篡改强大的命名程序集有多难?
[英]How hard is it to tamper with a strong named assembly?
问题描述
Assume I have a .NET assembly which is strong named. 
假设我有一个强大的.NET程序集。 Only I have access to the private key. 只有我可以访问私钥。 I then distribute the assembly to some client system. 然后我将程序集分发给某个客户端系统。
How hard is it for the client to modify the assembly? 客户修改程序集有多难? Ie: what would they need to do to modify my assembly? 即:他们需要做些什么才能修改我的装配?
3 个解决方案
解决方案1
15 已采纳 2009-12-07 03:06:40
强命名不会阻止修改程序集,但它确实会阻止其他引用强命名程序集的应用程序无意中使用修改后的版本。
解决方案2
0 2009-12-07 03:11:30
It's no different from modifying a non-strongly typed assembly. 它与修改非强类型程序集没有什么不同。 The only real difference is that they would have to run the strong name utility (sn.exe) in order to use the modified assembly. 唯一真正的区别是他们必须运行强名称实用程序(sn.exe)才能使用修改后的程序集。
解决方案3
0 2009-12-07 10:49:59
As others have said, its very easy. 正如其他人所说,它非常容易。
One technique you can use is to use the public key (or token) of your assembly to encrypt important information (such as algorithm parameters, connection strings, etc) in your assembly. 您可以使用的一种技术是使用程序集的公钥(或令牌)来加密程序集中的重要信息(例如算法参数,连接字符串等)。 This way if the public key has been changed or removed, the decryption will fail and your assembly would no longer run correctly. 这样,如果公钥已被更改或删除,则解密将失败,并且您的程序集将不再正确运行。 Obfuscators such as Crypto Obfuscator use this technique as one part of the protection. 诸如Crypto Obfuscator之类的混淆器使用这种技术作为保护的一部分。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.