Check Attributes Reference
For a complete guide to Check Attributes see the Attributes page. To learn more about Checks see the Understanding Checks page. Alternatively, Checks can be configured separately from your source code using the Checks Tab in the Config Editor.
Important: Injection in general is controlled by the Enable Injection option. If this option is disabled, no code will be injected despite any attributes.
Referencing the Attributes
Dotfuscator ships with a reference assembly that defines the Check Attributes.
The assembly is named PreEmptive.Attributes.dll
and is located in the same directory where Dotfuscator is installed.
The easiest way to find the path to this assembly is to:
Open a command prompt.
Run the command
where PreEmptive.Attributes.dll
and copy the result.
Note: Dotfuscator's installer automatically adds Dotfuscator to the PATH.
You can then add a reference to this assembly to your project. Note that the assembly has no dependencies besides the framework itself, so it can be copied to a different location if desired.
Attribute Listing
This section lists the attributes that Dotfuscator recognizes to configure its Check injection.
TamperCheckAttribute
Instructs Dotfuscator to inject a Tamper Check with the annotated method as its sole location.
In prior versions of Dotfuscator, this attribute was known as InsertTamperCheckAttribute
.
That attribute is now deprecated; we recommend using TamperCheckAttribute
.
Namespace: PreEmptive.Attributes
Applies to: Method
Multiple allowed on one code element: No
Requirements:
For Dotfuscator to recognize uses of this attribute and inject a Tamper Check, all of the following must be true:
The Enable Injection option must be enabled; and,
The Honor Injection Attributes input option for the input assembly that contains this attribute must be enabled, which it is by default.
For the injected Tamper Check to send telemetry, all of the following must be true:
When Dotfuscator builds the config, the Send Tamper Check Messages option must be enabled; and,
At runtime, when the Check runs, instrumentation must be set up (via a call to some other method annotated with
SetupAttribute
).
For Dotfuscator to remove uses of this attribute from the protected assembly, the Strip Injection Attributes input option for the input assembly that contains this attribute must be enabled, which it is by default.
Properties:
Action: The Check Action the Check will take if it detects a tampered application.
- Defaults to None.
ActionProbability: Specifies the probability that the Check Action will occur when tampering is detected, expressed as a range between
0.00
and1.00
.- Defaults to
1.00
(Check Action always occurs when tampering is detected).
- Defaults to
ApplicationNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application of the Check's result. This code element is known as an Application Notification Sink.
Defaults to None, which means the application is not notified of the Check's result.
If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature
void(bool)
.If Field or Property, the Check sets a
bool
field or property.DefaultAction is deprecated. Please set Action to Exit for the same behavior.
ApplicationNotificationSinkName: Specifies the name of the Application notification sink.
- Required unless ApplicationNotificationSinkElement is None or DefaultAction.
ApplicationNotificationSinkOwner: Specifies the name of the type that declares the Application notification sink.
- Defaults to the type that defines the annotated method.
ExtendedKeyMethodArguments: Specifies which (if any) arguments of the annotated method should be sent as user-defined data with Tamper Check telemetry.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.Defaults to sending no arguments.
See Automatically Sending Method Parameters as Extended Keys for more detail on how to configure this property.
ExtendedKeySourceElement: Specifies the kind of code element that contains the user-defined data to be sent with Tamper Check telemetry. This code element is known as an Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.Defaults to None, which means Check Telemetry will only send user-defined data specified by ExtendedKeyMethodArguments.
If MethodArgument, Field, or Property, the Check uses data stored in a
IDictionary<string, string>
method argument, field, or property (use of the non-genericIDictionary
is also permitted).If Method, the Check calls and uses the return value of a method with the signature
IDictionary<string, string>()
(use of the non-genericIDictionary()
signature is also permitted).DefaultAction is deprecated. Please use None for the same behavior.
ExtendedKeySourceName: Specifies the name of the Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.- Required unless ExtendedKeySourceElement is None or DefaultAction.
ExtendedKeySourceOwner: Specifies the name of the type that declares the Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.- Defaults to the type that defines the annotated method.
DebuggingCheckAttribute
Instructs Dotfuscator to inject a Debugging Check with the annotated method as its sole location.
Namespace: PreEmptive.Attributes
Applies to: Method
Multiple allowed on one code element: No
Requirements:
For Dotfuscator to recognize uses of this attribute and inject a Debugging Check, all of the following must be true:
The Enable Injection option must be enabled; and,
The Honor Injection Attributes input option for the input assembly that contains this attribute must be enabled, which it is by default.
For the injected Debugging Check to send telemetry, all of the following must be true:
When Dotfuscator builds the config, the Send Debug Check Messages option must be enabled; and,
At runtime, when the Check runs, instrumentation must be set up (via a call to some other method annotated with
SetupAttribute
).
For Dotfuscator to remove uses of this attribute from the protected assembly, the Strip Injection Attributes input option for the input assembly that contains this attribute must be enabled, which it is by default.
