Attention: We are retiring the ASP.NET Community Blogs. Learn more >

Lately I've had fun building different kinds of features

I've been fortunate enough to get to play with some interesting technologies of late due to some different types of features that I've been required to deliver. We've got a WinForms client which is a front-end to a BI application and lately we've had to implement:

  1. A client licensing model
  2. An application updater
  3. Code obfuscation / protection

The first two of these we designed and wrote from the ground up. For the third one however we decided to go for a third party solution. It came down to 2 possibilities: DotFuscator to obfuscate our code or RemoteSoft Protector to compile the code straight into native format.

Our client application consists of around 70 assemblies on the client side and talks to 13 web services on the server side. It's a pretty advanced application so, we started by drawing up a list of what we needed to be able to do. Basically the code protection too need the ability to:

  • Pass and load classes that have been binary serialized across web service calls
  • Dynamically load types through reflection and invoke their members
  • Read information from an application config file
  • Load images and xml documents from resource files
  • Be interchangeable with other (obfuscated/compiled) versions of the same assembly
  • P/invoke native calls
  • Log sensible/legible exception messages

After some testing we found that the protector worked better on our code so we implemented it. It was a painless affair. I should mention that both companies were excellent to deal with and responded to our questions very promptly.

Once we worked out how to use protector we wrote a VS.NET add-in which could intercept the assemblies when we did a build so that only the protected assemblies got included into our .msi. That was an interesting excercise. We basically handled a "build completed" event to grab the newly created assembly from the \obj\release folder, then shell'ed it to the Protector application and had Protector re-direct it into the \bin folder. Then our installer project just included the primary output from the \bin folder. Neat!

Links to resources
http://remotesoft.com/salamander/protector.html
http://www.preemptive.com/products/dotfuscator/index.html

No Comments