Obfuscation Tools

There are a number of obfuscation tools for .NET code available on the market, as can be seen on the MSDN C# Programming Tools page, for example. In order to successfully obfuscate yFiles for Silverlight-based applications, a suitable tool needs to meet the following requirements:

Note

The yFiles for Silverlight diagramming library has been prepared so that obfuscation tools that lack support for generic types and methods, which are used intensively throughout the library, should work as well. Specifically, this includes Dotfuscator Community Edition that comes bundled with Visual Studio 2010.

Dotfuscator Professional Edition, in contrast, provides dedicated support for generic types and methods and thus presents the better choice when obfuscating a yFiles for Silverlight-based application, especially when the application itself also uses generic types and methods.

Tip

Special offer: With the "yWorks Customer Loyalty Program" yWorks customers can get deeply discounted pricing on Dotfuscator Professional and other products by PreEmptive Solutions. Available license configurations are listed on their website here: http://www.preemptive.com/yworks-loyalty-program. To discuss other configurations, yWorks customers can contact PreEmptive Solutions referencing "yWorks Customer Loyalty Program."

Using Dotfuscator

Visual Studio 2010 comes bundled with Dotfuscator Community Edition ("Dotfuscator CE" for short). This .NET code obfuscator already fulfills the requirements listed in the section called “Obfuscation Tools”.

Note

The following steps require at least version 5.0.2600 of Dotfuscator CE.

Obfuscation of a Silverlight application is done by obfuscating the assemblies contained in the application's .xap container file. Dotfuscator Professional Edition will process the assemblies transparently when specifying the .xap file as a Silverlight package input type. Dotfuscator CE has no support for extracting the DLLs, which means that this has to be done manually prior to the actual obfuscation process (note that the .xap file format is actually a renamed .zip archive):

  1. Dotfuscator CE Extract the contents of the .xap file.
  2. Dotfuscator CE Add the yFiles for Silverlight assemblies (yWorks.yFilesSilverlight.Algorithms.dll, yWorks.yFilesSilverlight.Viewer.dll, yWorks.yFilesSilverlight.Adapter.dll) as used by your application as input assemblies. Also add all your application's DLLs that depend on the yFiles for Silverlight assemblies as input assemblies.

    Dotfuscator Professional Edition Choose the application's .xap file as Silverlight package input type. If not already done by Dotfuscator, include the yFiles for Silverlight assemblies in the package assembly list. Also include all your application's DLLs that depend on the yFiles for Silverlight assemblies in the package assembly list.

In order that the obfuscation attribute annotations used in the yFiles for Silverlight assemblies (see Example A.2, “Obfuscation attribute annotation”) are honored by Dotfuscator, the "Declarative Obfuscation" must be enabled for all input assemblies (this is equivalent to using the honorOAs option in a configuration file, for example). Optionally, you can specify that the declarative obfuscation attributes shall be stripped (this is equivalent to using the stripOA option).

  1. Enable "Honor Obfuscation Attributes" for all yFiles for Silverlight assemblies.
  2. Optionally, also enable "Strip Obfuscation Attributes."

Specify further settings:

  1. Important: Disable "Library Mode" in order to instruct Dotfuscator to obfuscate the public and protected members of the yFiles for Silverlight DLLs.

  2. Exclude any non-yFiles for Silverlight DLLs of your application that you do not want the method, type, and field names changed from renaming by Dotfuscator. Only the calls to yFiles for Silverlight API will be adjusted in these assemblies then.

    Important: The yFiles for Silverlight DLLs must not be excluded in this step.

Start the obfuscation process.

Note

During the obfuscation process, Dotfuscator may emit a warning that the yFiles for Silverlight DLLs "appear to be already obfuscated." This warning is perfectly alright, it refers to the private and internal parts of the API that are already name-obfuscated as a factory default. See also the section called “Obfuscation Requirements”.

