Smart Obfuscation
Smart Obfuscation is an ongoing effort to identify and apply obfuscation rules automatically for known API usage patterns and application types.
Smart Obfuscation Rules are a lot like Built-in Renaming Exclusion Rules, but for situations that cannot be described by simple regular expressions.
The simplest example of this is the exclusion of enum
members when Dotfuscator sees ToString()
being called on one of them.
If the user is calling ToString()
on the enum
member, then they probably want it to have the original name.
There is no possible way to describe this situation using the Custom Rule Exclusion mechanism.
The current implementation recognizes applications and libraries that use some common technologies and patterns, such as:
- Windows Presentation Foundation (WPF) (disabled if Transform XAML is enabled for the assembly)
- Windows Communication Foundation (WCF)
- Windows Workflow
- Windows Cardspace
- Data-bound Windows Forms controls
- Enumerated type values used as strings
- Late calls in VB applications
- Custom Serialization
- Web Services
- ...and so on
For these application types, Dotfuscator’s Renaming and Removal features can make a best effort to identify cases where renaming or removing elements will break the output application. It then automatically prevents renaming or removal without additional user configuration.
The Smart Obfuscation rules use static analysis to determine what elements should be excluded from renaming or used as removal entry points. When such an item is discovered, the rule issues a notification that displays in the Smart Obfuscation tab. Sometimes a rule can recognize that an action needs to be taken, but cannot determine what specific action to take because static analysis does not yield enough information. When this happens, the rule issues a warning that displays in the Smart Obfuscation tab.
There are many, many possible warnings. Here is just one example of such a warning:
FrameworkElementRule flagged something in Method Namespace.ContextMenu::void OnApplyTemplate() for the following reasons: Examine possible name arguments to System.Windows.FrameworkElement::FindName and manually exclude the referenced elements.
The user should simply follow the instructions: Find the ContextMenu
class and look at the OnApplyTemplate()
method. Find all places in that method that call FindName(string)
, and figure out if that string represents a Property from the input that needs to be manually excluded.
Dotfuscator allows you to turn Smart Obfuscation off. Smart Obfuscation is turned on by default, and in most cases should be left on. It can be turned off in cases where the user believes that more aggressive obfuscation will not hurt the application. There are several ways to turn it off:
- Changing the
<option>
setting in the<smartobfuscation>
section todisable
. - From the Settings Tab in the Config Editor.
Dotfuscator allows you to control the verbosity of Smart Obfuscation reporting. You can choose to report all actions and warnings, warnings only, or suppress reporting altogether. There are several ways to set the reporting level:
- Setting the verbosity attribute on the
<smartobfuscationreport>
element in the config file. - From the Settings Tab in the Config Editor.
Dotfuscator allows you to save the Smart Obfuscation report to a file in addition to displaying it. You may instruct Dotfuscator to save the report to a file by specifying a file path in any of the following places:
- A file element within the
<smartobfuscationreport>
element in the config file. - From the Settings Tab in the Config Editor.
Dotfuscator automatically renames an existing Smart Obfuscation report with the same name before overwriting it with a new version. If you do not want this behavior, there are several ways to instruct Dotfuscator not to rename existing removal reports before overwriting:
- Setting the overwrite attribute on the
<smartobfuscationreport>
element in the config file to true. - From the Settings Tab in the Config Editor.
Smart Obfuscation Report
Dotfuscator generates a Smart Obfuscation report in XML format that lists all items flagged by the Smart Obfuscation process. Keep in mind that the contents of the report reflect the Smart Obfuscation reporting verbosity setting - if the verbosity is set to Warnings Only or None, items flagged by Smart Obfuscation may be omitted from the report. Each entry represents one item that was flagged by Smart Obfuscation, and has a description of what the item was and why it was excluded, along with an attribute indicating whether the flag action was a warning or a notification.
The elements of the Smart Obfuscation report are similar to those in the map file and removal report. A few things are noteworthy:
- The report includes the name of the rule that flagged the item, the identity of the item, the action taken, and the reason for that action.
- The identity of the flagged item is specified by the type of item (type, method, field, property, etc.) and its full signature.
- In type names, nested class names are separated from the parent using the
/
character. - Constructors are named
.ctor
, while static constructors (a.k.a. static initializers, class constructors, etc) are named.cctor
.