Here's a routine that extracts the public key token from an assembly. You
can use this to extract the token from the assembly you loaded and then
compare that against the assembly that is executing, which is signed with
your company's strong name.
using System.Collections;
using System.Security;
using System.Security.Policy;
using System.Security.Permissions;
using System.Reflection;
/// <summary>
/// This gets the public key portion of the strong name for the assembly.
/// Use the reflection APIs to extract the strong name
/// from the executing assembly.
/// </summary>
/// <returns></returns>
private StrongNamePublicKeyBlob GetStrongNamePublicKey (Assembly asm)
{
// this gets the dynamic value
IEnumerator e = asm.Evidence.GetEnumerator();
while ( e.MoveNext() )
{
if ( e.Current.GetType() == typeof(
System.Security.Policy.StrongName ) )
{
StrongName u = (StrongName)e.Current;
Trace.WriteLine( string.Format("Name= {0}, {1}; PublicKey= {2}",
u.Name, u.Version, u.PublicKey) );
return u.PublicKey;
}
} //while ( e.MoveNext() )
throw new SecurityException( "Unable to extract public key strong name
from assembly." );
}// GetStrongName
use it like this...
public Assembly LoadMyPlugin (string pluginName )
{
Assembly a = Assembly.Load(pluginName); // or some variant of Loadxxx
StrongNamePublicKeyBlob me = GetStrongNamePublicKey(
Assembly.GetExecutingAssembly() ); //
StrongNamePublicKeyBlob caller = GetStrongNamePublicKey( a );
if ( !me.Equals( caller ) )
throw new InvalidOperationException( "You are not allowed to call
me." ); // or throw a SecurityException
return a; // I wrote it...
}
