The short answer is that beyond the obvious things, there is not much you can do.

简短的回答是，除了显而易见的事情之外，您无能为力。

The obvious things that you might want to consider (roughly in order of increasing difficulty and decreasing plausibility) include:

您可能需要考虑的显而易见的事情（大致按照难度增加和合理性降低的顺序）包括：

• Static link so there is no DLL to attack.
• Strip all symbols.
• Use a .DEF file and an import library to have only anonymous exports known only by their export ids.
• Keep the DLL in a resource and expose it in the file system (under a suitably obscure name, perhaps even generated at run time) only when running.
• Hide all real functions behind a factory method that exchanges a secret (better, proof of knowledge of a secret) for a table of function pointers to the real methods.
• Use anti-debugging techniques borrowed from the malware world to prevent reverse engineering. (Note that this will likely get you false positives from AV tools.)

• 静态链接，所以没有 DLL 可以攻击。
• 剥离所有符号。
• 使用 .DEF 文件和导入库来让匿名导出仅通过导出 ID 识别。
• 将 DLL 保存在资源中，并仅在运行时将其暴露在文件系统中（以适当的模糊名称，甚至可能在运行时生成）。
• 将所有真实函数隐藏在工厂方法后面，该工厂方法为指向真实方法的函数指针表交换秘密（更好的是，秘密知识的证明）。
• 使用从恶意软件世界借来的反调试技术来防止逆向工程。（请注意，这可能会让您从 AV 工具中获得误报。）

Regardless, a sufficiently determined user can still figure out ways to use it. A decent disassembler will quickly provide all the information needed.

无论如何，一个足够坚定的用户仍然可以找到使用它的方法。一个体面的反汇编程序将快速提供所需的所有信息。

Note that if your DLL is really a COM object, or worse yet a CLR Assembly, then there is a huge amount of runtime type information that you can't strip off without breaking its intended use.

请注意，如果您的 DLL 确实是一个 COM 对象，或者更糟的是一个 CLR 程序集，那么在不破坏其预期用途的情况下，您无法剥离大量运行时类型信息。

EDIT:Since you've retagged to imply that C# and .NET are the environment rather than a pure Win32 DLL written in C, then I really should revise the above to "You Can't, But..."

编辑：由于您重新标记为暗示 C# 和 .NET 是环境而不是用 C 编写的纯 Win32 DLL，那么我真的应该将上述内容修改为“您不能，但是...”

There has been a market for obfuscation tools for a long time to deal with environments where delivery of compilable source is mandatory, but you don't want to deliver useful source. There are C# products that play in that market, and it looks like at least one has chimed in.

长期以来，混淆工具一直存在市场，用于处理强制交付可编译源的环境，但您又不想交付有用的源。在该市场上有 C# 产品，看起来至少有一个产品加入了进来。

Because loading an Assembly requires so much effort from the framework, it is likely that there are permission bits that exert some control for honest providers and consumers of Assemblies. I have not seen any discussion of the real security provided by these methods and simply don't know how effective they are against a determined attack.

因为加载程序集需要框架的大量工作，所以很可能存在对程序集的诚实提供者和消费者施加一些控制的权限位。我没有看到任何关于这些方法提供的真正安全性的讨论，只是不知道它们对确定的攻击有多有效。

A lot is going to depend on your use case. If you merely want to prevent casual use, you can probably find a solution that works for you. If you want to protect valuable trade secrets from reverse engineering and reuse, you may not be so happy.

很大程度上取决于您的用例。如果您只是想防止随意使用，您可能会找到适合您的解决方案。如果您想保护有价值的商业秘密免遭逆向工程和重用，您可能不会那么高兴。

You could embed it into your executable, and extract and loadlibrary at runtime and call into it. Or you could use some kind of shared key to encrypt/decrypt the accompanying file and do the same above.

您可以将它嵌入到您的可执行文件中，并在运行时提取和加载库并调用它。或者您可以使用某种共享密钥来加密/解密随附的文件并执行上述相同的操作。

I'm assuming you've already considered solutions like compiling it in if you really don't want it shared. If someone really wants to get to it though, there are many ways to do it.

我假设您已经考虑过诸如编译之类的解决方案，如果您真的不想共享它。不过，如果有人真的想达到它，有很多方法可以做到。

Take a look at the StrongNameIdentityPermissionAttribute. It will allow you to declare access to your assembly. Combined with a good code protection tool (like CodeVeil(disclaimer I sell CodeVeil)) you'll be quite happy.

看看StrongNameIdentityPermissionAttribute。它将允许您声明对程序集的访问。结合良好的代码保护工具（如CodeVeil（我出售 CodeVeil 的免责声明）），您会很高兴。

You're facing the same issue as proponents of DRM.

您面临着与 DRM 支持者相同的问题。

If yourprogram (which you wish to be able to run the DLL) is runnable by some user account, then there is nothing that can stop a sufficiently determined programmer who can log on as that user from isolating the code that performs the decryption and using that to decrypt your DLL and run it.

如果您的程序（您希望能够运行 DLL）可以由某个用户帐户运行，那么没有什么可以阻止一个能够以该用户身份登录的足够坚定的程序员隔离执行解密和使用的代码解密你的DLL并运行它。

You can of course make it inconvenient to perform this reverse engineering, and that may well be enough.

您当然可以使执行此逆向工程变得不方便，这可能就足够了。

You may be interested in the following information about Friend assemblies: http://msdn.microsoft.com/en-us/library/0tke9fxk(VS.80).aspx

您可能对以下有关 Friend 程序集的信息感兴趣：http: //msdn.microsoft.com/en-us/library/0tke9fxk(VS.80).aspx

Well you could mark all of your "public" classes as "internal" or "protected internal" then mark you assemblies with [assembly:InternalsVisibleTo("")] Attribute and no one but the marked assemblies can see the contents.

好吧，您可以将所有“公共”类标记为“内部”或“受保护的内部”，然后使用 [assembly:InternalsVisibleTo("")] 属性标记您的程序集，并且除了标记的程序集之外没有人可以看到内容。

Have you tried .Net reactor? I recently came across it. Some people say its great but I am still testing it out.

你试过 .Net 反应器吗？我最近遇到了它。有人说它很棒，但我仍在测试它。