在.NET中使用强名称程序集确保代码没有被篡改？

Question

I'm trying to understand the point of strong-naming assemblies in .NET. While googling about it I noticed that everywhere it is said that it ensures that the code comes from me and wasn't tampered with. So I tested it. I created a simple DLL, signed it with a newly created PFX key and referenced it by my WPF application. And ok, everything works. When I compile the DLL with another PFX file I get an error, so it's ok.

BUT when I decompile the DLL by ildasm, modify it and recompile it by ilasm the WPF application still works without any error. So I tampered the strongly-named DLL and changed it manually with the old one and the application still works with the tampered DLL. The PublicKeyToken is the same. So what is the point of strong-naming? It doesn't ensure the code hasn't been tampered with since I strong-named it.

Answer 1

It used to check for tampering, but the overhead of checking every strong-name-signed assembly at application startup was too high, so Microsoft disabled this behaviour by default a number of years ago (way back when ".NET Framework version 3.5 Service Pack 1" was released).

This is called the Strong-Name bypass feature .

You can disable the feature (ie make Windows check for tampering) for a particular application by adding the following to its ".config" file:

<configuration>  
  <runtime>  
    <bypassTrustedAppStrongNames enabled="false" />  
  </runtime>  
</configuration>  

You can enable strong-name checking for ALL applications by editing the registry (which is clearly not a feasible solution!).

For more details, see the following page:

https://docs.microsoft.com/en-us/dotnet/framework/app-domains/how-to-disable-the-strong-name-bypass-feature

The advice nowadays is to use a full code-signing certificate for your executable and DLLs if you want to prevent code tampering.