Limiting the use of assemblies from assemblies that are not signed

Question

Limiting the use of assemblies from assemblies that are not signed

I have a requirement to have a constraint in the assembly, so only assemblies that are signed with the given key can use it. I'm inexperienced, but I understand that signing is done to determine who created the assembly. Therefore, simply signing this assembly should not be enough to ensure that all calling assemblies are signed. Probably the opposite is true, i.e. If the assembly is signed, all its assemblies must be signed (possibly with the same key). What will be the way to satisfy this requirement?

+6

c # .net

Tulika verma Dec 04 '12 at 6:38

source share

1 answer

Alexander Bortnik · Accepted Answer · 2012-12-12T09:39:27+0000

You can use PublisherIdentityPermissionAttribute .

If you apply the PublisherIdentityPermissionAttribute class to the MyClass class, then only classes in assemblies signed by the mycert.cer certificate can use your class. You need to put SecurityAction.Demand

All callers above the call stack must be granted the permission indicated by the current permission object

Use as

 [PublisherIdentityPermission(SecurityAction.Demand, CertFile = "mycert.cer")] public class MyClass

You can also use it at the assembly level to protect the entire assembly (however, assembly-level security will not work with .Net 4.0 unless you set <NetFx40_LegacySecurityPolicy enabled="true"/> in the configuration).

Limiting the use of assemblies from assemblies that are not signed

More articles: