You may wish to combine obfuscation with Software Potential’s code transformation/protection. For example you might use Code Protector to protect the most sensitive code in your application, combined with obfuscation for the remainder. Code protection and obfuscation can be combined very easily, provided code is obfuscated before being transformed using Code Protector.
The Software Potential code transformation step is integrated in the build process using MSBuild and we provide an MSBuild target
BeforeSpProtect that you can override to apply obfuscation to the compiled assembly before code is transformed using Code Protector.
To override this target, you could simply declare a BeforeSpProtect target in your project file after
Sp.Protector.targets import element. A better approach, particularly if you want to use obfuscation on multiple projects in a solution, is to create a targets file (e.g. Sp.Obfuscation.Custom.targets) that defines your custom BeforeSpProtect target and to import that targets file from each project.
The BeforeSpProtect target has access to the following Items and Properties:
- the input assembly is at @(SpProtectInputAssembly), in the directory $(SpProtectBeforePath)
- the input assembly's PDB is at @(SpProtectInputAssemblyPdb), in the directory $(SpProtectBeforePath)
There are a few simple steps involved in integrating an obfuscator using the BeforeSpProtect target:
- Create a targets file to configure and call your obfuscation tool of choice. This should include a target
<Target Name="BeforeSpProtect">to trigger the call to the obfuscation tool of your choice.
<!--This is the hook we use to obfuscate an assembly before it is protected-->
<Warning Text="TODO: Obfuscate @(SpProtectInputAssembly) here and/or remove this warning. Check out the Sp.Obfuscation.Babel.targets as an example."/>
- Import this targets file in your proj file(s):
<!--Important to include this after Sp.Protector.targets-->
<Import Project="..\Sp.Obfuscation.Custom.targets" />
Please see the GiHub BuildIntegration sample solution which demonstrates how to combine obfuscation (using Babel) with Software Potential’s code protection https://github.com/SoftwarePotential/BuildIntegration/tree/master/Sp.Samples.BuildIntegration
In this sample there is an empty .targets file called Sp.Obfuscation.Custom.targets that contains just the BeforeSpProtect target. There is also a complete sample .targets file for Babel obfuscator - Sp.Obfuscation.Babel.targets.
Article is closed for comments.