Butter Knife is an annotation processing library that helps streamline boilerplate Java code in Android views. At compile time, Butter Knife annotations are processed to generate the relevant UI code to make views function properly.

When obfuscating applications that use Butter Knife, there are specific configuration patterns you should follow. The code that connects generated classes to their views uses runtime reflection under the hood. Because of this, the original name of the View is required.

When configuring DashO we need to:

Entity Framework is an object-relational mapping (ORM) framework used in Xamarin, WPF, ASP.NET and many other types of .NET applications. It greatly simplifies the code that a developer typically needs to write for database access and querying.

Entity Framework pairs the names of database tables to the names of model types in source code that are used to generate the tables. These names must stay consistent for the application to function properly. This means that when performing renaming obfuscation on these sections of code, we must exclude the model types from renaming.

DashO has support for protecting applications that use Spring Framework Core. Spring can be configured either by custom annotations or XML configuration files, and DashO has support for both. However, applications that use custom annotations require additional handling.

Model–View–ViewModel (MVVM) is a common pattern used in WPF, Xamarin, and other types of .NET applications. There are different ways to apply the MVVM pattern, but they all share a few underlying concepts. I’d like to discuss these concepts, and how to successfully configure protection with Dotfuscator for MVVM-based apps.

JSON is a widely used format for sharing objects and data within an application. To protect .NET applications that serialize and deserialize JSON objects, you should be aware of some special considerations.

Consider a basic Employee class:

With our recent DashO releases, we’ve been working to make our Android support even easier to use. A great example of this is our evolved support for Crashlytics, which is an analytics framework that can provide detailed reports on application crashes from the field.

When applications have been obfuscated, the stack traces will contain obfuscated class and method names. To prevent this from complicating debugging, Crashlytics provides a utility to automatically deobfuscate stack traces, so that the reporting server shows the original class and method names. It does so by reading the map file, which is a file created by the obfuscation tool to pair the obfuscated class and method names with the original names. Crashlytics expects this map file to be in a ProGuard-compatible format, which differs from the DashO map file format.

If you were using Crashlytics with a version of DashO prior to our 8.5, this would likely have caused issues. You might have experienced an error during the Gradle build, from the Crashlytics plugin:

Welcome to the Support Corner, where we’ll occasionally talk about topics that we’re seeing while working with our customers. If you’d like to see more like this, please click the Support Corner Category.

In addition to Renaming and Control Flow, String Encryption is an obfuscation transform that can help protect your application. When customers enable String Encryption in Dotfuscator, they are often surprised to see that string constant definitions are still visible in decompiled code. Customers often contact us asking how to encrypt those string constants.

However, those string constants don’t need to be encrypted; they need to be removed entirely. Dotfuscator’s String Encryption feature takes the strings that have been inlined by the .NET compiler and encrypts them. That leaves the constant definitions behind, unused – and they can be removed.

Welcome to the Support Corner, where we’ll occasionally talk about topics that we’re seeing while working with our customers. If you’d like to see more like this, please click the Support Corner Category.

Recently, we’ve worked with a handful of customers who are using the Spring Boot framework. Spring Boot provides a simple way to create Spring-based applications. This blog explains how to protect jars created with the framework.

Spring Boot jars use an embedded class file structure which DashO does not directly recognize. DashO processes the regular class and package hierarchy. However, it does not embed the class files from the BOOT-INF/classes directory when writing the obfuscated jar.