using CRC32 checksum VALIDATING VMS IMAGE FILES AT RUN-TIME BY CALCULATING A CRC32 CHECKSUM. ======================================================================= Maarten van Breemen E-mail: vbreemen@knoware.nl CIS: 100125,2704 About VMS virus protection: I am working in a GLP (Good Laboratory Practice) environment and was bothered with questions about VMS virus protection several times. I myself are not worried at all but to be able to reply to the customers and regulatory inspectors I added a self-check mechanism to our self-developed images, both on MS-DOS and VMS. It is easy to program. There are lots of public domain examples for PC which are easy to port to VMS. Directly after image activation, the program calculates a CRC32 checksum on the image file, makes some site-specific changes to it and compares it with a pre-calculated CRC32 in a separate key-file. If there is a difference, an operator request is made and the program halts. It is actually a waste of initial response time but serves as an early warning system for future virus attacks, media corruption, hacks etc. I now can prove that a program is in a well-defined state and should execute just like the validated version. This distribution is compiled with DEC C++ on a microVAX3100-95 running VMS 6.2 on 21 february 1996. Any other C compiler will probably compile the code correctly. All standard disclaimers apply. Use at your own risk. Library CRCLIB.OBJ Source CRCLIB.C, CRCLIB.H Functions selfcheck() en crc32file() Copyright (C) 1994 Maarten van Breemen Released to the public domain 210795 MVB Includes code by Gary S. Brown This are routines to perform 32 bits Cyclic Redundancy Checks. The selfcheck routine calculates a CRC and compares it with a pre-defined CRC in an external key file. The selfcheck routine can be included in applications where security demands are high. See CALCCRC and DEMOCRC for a demonstration. The CRC is the well-known 32 bits CRC from telecommunications and is commonly used by virus scanning software and data-integrity checks. The CRC is very sensitive for data changes, even for changes in one bit. CALCCRC is an utility to calculate the CRC checksum of an arbitrary file. Its main goal here is to calculate the CRC value for inclusion in the external key files and therefore should be kept in a safe place by the system manager and/or trusted personell :-). It is advised to change the symbol APPLICATION_OFFSET in module CRCLIB.C to something which is at least site-specific. CALCCRC can also be used to calculate checksums for data files. Define CALCCRC as a foreign command with @MSYM CALCCRC $! MSYM.COM $ 'p1 == "$''F$ENVIRONMENT("DEFAULT")'''p1'" Syntax to define the CRC of the image filename.exe: $ CALCCRC filename.exe Enter the reported CRC value in a key file with name filename.crc. Use an editor to create the key file. CALCCRC and CRCLIB can be compiled for both MS-DOS and VMS. Because of the odd VMS file formats and record attributes and its effect on the fgetc() runtime function, the CRC value probably differs from CRC values calculated with other packages but the value is always reproducable. DEMOCRC contains VMS specific code but is easy to port to other operating systems. If the CRC check fails, an OPCOM request is posted and the program halts (loops).