You do project development is generally layered, such as the UI layer, business layer, data access layer. The business tier references the data access layer's DLLs (such as DataAccess.dll) and uses the methods in DataAccess.dll. When the project is completed and given to customers, but some heart BT customers at this time can also ask a little understand net of people to refer to your DataAccess.dll and invoke the method of destruction. For example, you can directly use the inside of the Changepwd (string username,string Pwd) method to change the password of other users, this time you will ...
Okay, let's start by saying how to protect our code:
First we need to make our assembly a strong-named assembly.
Here we enter Sn-k c:\test.snk in the. NET command prompt to create a new random key pair and store it in C:\test.snk
Then the new class library ClassLibrary1, inside only a class file Class1.cs, the code is as follows:
AssemblyInfo.cs Code:
//............ The rest is with the default.
[Assembly:assemblykeyfile ("C:\\test.snk")]//Connect the file generated above with the strong naming tool SN.exe.
Then create a windowapplication to invoke our ClassLibrary1, code:
Do not modify the Windowapplication AssemblyInfo.cs.
It can be run directly here, but we all see that this is the way to successfully invoke Class1.
Now let's modify the next Class1.cs code:
Then run windowapplication to call the method in Class1 after compiling to make an error.
The StrongNameIdentityPermissionAttribute here is the 1 classes in the CAS (Code Access security) provided by NET, which refer to MSDN, SecurityAction.LinkDemand is the requirement that the immediate caller has been granted the specified permission, which means that the windowapplication is granted permission to do so. Using SecurityAction.Demand requires that all advanced callers in the call stack have been granted the permissions specified by the current permission object. The difference is that if windowapplication is authorized to access, and a windowapplication2 (unauthorized access) invokes Class1 by calling the Button1_Click method in Windowapplication, This time, if the use of SecurityAction.LinkDemand can be successfully invoked, and the use of SecurityAction.Demand Windowapplication2 can not be invoked, windowapplication This can be invoked in all 2 cases.
Speaking of which, we must again ask publickey= a string of such long strings. The string behind the PublicKey is the public key saved in the C:\test.snk file you started to generate. Then how to see the public key, still use SN.EXE.
Enter Sn-p c:\test.snk c:\publicKey.snk (extract the public key from Test.snk and store it in Publickey.snk)
Re-enter SN-TP c:\publicKey.snk (display public key information)
The above command will be able to see the string behind the PublicKey, but also what Ah, the string copy down Ah.
Finally, we must be concerned about this time windowapplication how to call Class1, in fact, simple, as long as the Windowapplication AssemblyInfo.cs modified to:
[Assembly:assemblykeyfile ("C:\\test.snk")]
Here is all OK, we all see the key is Test.snk file, so be sure to protect your own test.snk files.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
