如何保护我的装配以供其他人使用?
[英]How can I protect my Assembly to being used by someother?
问题描述
how can I protect my assembly, because once I deploy the setup, assembly will be deployed too, and there are chances that user will get the assembly from Program Files, and may add reference to any other project or create new project based on it ! 
我如何保护我的程序集,因为一旦我部署了安装程序,程序集也将被部署,并且用户可能会从Program Files获取程序集,并可能添加对任何其他项目的引用或基于它创建新项目! any solution or help would be appreciated thanks. 任何解决方案或帮助将不胜感激。
6 个解决方案
解决方案1
4 已采纳 2009-11-28 18:59:10
You can make all members inside the assembly internal, and only allow others to use it by the InternalsVisibleToAttribute . 您可以将程序集内部的所有成员设置为内部,并且只允许其他成员通过InternalsVisibleToAttribute使用它。 But if someone is persistent enough, there is no way to stop them from using it. 但如果某人足够坚持,就没有办法阻止他们使用它。
解决方案2
2 2009-11-28 18:57:41
You could obfuscate the code of your assembly which will render the task of using it more difficult but there's not much you can do to 100% prevent a user from picking the assembly and using. 您可以对程序集的代码进行模糊处理,这会使使用它的任务变得更加困难,但是您无法做到100%阻止用户选择程序集和使用它。 What you could do is NOT to deploy the assembly on the user computer but provide the functionality through a web service. 您可以做的不是在用户计算机上部署程序集,而是通过Web服务提供功能。
解决方案3
2 2009-11-28 18:58:04
You can't totally prevent that. 你不能完全阻止这一点。 But you could obfuscate your assembly in a way such that the classes and methods exposed don't have any reasonable names. 但是你可能会以一种暴露的类和方法没有任何合理名称的方式混淆你的程序集。
One such obfuscator is opensource and called obfuscar. 一个这样的混淆器是开源并称为obfuscar。 A continued project can be found here under this link . 可在此链接下找到一个继续项目。
解决方案4
1 2009-11-28 19:15:18
There is no simple way. 没有简单的方法。 You can only make it more difficult. 你只能让它变得更加困难。 If your algorithms are so unique and precious[1] that you need to make them impossible for third parties to use (or peek in), your only choice is to have the logic in a remote place (behind a server) and have your program call it. 如果您的算法是如此独特和珍贵[1],您需要让第三方无法使用(或查看),您唯一的选择是将逻辑放在远程位置(在服务器后面)并拥有您的程序称它为。
[1] Something that, in my humble experience, is never the case. [1]在我的卑微经历中,从来就不是这样的。
解决方案5
0 2009-11-29 13:17:55
您可以使用ILmerge将程序集合并到可执行文件中,然后使用模糊处理来保护整个程序包(可以将.NET可执行文件视为可以链接到的程序集)。
解决方案6
0 2009-11-29 13:45:23
While it obviously isn't secure - you still have to store the decryption key somewhere - it works perfectly fine to encrypt your DLLs on disk, then load them and decrypt in memory. 虽然它显然不安全 - 你仍然需要在某处存储解密密钥 - 它可以很好地加密你的磁盘上的DLL,然后加载它们并在内存中解密。
If you hook AppDomain.CurrentDomain.AssemblyResolve with a custom handler, you can even do it transparently - when your assembly tries to load a specific DLL, it fails, your handler fires, and loads the assembly from the encrypted DLL. 如果使用自定义处理程序挂接AppDomain.CurrentDomain.AssemblyResolve,您甚至可以透明地执行此操作 - 当程序集尝试加载特定DLL时,它会失败,处理程序将触发,并从加密的DLL加载程序集。
I've yet to find any problems with this approach. 我还没有发现这种方法有任何问题。
Also, if you're only worried about people using your finished DLLs in their own projects, you could add a few stack checks to your code, as well as resolving which assembly is running and performing a hash check on it. 此外,如果您只担心人们在自己的项目中使用已完成的DLL,您可以在代码中添加一些堆栈检查,以及解析正在运行的程序集并对其执行哈希检查。 Both of these countermeasures can easily be edited out of your DLL, however. 但是,这两种对策都可以很容易地从DLL中编辑出来。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.