4

I need to inject a custom, unique, static string into my .NET based EXE. For all intents and purposes, assume that this is my Private key of a PKI.

I have a few ideas on how I'll approach protecting the Private key within the C# source code, my question is how do I take my .CS files and create an executable based off it?

Improve this question
0

2 Answers 2

Reset to default
5

Take a look at CSharpCodeProvider, which can essentially be used take a string containing source code and compile it to an assembly (EXE or DLL), or if you require, an in memory assembly.

You can also use the codeDOM for the code generation side of things. Take a look at 'Generating Source Code and Compiling a Program from a CodeDOM Graph' as a starting point.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

An "in memory" assembly. Fascinating. When would I use one? Sounds like that may be a good fit
@MakerOfThings7, in memory assemblies are nice when you want to support things like dynamically generating code based on user input and have that execute on demand without having the binary saved to disk, supporting things like macros etc. Of course .NET has evolved this you can also use things like Dynamic Methods etc. Here is a link for the dynamic method stuff msdn.microsoft.com/en-us/library/exczf7b9.aspx
3

The simplest thing to do would be to call csc, the C# compiler.

For example: (from the msdn page linked above)

csc /out:My.exe File.cs

Would produce an executable called My.exe from an input file called File.cs.

If the executable you want to compile is fairly complex, it might prove simpler to keep that pre-compiled and only compile a DLL that it calls a method in at runtime to obtain the private key, as that would be a simpler command line to pass to csc.

Improve this answer

3 Comments

Is csc always installed with .NET? What about the client framework (lighter version of .NET)?
@MakerOfThings, according to msdn.microsoft.com/en-us/library/cc656912.aspx, msbuild is not included, but it doesn't say either way regarding csc/vbc. I'd assume they are as they're core components, but I don't have a framework-less PC to verify that on I'm afraid.
Yes, scs.exe and vbc.exe are included in the runtime, not the SDK. So they are on every target machine.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.