Use SNK key file to protect your DLL and code from being decompile Tutorial _ Practical Tips

Source: Internet
Author: User
Tags net command

You do project development is generally layered, such as the UI layer, business layer, data access layer. The business tier references the data access layer's DLLs (such as DataAccess.dll) and uses the methods in DataAccess.dll. When the project is completed and given to customers, but some heart BT customers at this time can also ask a little understand net of people to refer to your DataAccess.dll and invoke the method of destruction. For example, you can directly use the inside of the Changepwd (string username,string Pwd) method to change the password of other users, this time you will ...
Okay, let's start by saying how to protect our code:

First we need to make our assembly a strong-named assembly.

Here we enter Sn-k c:\test.snk in the. NET command prompt to create a new random key pair and store it in C:\test.snk

Then the new class library ClassLibrary1, inside only a class file Class1.cs, the code is as follows:

Copy Code code as follows:

Using System;
Namespace ClassLibrary1
{
public class Class1
{
Public Class1 ()
{
//
TODO: Add constructor logic here
//
}

public string Insert ()
{
return "OK";
}
}
}

AssemblyInfo.cs Code:
//............ The rest is with the default.
[Assembly:assemblykeyfile ("C:\\test.snk")]//Connect the file generated above with the strong naming tool SN.exe.

Then create a windowapplication to invoke our ClassLibrary1, code:

Copy Code code as follows:

private void Button1_Click (object sender, System.EventArgs e)
{
MessageBox.Show (New Classlibrary1.class1 (). Insert ());
}

Do not modify the Windowapplication AssemblyInfo.cs.
It can be run directly here, but we all see that this is the way to successfully invoke Class1.

Now let's modify the next Class1.cs code:

Copy Code code as follows:

Using System;
Using System.Security.Permissions;


Namespace ClassLibrary1
{
[StrongNameIdentityPermissionAttribute (SecurityAction.LinkDemand, PublicKey =
"00240000048000009400000006020000002400005253413100040000010001000551684edd1600" +
"8ccbdd337b1cf1490490d97fe0048c5f3629cc4f5104578499eace9b2a94115022edd620def472" +
"8b4f088291cfa77a40659afba611fdafbb7894b93a64049d439936bd0cd8dc0704625aeb735892" +
"E9eb3f910a49a2925af10515d935654d7adac5567ff6d780d23d587de0ff4d271da7b30680fa88" +
"A47A4BA4")]
public class Class1
{
Public Class1 ()
{
//
TODO: Add constructor logic here
//
}

public string Insert ()
{
return "OK";
}
}
}

Then run windowapplication to call the method in Class1 after compiling to make an error.

The StrongNameIdentityPermissionAttribute here is the 1 classes in the CAS (Code Access security) provided by NET, which refer to MSDN, SecurityAction.LinkDemand is the requirement that the immediate caller has been granted the specified permission, which means that the windowapplication is granted permission to do so. Using SecurityAction.Demand requires that all advanced callers in the call stack have been granted the permissions specified by the current permission object. The difference is that if windowapplication is authorized to access, and a windowapplication2 (unauthorized access) invokes Class1 by calling the Button1_Click method in Windowapplication, This time, if the use of SecurityAction.LinkDemand can be successfully invoked, and the use of SecurityAction.Demand Windowapplication2 can not be invoked, windowapplication This can be invoked in all 2 cases.

Speaking of which, we must again ask publickey= a string of such long strings. The string behind the PublicKey is the public key saved in the C:\test.snk file you started to generate. Then how to see the public key, still use SN.EXE.

Enter Sn-p c:\test.snk c:\publicKey.snk (extract the public key from Test.snk and store it in Publickey.snk)

Re-enter SN-TP c:\publicKey.snk (display public key information)
The above command will be able to see the string behind the PublicKey, but also what Ah, the string copy down Ah.

Finally, we must be concerned about this time windowapplication how to call Class1, in fact, simple, as long as the Windowapplication AssemblyInfo.cs modified to:
[Assembly:assemblykeyfile ("C:\\test.snk")]

Here is all OK, we all see the key is Test.snk file, so be sure to protect your own test.snk files.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.