Properties:
Action: The Check Action the Check will take if it detects a debugger attached to the application.
- Defaults to None.
ActionProbability: Specifies the probability that the Check Action will occur when a debugger is detected, expressed as a range between
0.00
and1.00
.- Defaults to
1.00
(Check Action always occurs when debugging is detected).
- Defaults to
ApplicationNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application of the Check's result. This code element is known as an Application Notification Sink.
Defaults to None, which means the application is not notified of the Check's result.
If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature
void(bool)
.If Field or Property, the Check sets a
bool
field or property.DefaultAction is not supported. Dotfuscator will error if this setting is used.
ApplicationNotificationSinkName: Specifies the name of the Application Notification Sink.
- Required unless ApplicationNotificationSinkElement is a None or DefaultAction.
ApplicationNotificationSinkOwner: Specifies the name of the type that declares the Application Notification Sink.
- Defaults to the type that defines the annotated method.
ExtendedKeyMethodArguments: Specifies which (if any) arguments of the annotated method should be sent as user-defined data with Debugging Check telemetry.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.Defaults to sending no arguments.
See Automatically Sending Method Parameters as Extended Keys for more detail on how to configure this property.
ExtendedKeySourceElement: Specifies the kind of code element that contains the user-defined data to be sent with Debugging Check telemetry. This code element is known as an Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.Defaults to None, which means Check Telemetry will only send user-defined data specified by ExtendedKeyMethodArguments.
If MethodArgument, Field, or Property, the Check uses data stored in a
IDictionary<string, string>
method argument, field, or property (use of the non-genericIDictionary
is also permitted).If Method, the Check calls and uses the return value of a method with the signature
IDictionary<string, string>()
(use of the non-genericIDictionary()
signature is also permitted).DefaultAction is deprecated. Please use None for the same behavior.
ExtendedKeySourceName: Specifies the name of the Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.- Required unless ExtendedKeySourceElement is a None or DefaultAction.
ExtendedKeySourceOwner: Specifies the name of the type that declares the Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.- Defaults to the type that defines the annotated method.
ShelfLifeCheckAttribute
Instructs Dotfuscator to inject a Shelf Life Check with the annotated method as its sole location.
A Shelf Life Activation Key is required to use this attribute.
In prior versions of Dotfuscator, this attribute was known as InsertShelfLifeAttribute
.
That attribute is now deprecated; we recommend using ShelfLifeCheckAttribute
.
Namespace: PreEmptive.Attributes
Applies to: Method
Multiple allowed on one code element: No
Requirements:
For Dotfuscator to recognize uses of this attribute and inject a Shelf Life Check, all of the following must be true:
The Enable Injection option must be enabled; and,
The Honor Injection Attributes input option for the input assembly that contains this attribute must be enabled, which it is by default; and,
The attribute's ActivationKeyFile property must refer to a valid Shelf Life Activation Key; and,
Either:
The attribute's ExpirationDate property must be set (to embed the Shelf Life Token with the Check); or,
The attribute's ShelfLifeTokenSource property must be set (to have the Check retrieve the Shelf Life Token at runtime).
For the injected Shelf Life Check to send telemetry, all of the following must be true:
When Dotfuscator builds the config, the Send Shelf Life Messages option must be enabled; and,
At runtime, when the Check runs, instrumentation must be set up (via a call to some other method annotated with
SetupAttribute
).
For Dotfuscator to remove uses of this attribute from the protected assembly, the Strip Injection Attributes input option for the input assembly that contains this attribute must be enabled, which it is by default.
Properties:
ActivationKeyFile: The path to a valid Shelf Life Activation Key file at build time.
Always required.
The file is not needed after Dotfuscator processes the assembly.
ExpirationDate: The expiration date of the application, expressed either as an absolute date (
YYYY-MM-DD
) or as the number of days beyond the date of Dotfuscator's processing.- Required if ShelfLifeTokenSource is None (which it is by default).
ExpirationNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application either whether the application is expired or of the warning and expiration dates. This code element is known as an Expiration Notification Sink.
Defaults to None, which means the application is not notified through the Expiration Notification sink.
To report whether the application has expired:
If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature
void(bool)
.If Field or Property, the Check sets a
bool
field or property.
To report the Shelf Life warning and expiration dates:
If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature
void(string, string)
.Field and Property are not supported in this mode.
If DefaultAction, the Check exits the application if the application is expired.
ExpirationNotificationSinkName: Specifies the name of the Expiration Notification Sink.
- Required unless ExpirationNotificationSinkElement is a None or DefaultAction.
ExpirationNotificationSinkOwner: Specifies the name of the type that declares the Expiration Notification Sink.
- Defaults to the type that defines the annotated method.
WarningDate: The warning date of the application, expressed either as an absolute date (
YYYY-MM-DD
) or as the number of days beyond the date of Dotfuscator's processing.Defaults to no warning date.
If specified, it must be before the ExpirationDate.
WarningNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application either whether the application is in the warning period or of the warning and expiration dates. This code element is known as an Warning Notification Sink.
Defaults to None, which means the application is not notified through the Warning Notification sink.
To report whether the application is in the warning period:
If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature
void(bool)
.If Field or Property, the Check sets a
bool
field or property.
To report the Shelf Life warning and expiration dates:
If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature
void(string, string)
.Field and Property are not supported in this mode.
DefaultAction is deprecated. Please use None for the same behavior.
WarningNotificationSinkName: Specifies the name of the Warning Notification Sink.
- Required unless WarningNotificationSinkElement is a None or DefaultAction.
WarningNotificationSinkOwner: Specifies the name of the type that declares the Warning Notification Sink.
- Defaults to the type that defines the annotated method.
PrivateKeyFile: The path to a private key files (in the PKCS #12 format) at build time.
Defaults to not signing the embedded Shelf Life Token.
Only used if ExpirationDate is set (that is, Dotfuscator will embed the Shelf Life Token with the Check). Ignored otherwise. To sign a Shelf Life Token generated manually, use the appropriate field when using the Config Editor to Generate New Shelf Life Token.
PrivateKeyFilePassword: The password to the private key file.
Defaults to no password.
Only used if PrivateKeyFile is specified.
ShelfLifeTokenSourceElement: Specifies the kind of code element that contains an externally-stored Shelf Life Token. This code element is known as a Shelf Life Token Source.
Defaults to None, which means Dotfuscator will automatically embed a Shelf Life Token with the Check, based on the ExpirationDate, WarningDate, PrivateKeyFile, and PrivateKeyFilePassword properties.
If MethodArgument, Field, or Property, the Check uses a Shelf Life Token provided in a
string
method argument, field, or property.If Method, the Check uses a Shelf Life Token returned by a method with the signature
string()
.DefaultAction is not supported.
ShelfLifeTokenSourceName: Specifies the name of the Shelf Life Token Source.
- Required unless ShelfLifeTokenSourceElement is a None or DefaultAction.
ShelfLifeTokenSourceOwner: Specifies the name of the type that declares the Shelf Life Token Source.
- Defaults to the type that defines the annotated method.
ExtendedKeyMethodArguments: Specifies which (if any) arguments of the annotated method should be sent as user-defined data with Shelf Life Check telemetry.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.Defaults to sending no arguments.
See Automatically Sending Method Parameters as Extended Keys for more detail on how to configure this property.
ExtendedKeySourceElement: Specifies the kind of code element that contains the user-defined data to be sent with Shelf Life Check telemetry. This code element is known as an Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.Defaults to None, which means Check Telemetry will only send user-defined data specified by ExtendedKeyMethodArguments.
If MethodArgument, Field, or Property, the Check uses data stored in a
IDictionary<string, string>
method argument, field, or property (use of the non-genericIDictionary
is also permitted).If Method, the Check calls and uses the return value of a method with the signature
IDictionary<string, string>()
(use of the non-genericIDictionary()
signature is also permitted).DefaultAction is deprecated. Please use None for the same behavior.
ExtendedKeySourceName: Specifies the name of the Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.- Required unless ExtendedKeySourceElement is a None or DefaultAction.
ExtendedKeySourceOwner: Specifies the name of the type that declares the Extended Key Source.
Warning: This property is deprecated and will be removed in a future version of Dotfuscator.- Defaults to the type that defines the annotated method.
RootCheckAttribute
Instructs Dotfuscator to inject a Root Check with the annotated method as its sole location.
Namespace: PreEmptive.Attributes
Applies to: Method
Multiple allowed on one code element: No
Requirements:
For Dotfuscator to recognize uses of this attribute and inject a Root Check, all of the following must be true:
The Enable Injection global option must be enabled; and,
The Honor Injection Attributes input option for the input assembly that contains this attribute must be enabled, which it is by default.
For Dotfuscator to remove uses of this attribute from the protected assembly, the Strip Injection Attributes input option for the input assembly that contains this attribute must be enabled, which it is by default.
Properties:
Action: The Check Action the Check will take if it detects the application is running on a rooted Android device.
- Defaults to None.
ActionProbability: Specifies the probability that the Check Action will occur when root is detected, expressed as a range between
0.00
and1.00
.- Defaults to
1.00
(Check Action always occurs when root is detected).
- Defaults to
ApplicationNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application of the Check's result. This code element is known as an Application Notification Sink.
Defaults to None, which means the application is not notified of the Check's result.
If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature
void(bool)
.If Field or Property, the Check sets a
bool
field or property.DefaultAction is not supported. Dotfuscator will error if this setting is used.
ApplicationNotificationSinkName: Specifies the name of the Application Notification Sink.
- Required unless ApplicationNotificationSinkElement is None or DefaultAction.
ApplicationNotificationSinkOwner: Specifies the name of the type that declares the Application Notification Sink.
- Defaults to the type that defines the annotated method.