by andy@andybeaulieu.com via Andy's Blog on 4/15/2010 10:39:00 PM
You might be aware that when you publish a Silverlight XAP on the web, your source code is very vulnerable to prying eyes. A XAP file is in a ZIP compressed format, and the contents are .NET Assemblies and resources which can be disassembled easily using a tool like .NET Reflector . Although there is no sure-fire way to stop someone from copying your Silverlight application logic, obfuscation can at least make it a bit more difficult to hack through.
There are a few obfuscators out there that support Silverlight, but they can be pricey. However, Babel Obfuscator started out as a community project and still maintains a freeware edition. Additionally, it appears that the new version of Babel has corrected some issues with obfuscating Silverlight assemblies.
Here is how you can use the free edition of Babel Obfuscator to encrypt your Silverlight assemblies: (I should mention, if you do have $149 laying about, I recommend buying the Pro version of Babel which has XAP support)
1. Download the Free edition of Babel Obfuscator.
2. Download the Free 7-zip compression utility. We’ll need this to update the obfuscated assemblies in our Silverlight XAP file. If you are happier with a different ZIP utility, go ahead and use it instead.
3. Inside your Silverlight solution, right-click the Silverlight project and select Properties.
4. Go to the “Build Events” tab and add the following inside the Post-build event command line:"C:\Program Files\Babel\babel.exe" $(TargetPath) --noildasm --nomsil --noinvalidopcodes "C:\Program Files\7-Zip\7z.exe" a $(TargetDir)$(ProjectName).xap $(TargetDir)BabelOut\$(TargetFileName) -y -tZIP
This post-build event will run the Babel Obfuscator against your assembly, which places it into a “BabelOut” subdirectory. Then we use 7-zip to bring that updated, obfuscated assembly back into our XAP file.
We can use a tool like .NET Reflector to see what the obfuscator does for us. Here is some example before-and-after code showing an example of the obfuscation.
BEFORE OBFUSCATION
private bool IsRagDollPart(string part); private void LayoutRoot_KeyDown(object sender, KeyEventArgs e); private void LayoutRoot_KeyUp(object sender, KeyEventArgs e); private void MainPage_Loaded(object sender, RoutedEventArgs e); private void newObstacleExplode_Exploded(ucObstacle source); private void newObstacleExplode_Exploding(ucObstacle source); private void PositionBalloon(ucObstacle obstacle); private void PositionEnemy(FlyingEnemyBase enemy); private void PositionPowerUp(PowerupBase powerUp); public static double RadiansToDecimalDegrees(double radians); private void ResetLevel(); private void ShieldActive(bool isActive); private void ucExplosion1_Exploded(ucExplosion source); private void ucMainGame_KeyDown(object sender, KeyEventArgs e); private void ucMainGame_KeyUp(object sender, KeyEventArgs e);
AFTER OBFUSCATION
private void ?(bool ?); private bool ?(string ?); private void ?(object ?); private void ?(); private void ?(PowerupBase ?); private void ?(bool ?); private void ?(ucObstacle ?); private void ?(ucExplosion ?); private void ?(); private void ?(ucObstacle ?); private void ?(ucObstacle ?); private void ?(PowerupBase ?); private void ?(FlyingEnemyBase ?); private void ?(object ?, KeyEventArgs ?); private void ?(object ?, KeyEventArgs ?);
Original Post: Obfuscating Silverlight (for free)
The content of the postings is owned by the respective author. Silverlight Feeds is not responsible for the contents of the postings. This site is automatically generated and cannot be reviewed for abusive content. If you find abusive content on Silverlight Feeds, please contact us. Designated trademarks and brands are the property of their respective owners. All rights reserved.