Lastly, when using Dotfuscator CE, create a new .xap file with the obfuscated DLLs in it:

  1. Dotfuscator CE Create a new .xap file by replacing each original assembly with the respective obfuscated version thereof.

Dotfuscator Configuration File

A configuration file similar to the following one is generated by Dotfuscator Professional Edition (version 4.9.7000 or higher) when obfuscating a yFiles for Silverlight-based application as described above:

Example A.3. Generated configuration file (Dotfuscator Professional Edition)

<?xml version="1.0" encoding="utf-8" standalone="no"?>
<!DOCTYPE dotfuscator
  SYSTEM "http://www.preemptive.com/dotfuscator/dtd/dotfuscator_v2.3.dtd">

<dotfuscator version="2.3">
  <!--This is application generated code. Do not edit manually.-->
  <input>
    <loadpaths />
    <asmlist>
      <!-- Note that the value of refID is application-specific. -->
      <package refid="01234567-cafe-abcd-babe-abcdef012345">
        <file dir="C:\path\to\my\My.Hello.World.Application"
              name="My.Hello.World.Application.xap" />
        <asmlist>
          <!-- Note that the value of refID is application-specific. -->
          <inputassembly refid="cafe9876-0123-4567-babe-9876543210fe">
            <option>honoroas</option>
            <option>stripoa</option>
            <option>library</option>
            <file dir="" name="My.Hello.World.Application.dll" />
          </inputassembly>
          <inputassembly refid="74bb0f4e-a48a-4d6a-a667-f6f55eb693b1">
            <option>honoroas</option>
            <option>stripoa</option>
            <option>library</option>
            <file dir="" name="Demo.yFiles.SilverlightToolkit.dll" />
          </inputassembly>
          <inputassembly refid="8d12a26b-d472-4557-9769-bf277d634701">
            <option>honoroas</option>
            <option>stripoa</option>
            <option>transformxaml</option>
            <file dir="" name="yWorks.yFilesSilverlight.Adapter.dll" />
          </inputassembly>
          <inputassembly refid="f38b96be-635a-4658-b11c-744dda59dda4">
            <option>honoroas</option>
            <option>stripoa</option>
            <option>transformxaml</option>
            <file dir="" name="yWorks.yFilesSilverlight.Algorithms.dll" />
          </inputassembly>
          <inputassembly refid="dfe50bd7-5da1-453f-9f76-952084c84f22">
            <option>honoroas</option>
            <option>stripoa</option>
            <option>transformxaml</option>
            <file dir="" name="yWorks.yFilesSilverlight.Viewer.dll" />
          </inputassembly>
        </asmlist>
      </package>
    </asmlist>
  </input>
  <output>
    <file dir="${configdir}\Dotfuscated" />
  </output>
  <renaming>
    <option>xmlserialization</option>
    <mapping>
      <mapoutput overwrite="false">
        <file dir="${configdir}\Dotfuscated" name="Map.xml" />
      </mapoutput>
    </mapping>
    <referencerulelist>
      <referencerule rulekey="{6655B10A-FD58-462d-8D4F-5B1316DFF0FF}" />
      <referencerule rulekey="{229FD6F8-5BCC-427b-8F72-A7A413ECDF1A}" />
      <referencerule rulekey="{2B7E7C8C-A39A-4db8-9DFC-6AFD38509061}" />
      <referencerule rulekey="{7D9C8B02-2383-420f-8740-A9760394C2C1}" />
      <referencerule rulekey="{89769974-93E9-4e71-8D92-BE70E855ACFC}" />
      <referencerule rulekey="{494EA3BA-B947-44B5-BEE8-A11CC85AAF9B}" />
    </referencerulelist>
  </renaming>
  <controlflow level="high" />
  <sos mergeruntime="true">
    <option>dontsendtamper</option>
  </sos>
  <smartobfuscation>
    <smartobfuscationreport verbosity="all" overwrite="false" />
  </smartobfuscation>
</dotfuscator>