Hi,
How can I prevent someone run a modified executable assembly (ie: modified
with an Hex editor) ??
I use .NET 2.0 and VS 2005.
Steph.
You can strongly name the assembly.
In a nutshell...your private key is used to encrypt a hash of the
contents of the assembly at compile time. Your public key (or
technically the public key token) is also attached to the assembly.
When the framework loads the assembly it will run the same hash
algorithm and compare it to the decrypted hash that was attached to
the assembly. That hash can be decrypted via the public key.
If you modify the assembly the two hashes will no longer match.
Likewise, if you modify the attached public key the framework will
fail to decrypt the attached hash causing it to be different from the
computed hash.
There is a rumor that you can change a single byte in the assembly to
circumvent all of this in 1.0 and 1.1. Apparently the bug was fixed
in 2.0 and later according to the rumor.