Resource encryption feature allows to encrypt and optionally compress the embedded resources of an assembly.
Instructions on enabling resource encryption
- Open obfuscatable project inside the IDE
-
Add new source file to the project and
call it
ObfuscationSettings.cs(for C#) orObfuscationSettings.vb(for Visual Basic .NET). You may prefer to use another name instead ofObfuscationSettings.csorObfuscationSettings.vb Fill
ObfuscationSettings.cswith the following content (C#):using System; using System.Reflection; [assembly: Obfuscation(Feature = "encrypt resources", Exclude = false)]
For Visual Basic .NET, fill
ObfuscationSettings.vbwith the following content:Imports System Imports System.Reflection <Assembly: Obfuscation(Feature:="encrypt resources", Exclude:=False)>
Assembly resources are not compressed by default.
If you want to achieve smaller size of an output assembly then you may consider
to turn on the resource compression.
The [compress] flag turns on the compression when specified, as shown in the sample below.
Example 4.32. Encrypt and compress all resources
using System; using System.Reflection; [assembly: Obfuscation(Feature = "encrypt resources [compress]", Exclude = false)]
Sometimes it may be beneficial to encrypt just some resources while leaving the others intact.
The [exclude] flag can be used in order to do that, as shown in the sample below.
Example 4.33. Encrypt all resources except .png files
using System; using System.Reflection; [assembly: Obfuscation(Feature = "encrypt resources", Exclude = false)] [assembly: Obfuscation(Feature = "encrypt resources [exclude] *.png", Exclude = false)]
It may be profitable to go other way around by explicitly specifying just those resources that should be encrypted. This technique is shown in the sample below.
Example 4.34. Encrypt secret.txt and all .sql resources; the others are left intact
using System; using System.Reflection; [assembly: Obfuscation(Feature = "encrypt resources secret.txt", Exclude = false)] [assembly: Obfuscation(Feature = "encrypt resources *.sql", Exclude = false)]
The given options can be combined in a free way giving you the power to choose the best combination for performance, security and possibly obscurity to mislead the hacker.
If you are not sure which combination to choose then just go with a simplest one: encrypt all resources.
If you know what you are doing then you can end up with something like that:
Example 4.35. Advanced resource encryption configuration
using System; using System.Reflection; [assembly: Obfuscation(Feature = "encrypt resources", Exclude = false)] [assembly: Obfuscation(Feature = "encrypt resources [exclude] License.txt", Exclude = false)] [assembly: Obfuscation(Feature = "encrypt resources [exclude] CommandLineOptions.txt", Exclude = false)] [assembly: Obfuscation(Feature = "encrypt resources [compress] *.dat", Exclude = false)] [assembly: Obfuscation(Feature = "encrypt resources [compress] *.sql", Exclude = false)]