I have an assembly which should not be used by any application other than the designated executable. Please give me some instructions to do so.
Using Strong Names The primary way to protect your assemblies from attack is to attach a strong name. Strong names are pairs of keys (strings of numbers)—one private and one public. The private key is held inside the assembly and is inaccessible. The public key is available to all.
A shared assembly is used by multiple applications and is typically stored in a global folder known as the Global Assembly Cache (GAC).
You can sign the assembly and the executable with the same key and then put a check in the constructor of the classes you want to protect:
public class NotForAnyoneElse {
public NotForAnyoneElse() {
if (typeof(NotForAnyoneElse).Assembly.GetName().GetPublicKeyToken() != Assembly.GetEntryAssembly().GetName().GetPublicKeyToken()) {
throw new SomeException(...);
}
}
}
In .Net 2.0 or better, make everything internal, and then use Friend Assemblies
http://msdn.microsoft.com/en-us/library/0tke9fxk.aspx
This will not stop reflection. I want to incorporate some of the information from below. If you absolutely need to stop anyone from calling, probably the best solution is:
You could also check up the call stack and get the assembly for each caller and make sure that they are all signed with the same key as the assembly.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With