3

I have one C# application. when it release before pakage, I'm use IntelliLock encrypted it. and use startssl digital-signature it.(actually I don't know how use it , Is possible use it validate the dll?)

but I'm still worry about this: there is 1 or 2 dll use check use identity, and very small. I worry it be modify and replace by same name . then application will not check identity.

So my problem is , is there any way to check the dll is not be modify after the IntelliLock and startssl digital singed step?

thank you very much.

qakmak
  • 1,287
  • 9
  • 31
  • 62
  • I've not used it but provided you build against strongly named version of the the locked assembly then I can't see how it can be done. http://www.eziriz.com/intellilock_online_help/index.html – Preet Sangha Sep 09 '13 at 04:58
  • @Preet Sangha Hi friend. thanks you replay. I'll try it Immediately. – qakmak Sep 09 '13 at 05:14

1 Answers1

0

I believe your best be would be to try to load the bytes from the DLL and calculate a checksum .A checksum is a cumulative calculation of the bytes in the file based off of a table of pre-calculated values. checksum can be calculated using a library or your own implementation. I would read the file contents then calculate a check-sum.

You will need to verify the value either over the web or by referencing a value stored locally. One way some are able to get around this and modify your file is to run your application, decompile and find out how the checksum is calculated, modify the DLL, then change the checksum stored locally to match. Using a webAPI on a server to verify the checksum may be the most secure method.

Some use MD5 as a checksum as shown here: Calculate MD5 Checksum

And enough information to get you started here: Generating a checksum for a file

Community
  • 1
  • 1
thepenguinmaster
  • 515
  • 5
  • 9
  • Hi @user2840050, thanks. but that way not a very helpful way. because dll always be change, I can't get it MD5 every time when it build. and if I'm use other tools Obfuscation it , can't use MD5 way. – qakmak Oct 23 '13 at 16:15
  • If the DLL change is due to a build, then it would be best to setup a post build script to calculate the checksum and update it. You could run the signing and encryption, then lastly calculate the checksum from the final DLL. – thepenguinmaster Nov 07 '13 at 16:19