Protect your DLL and code from being used by others

Project development is generally divided into layers, such as the UI Layer, business layer, and data access layer. The business layer references the data access layer DLL (such as dataaccess. dll) and uses the method in dataaccess. dll. When the project is completed and used by the customer, some BT customers can also ask a person with a little understanding of net to reference your dataaccess. DLL and call the methods in it for destruction. For example, you can directly use the changepwd (string username, string PWD) method to change the password of other users. At this time, you will .......

Okay, let's start talking about how to protect us.CodeNow:

First, we needProgramSet as a strongly-named assembly.

In the. NET command prompt, enter Sn-k c: \ test. SNK to create a random key pair and store it inC: \ test. SNKMedium

Then, create a new class library classlibrary1 with only one class file class1.cs. The Code is as follows: 1 Using System;
2
3 Namespace Classlibrary1
4 {
5 Public   Class Class1
6 {
7 Public Class1 ()
8 {
9//
10//Todo: add the constructor logic here
11//
12}
13
14 Public   String Insert ()
15 {
16Return "OK";
17}
18 }
19 }
20

Assemblyinfo. CS code:
// ...... Use the default value for other options.
[Assembly: assemblykeyfile ("C: \ test. SNK")] // connect to the file generated by the tool sn.exe.

Create a windowapplication to call our classlibrary1. Code:Private VoidButton#click (ObjectSender, system. eventargs E)
{
MessageBox. Show (NewClasslibrary1.class1 (). insert ());
}

The assemblyinfo. CS of windowapplication is not modified.
You can run it directly here, but as you can see, this can successfully call the method in class1.

Now let's modify the class1.cs code:UsingSystem;
UsingSystem. Security. permissions;

Namespace Classlibrary1
{
[Strongnameidentitypermissionattribute (securityaction. linkdemand, publickey =  
" 0024000004800000940000000602000000243695253413100040000010001000551684edd1600 " +
" Bytes " +
" Bytes " +
" Bytes " +
" A47a4ba4 " )]
Public   Class Class1
{
Public Class1 ()
{
//
// Todo: add the constructor logic here
//
}

Public string insert ()
{< br> return " OK " ;
}< BR >}< br>

Then, compile and run windowapplication to call the method in class1. an error occurs.

The strongnameidentitypermissionattribute here is one of the CAS (code access security) provided by net. For details, refer to msdn and securityaction. linkdemand requires that the caller has been granted the specified permission. Here, windowapplication must be granted the permission. If securityaction is used.DemandAll advanced callers in the call stack must have been granted the permissions specified by the current permission object. Their difference is: If windowapplication is authorized for access, and windowapplication2 (unauthorized access) calls class1 by calling the button1_click method in windowapplication, if securityaction is used at this time. linkdemand can be called successfully, and securityaction is used.DemandWindowapplication2 cannot be called. windowapplication can be called in both cases.

Now, you must ask publickey = How To Get The Next string that is so long. The string following the publickey is the Public Key saved in the C: \ test. SNK file that you started to generate. Then how can we see this public key, still using Sn. EXE.

Enter Sn-p c: \ test. SNK c: \ publickey. Snk (fromTest. SNKExtract the public key and store it inPublickey. SNKMedium)

Enter Sn-TP c: \ publickey. Snk (display public key information)
The above command will show the string behind the publickey. What else do you want? Copy the string.

Finally, you must be concerned about how windowapplication calls class1 at this time. In fact, it is also simple. You only need to change the assemblyinfo. CS of windowapplication:
[Assembly: assemblykeyfile ("C: \ test. SNK")]

Now everything is okay. You can see that the most important thing is the test. SNK file, so be sure to protect your own test. SNK file.