none
Restricting access to a DLL's API RRS feed

  • Question

  • Hi,
    It's quite abstract but I'll give it a try:
    I have designed an electronic device and I have written a USB device driver for it in the form of a class library in VS2005/C#.  On one hand, I want to use this DLL in various applications I develop and publish.  On the other hand, I don't want anyone else to be able to access the device driver API and operate the device (for example, I don't want any 3rd party to be able to implement software using my device).  Is there a way in VS2005 to accomplish this?
    Thanks,
      Ury
    Thursday, October 15, 2009 12:44 PM

Answers

  • Actually you can, the StrongNameIdentityPermissionAttribute is specifically designed for this, it allows you to validate that the calling code has been singed with a specific key.
    • Marked as answer by ury Thursday, October 15, 2009 1:57 PM
    Thursday, October 15, 2009 1:49 PM
  • Hi,

    An option could be to use asymmetric encryption to verify the caller - store public key within your DLL and private key - within your application.

    P.S.

    Ray M pointed out pretty good option. I didn't even was aware about such possibility.
    Vitaliy Liptchinsky http://dotnetframeworkplanet.blogspot.com/
    • Marked as answer by ury Thursday, October 15, 2009 1:12 PM
    • Edited by Vitaliy Liptchinsky Thursday, October 15, 2009 2:12 PM correcting
    Thursday, October 15, 2009 12:59 PM

All replies

  • Hi,

    An option could be to use asymmetric encryption to verify the caller - store public key within your DLL and private key - within your application.

    P.S.

    Ray M pointed out pretty good option. I didn't even was aware about such possibility.
    Vitaliy Liptchinsky http://dotnetframeworkplanet.blogspot.com/
    • Marked as answer by ury Thursday, October 15, 2009 1:12 PM
    • Edited by Vitaliy Liptchinsky Thursday, October 15, 2009 2:12 PM correcting
    Thursday, October 15, 2009 12:59 PM
  • Actually you can, the StrongNameIdentityPermissionAttribute is specifically designed for this, it allows you to validate that the calling code has been singed with a specific key.
    • Marked as answer by ury Thursday, October 15, 2009 1:57 PM
    Thursday, October 15, 2009 1:49 PM