使用应用程序签名来控制执行
我有一个 .NET 应用程序 (.exe C#),它调用不同的 DLL(C# DLL 和 C++ DLL) - 我有它们的源代码需要重新编译...
现在,我的目标是使用 证书,然后执行以下操作: - 如果操作系统中未安装证书->该应用程序将无法启动。 - 如果证书安装在操作系统中 + DLL 未签名或 使用不同的证书签名(用于 exe)->一旦该 DLL 调用,应用程序就会崩溃。
可以这样做吗?在 .NET 中使用代码签名?如果不是,签署申请的目的是什么?
I have a .NET application (.exe C#) that calls different DLLs (C# DLLs and C++ DLLs) - I have their source code to recompile ...
Now, my goal is to sign my application (exe + dlls) with a
certificate and then do the following:
- If the certificate is not installed in the OS -> the application will not start.
- If the certificate is installed in the OS + a DLL is not signed or
signed with a different certificate (used for the exe) -> The app should crash once that DLL called.
Is it possible to do this? using Code signing in .NET ? if not, what's the goal of signing the application?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
不幸的是,不,签名不会帮助您阻止在普通系统上执行(策略中存在设置告诉系统仅加载签名的可执行文件)。签名用于证明 EXE/DLL/等的作者身份。事实上,它没有被病毒或特洛伊木马修改。
Unfortunately, no, signing won't help you prevent execution on average system (there exist settings in policy that tell the system to only load signed executables). Signing is used to certify authorship of the EXE/DLL/etc. and the fact, that it has not been modified by virus or troyan.