Use the SNK key file to protect your DLL and code from Decompilation

Source: Internet
Author: User
Tags net command

Use the SNK key file to protect your DLL and code from Decompilation

Project development is generally divided into layers, such as the UI Layer, business layer, and data access layer. The business layer references the data access layer DLL (such as dataAccess. dll) and uses the method in dataAccess. dll. When the project is completed and used by the customer, some BT customers can also ask a person with a little understanding of NET to reference your dataAccess. dll and call the methods in it for destruction. For example, you can directly use the ChangePwd (string UserName, string Pwd) method to change the password of other users. At this time, you will .......

Now, let's start to explain how to protect our code:

First, we need to make our assembly into a strongly-named assembly.

In the. NET command prompt, enter sn-k c: \ test. snk to create a random key pair and store it in c: \ test. snk.

Then, create a new class library ClassLibrary1 with only one class file Class1.cs. The Code is as follows:

The Code is as follows:

Using System;

Namespace ClassLibrary1

{

Public class Class1

{

Public Class1 ()

{

//

// TODO: add the constructor logic here

//

}

Public string Insert ()

{

Return "OK ";

}

}

}

AssemblyInfo. cs code:

// ...... Use the default value for other options.

[Assembly: AssemblyKeyFile ("c: \ test. snk")] // connect to the file generated by the tool sn.exe.

Create a WindowApplication to call our ClassLibrary1. Code:

The Code is as follows:

Private void button#click (object sender, System. EventArgs e)

{

MessageBox. Show (new ClassLibrary1.Class1 (). Insert ());

}

The AssemblyInfo. cs of WindowApplication is not modified.

You can run it directly here, but as you can see, this can successfully call the method in Class1.

Now let's modify the Class1.cs code:

The Code is as follows:

Using System;

Using System. Security. Permissions;

Namespace ClassLibrary1

{

[StrongNameIdentityPermissionAttribute (SecurityAction. LinkDemand, PublicKey =

"002400000480000094000000060200000024da-5253413100040000010001000551684edd1600" +

"Province" +

"Province" +

"Province" +

"A47a4ba4")]

Public class Class1

{

Public Class1 ()

{

//

// TODO: add the constructor logic here

//

}

Public string Insert ()

{

Return "OK ";

}

}

}

Then, compile and run windowapplication to call the method in class1. an error occurs.

The StrongNameIdentityPermissionAttribute here is one of the CAS (Code Access Security) provided by NET. For details, refer to MSDN and SecurityAction. linkDemand requires that the caller has been granted the specified permission. Here, windowapplication must be granted the permission. If SecurityAction is used. demand requires that all advanced callers in the call stack have been granted the permissions specified by the current permission object. Their difference is: If windowapplication is authorized for access, and windowapplication2 (unauthorized access) calls class1 by calling the button1_Click method in windowapplication, if SecurityAction is used at this time. linkDemand can be called successfully, and SecurityAction is used. demand windowapplication2 cannot be called. windowapplication can be called in both cases.

Now, you must ask PublicKey = How To Get The Next string that is so long. The string following the PublicKey is the Public Key saved in the c: \ test. snk file that you started to generate. Then how can we see this public key, still using SN. EXE.

Enter sn-p c: \ test. snk c: \ publicKey. snk (extract the public key from test. snk and store it in publicKey. snk)

Enter sn-tp c: \ publicKey. snk (display public key information)

The above command will show the string behind the PublicKey. What else do you want? copy the string.

Finally, you must be concerned about how windowapplication calls class1 at this time. In fact, it is also simple. You only need to change the AssemblyInfo. cs of windowapplication:

[Assembly: AssemblyKeyFile ("c: \ test. snk")]

Now everything is okay. You can see that the most important thing is the test. snk file, so be sure to protect your own test. snk file.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.