如何隐式加载仅签名的DLL [英] How to implicitly load only signed DLL s

问题描述

我有一个与dll文件集链接的应用程序。我隐式加载DLL而不经历不安全的LoadLibrary（）调用。我正在考虑使用证书文件对DLL进行签名，以避免DLL劫持。我怀疑如何隐式链接检查我的DLL是否已签名。

I have an application which is linked with set of dll files. I am loading the DLL s implicitly without going through insecure LoadLibrary() calls. I am thinking of signing the DLL s with a certificate file to avoid DLL hijacking. I have a doubt that how can implicit linking checks whether my DLL s are signed or not.

推荐答案

您应该添加一个清单依赖项使用 MANIFESTDEPENDENCY 链接器选项，然后设置 publicKeyToken 到用于签名dll的密钥。

You should add a manifest dependency using the MANIFESTDEPENDENCY linker option and set publicKeyToken to the key used to sign the dlls.

例如

/manifestdependancy:type='win32' name='mydll' language='*' publicKeyToken='1234567890ABCDEF0'

然后Windows将拒绝加载您的应用程序，除非存在符合上述条件的dll。

Windows will then refuse to load your application unless the dll matching the above conditions is present.

这篇关于如何隐式加载仅签名的DLL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！