未经授权呼叫者安全C#组件 [英] Secure C# Assemblies from unauthorized Callers
问题描述
有什么办法,以确保您的程序集下的类/属性和放大器;类/方法级prevent的使用/他们的呼叫从不是由公司签署了另一项集会?
Is there any way to secure your assembly down to the class/property & class/method level to prevent the using/calling of them from another assembly that isn't signed by our company?
我想这样做不会对强命名的任何要求(如使用StrongNameIdentityPermission),并且该组件是如何签订坚持下去。我真的不希望诉诸使用InternalsVisibleTo属性,因为这是不是在一个不断变化的软件生态系统维护。
I would like to do this without any requirements on strong naming (like using StrongNameIdentityPermission) and stick with how an assembly is signed. I really do not want to resort to using the InternalsVisibleTo attribute as that is not maintainable in a ever changing software ecosystem.
例如:
方案一
Foo.dll是由我公司签署并Bar.dll未签名的。
Foo.dll is signed by my company and Bar.dll is not signed at all.
美孚拥有A级
酒吧拥有B级
Foo has Class A Bar has Class B
A类有public方法GetSomething()
B类试图调用Foo.A.GetSomething()和被拒绝
Class A has public method GetSomething() Class B tries to call Foo.A.GetSomething() and is rejected
拒绝可以例外,或以某种方式被忽略
Rejected can be an exception or being ignored in someway
两个方案
Foo.dll是由我公司签署并Moo.dll也由我公司签约。
Foo.dll is signed by my company and Moo.dll is also signed by my company.
美孚拥有A级
武有C类
Foo has Class A Moo has Class C
A类有public方法GetSomething()
C类试图调用Foo.A.GetSomething()和不被拒绝。
Class A has public method GetSomething() Class C tries to call Foo.A.GetSomething() and is not rejected
推荐答案
如果你是想限制主叫方只code已authenti code。通过一个特定的证书签名,您仍然可以使用CAS (只是没有StrongNameIdentityPermission)。
If you are wanting to limit the callers to only code that has been authenticode signed by a specific certificate, you can still use CAS (just not StrongNameIdentityPermission).
使用<一个href=\"http://msdn.microsoft.com/en-us/library/system.security.permissions.publisheridentitypermission.aspx\">PublisherIdentityPermission就像你会使用的任何CAS权限。或者,如果你想声明去做,<一个href=\"http://msdn.microsoft.com/en-us/library/system.security.permissions.publisheridentitypermissionattribute.aspx\">use一个属性。
Use PublisherIdentityPermission just like you would have used any CAS permissions. Or if you want to do it declaratively, use an attribute.
这篇关于未经授权呼叫者安全C#组件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
