[Mono-dev] mkbundle & Assembly.GetEntryAssembly()

Robert Jordan robertj at gmx.net
Wed May 17 21:44:46 UTC 2017 

On 16.05.2017 17:02, Rick Tillery wrote:
> Of course, if there is a better way of addressing the EXE assembly, it 
> would be better than directly accessing the Linux binary as a file and 
> searching for it.  As I mentioned, I looked at the Modules list returned 
> by GetModules(), but the name of the EXE appeared there.  Now I'm 
> wondering if that might be a good thing.  If I use the Location name 
> with Assembly.GetModules("assytest.exe"), can I use the Module to access 
> the EXE?

I'm not aware of any corlib API which gives you the raw bytes of a
System.Reflection.Assembly or .Module object back.

If your verification code is actually necessitating the whole PE file
to operate successfully, I'm afraid there is no way to achieve this
sanely at the moment.

Now the insane way:

With the so called "old embedding" options of mkbundle you might
be able to intercept the build process and inject a function which
exposes the bundles as BLOBs.

See "-c", "--keeptemp", "--bundled-header" (undocumented) and
the source code of mkbundle. Maybe --custom-main would be sufficient.

What you basically have to do is: expose the "bundled" variable
(of type MonoAssemblyBundle*, see output of temp files when
--bundled-header was specified) with a function:

/* returns a zero-terminated MonoBundledAssemby[] array.
void* mkbundle_get_bundles()
{
	return bundled;
}

and p/invoke it from your managed code with:

[DllImport("__Internal")]
static extern IntPtr mkbundle_get_bundles();

Then you'll need the get the raw bytes of the assembly from
the "data" field of MonoBundledAssembly:

typedef struct {
	const char *name;
	const unsigned char *data;
	const unsigned int size;
} MonoBundledAssembly;


Don't blame me... :)

> 
> Additionally, I found this information 
> <https://blogs.msdn.microsoft.com/shawnfa/2004/06/07/checking-for-a-valid-strong-name-signature/> 
> about checking signatures.  (I believe our project uses signtool.exe.)
> 
> Are either of these leading me in the right direction?

The first part (public key token check) from this blog post won't
help you much, unless you really want a *very* basic integrity check.
Assembly Strong Names were not intended for security/integrity checks.

And the second part (p/invoke into mscoree) does not work with
Mono because it's specific to MS.NET.

Robert

More information about the Mono-devel-list mailing list