Shulou(Shulou.com)06/03 Report--

This article focuses on "how to use SNK key files to protect DLL and code from decompilation tutorial", interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let the editor take you to learn the tutorial on how to protect DLL and code from decompilation with SNK key files.

We do project development is generally hierarchical, such as UI layer, business layer, data access layer. The business tier refers to the DLL of the data access layer (such as dataAccess.dll) and uses the methods in dataAccess.dll. When the project is completed and given to the customer, but some BT customers can also ask someone who knows a little bit about NET to reference your dataAccess.dll and call the methods to destroy it. For example, you can directly use the ChangePwd (string UserName,string Pwd) method to change the passwords of other users.

Okay, it's time to start talking about how to protect our code:

First of all, we need to make our assembly a strongly named assembly.

Here we type sn-k c:\ test.snk at the .NET command prompt to create a new random key pair and store it in c:\ test.snk

Then create a new class library, ClassLibrary1, with only one class file, Class1.cs, with the following code:

The copy code is as follows:

Using System

Namespace ClassLibrary1

{

Public class Class1

{

Public Class1 ()

{

/ /

/ / TODO: add constructor logic here

/ /

}

Public string Insert ()

{

Return "ok"

}

}

}

AssemblyInfo.cs Code:

/ /. Use default for the rest.

[assembly: AssemblyKeyFile ("c:\\ test.snk")] / / Connect the files generated above with the strong naming tool SN.exe.

Then create a WindowApplication to call our ClassLibrary1, code:

The copy code is as follows:

Private void button1_Click (object sender, System.EventArgs e)

{

MessageBox.Show (new ClassLibrary1.Class1 () .Insert ())

}

The AssemblyInfo.cs of WindowApplication is not modified.

You can run it directly here, but as you can see, you can successfully call the methods in Class1.

Now let's modify the Class1.cs, code:

The copy code is as follows:

Using System

Using System.Security.Permissions

Namespace ClassLibrary1

{

[StrongNameIdentityPermissionAttribute (SecurityAction.LinkDemand, PublicKey =

"00240000048000009400000006020000002400005253413100040000010001000551684edd1600" +

"8ccbdd337b1cf1490490d97fe0048c5f3629cc4f5104578499eace9b2a94115022edd620def472" +

"8b4f088291cfa77a40659afba611fdafbb7894b93a64049d439936bd0cd8dc0704625aeb735892" +

"e9eb3f910a49a2925af10515d935654d7adac5567ff6d780d23d587de0ff4d271da7b30680fa88" +

"a47a4ba4")]

Public class Class1

{

Public Class1 ()

{

/ /

/ / TODO: add constructor logic here

/ /

}

Public string Insert ()

{

Return "ok"

}

}

}

Then running windowapplication after compilation to call the method in class1 will cause an error.

StrongNameIdentityPermissionAttribute here is a class of CAS (Code Access Security) provided by NET. For more information, please see MSDN,SecurityAction.LinkDemand which requires that the direct caller has been granted the specified permission, that is, the windowapplication must be granted the permission. If you use SecurityAction.Demand, all the advanced callers in the call stack have been granted the permission specified by the current permission object. The difference between them is: if windowapplication has authorized access, and there is a windowapplication2 (unauthorized access) to call class1 by calling the button1_Click method in windowapplication, you can successfully call it if you use SecurityAction.LinkDemand, but you cannot call it with SecurityAction.Demand windowapplication2, and windowapplication can be called in both cases.

At this point, you must ask PublicKey= how to get such a long string behind it. The string after PublicKey is the public key saved in the c:\ test.snk file that you started to generate. Then how to see the public key, it is still using SN.EXE.

Enter sn-p c:\ test.snk c:\ publicKey.snk (extract the public key from test.snk and store it in publicKey.snk)

Then enter sn-tp c:\ publicKey.snk (display public key information)

With the above command, you can see the string behind PublicKey. What else do you want? copy the string.

Finally, you must be concerned about how windowapplication will call class1 at this time. In fact, it is also simple. Just change the AssemblyInfo.cs of windowapplication to:

[assembly: AssemblyKeyFile ("c:\\ test.snk")]

Everything OK here, we all see that the most important thing is the test.snk file, so be sure to protect your own test.snk file.

At this point, I believe you have a deeper understanding of "how to use SNK key files to protect DLL and code from decompilation tutorials". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.