Let's say that app consist of few assemblies. Each is strongly sign by code supplier.
App code creates objects only from signed assemblies without interception/unity ...
I don't know how to call it. So let's say that all time we are doint it in this way:
interface IMyInterface ....
class MyObject : IMyInterface ....
IMyInterface myObject = new MyObject();
Is it still possible to inject 3th part object to myObject without rebuilding dll's?
The requirement are to:
- deliver msi (dll package) with finished app.
- provide mechanizm to check app instalation integrity (my idea is to use Trusted Publishers on Windows Server 2008 R2: our certificate would be added as trusted certificate and code will be signed with this certificate).
- guarantee that unity/interception can be used to switch/modify/inject... as we implemented in delivered package.
Can unity/interception be used to inject 3th part code to such app?
This requirement exist because external company is checking out client, and they do not trust administrators.
Also this external company is checking our code, but of course somebody can inject something after we deliver app.
Let's say that they arrive on monday. Check server certificates and after a while they are sure that software is ok.
Any better idea to solve this problem?