PreEmptive Protection - Dotfuscator 4.31
User Guide

Check Attributes

When processing an input assembly, Dotfuscator recognizes a number of attributes that dictate how it should inject Checks into the assembly. By using these attributes on your source code, you can configure Dotfuscator's Checks inline with your application code. This page details these attributes.

Note that you can also configure Checks using the Dotfuscator user interface. For information on when you might want to configure via the user interface and when you might want to use attributes, see the When to Use Attributes section of the Attributes Overview page.

Important: Injection in general is controlled by the Enable Injection global option. If this option is disabled, no code will be injected despite any attributes.

Referencing the Attributes

Dotfuscator ships with a reference assembly that defines the Check Attributes. The assembly is named PreEmptive.Attributes.dll and is located in the same directory where Dotfuscator is installed.

The easiest way to find the path to this assembly is to:

  1. Open a Dotfuscator command prompt.

  2. Run the command where PreEmptive.Attributes.dll and copy the result.

You can then add a reference to this assembly to your project. Note that the assembly has no dependencies besides the framework itself, so it can be copied to a different location if desired.

Attribute Listing

This section lists the attributes that Dotfuscator recognizes to configure its Check injection.

TamperCheckAttribute

Instructs Dotfuscator to inject a Tamper Check with the annotated method as its sole location.

In prior versions of Dotfuscator, this attribute was known as InsertTamperCheckAttribute. That attribute is now deprecated; we recommend using TamperCheckAttribute.

Namespace: PreEmptive.Attributes

Applies to: Method

Multiple allowed on one code element: No

Requirements:

Properties:

  • Action: The Check Action the Check will take if it detects a tampered application.

  • ActionProbability: Specifies the probability that the Check Action will occur when tampering is detected, expressed as a range between 0.00 and 1.00.

    • Defaults to 1.00 (Check Action always occurs when tampering is detected).
  • ApplicationNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application of the Check's result. This code element is known as an Application Notification Sink.

    • Defaults to None, which means the application is not notified of the Check's result.

    • If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature void(bool).

    • If Field or Property, the Check sets a bool field or property.

    • DefaultAction is deprecated. Please set Action to Exit for the same behavior.

  • ApplicationNotificationSinkName: Specifies the name of the Application notification sink.

    • Required unless ApplicationNotificationSinkElement is a None or DefaultAction.
  • ApplicationNotificationSinkOwner: Specifies the name of the type that declares the Application notification sink.

    • Defaults to the type that defines the annotated method.
  • ExtendedKeyMethodArguments: Specifies which (if any) arguments of the annotated method should be sent as user-defined data with Tamper Check telemetry.

  • ExtendedKeySourceElement: Specifies the kind of code element that contains the user-defined data to be sent with Tamper Check telemetry. This code element is known as an Extended Key Source.

    • Defaults to None, which means Check Telemetry will only send user-defined data specified by ExtendedKeyMethodArguments.

    • If MethodArgument, Field, or Property, the Check uses data stored in a IDictionary<string, string> method argument, field, or property (use of the non-generic IDictionary is also permitted).

    • If Method, the Check calls and uses the return value of a method with the signature IDictionary<string, string>() (use of the non-generic IDictionary() signature is also permitted).

    • DefaultAction is deprecated. Please use None for the same behavior.

  • ExtendedKeySourceName: Specifies the name of the Extended Key Source.

    • Required unless ExtendedKeySourceElement is a None or DefaultAction.
  • ExtendedKeySourceOwner: Specifies the name of the type that declares the Extended Key Source.

    • Defaults to the type that defines the annotated method.

DebuggingCheckAttribute

Instructs Dotfuscator to inject a Debugging Check with the annotated method as its sole location.

Namespace: PreEmptive.Attributes

Applies to: Method

Multiple allowed on one code element: No

Requirements:

Properties:

  • Action: The Check Action the Check will take if it detects a debugger attached to the application.

  • ActionProbability: Specifies the probability that the Check Action will occur when a debugger is detected, expressed as a range between 0.00 and 1.00.

    • Defaults to 1.00 (Check Action always occurs when debugging is detected).
  • ApplicationNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application of the Check's result. This code element is known as an Application Notification Sink.

    • Defaults to None, which means the application is not notified of the Check's result.

    • If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature void(bool).

    • If Field or Property, the Check sets a bool field or property.

    • DefaultAction is not supported. Dotfuscator will error if this setting is used.

  • ApplicationNotificationSinkName: Specifies the name of the Application Notification Sink.

    • Required unless ApplicationNotificationSinkElement is a None or DefaultAction.
  • ApplicationNotificationSinkOwner: Specifies the name of the type that declares the Application Notification Sink.

    • Defaults to the type that defines the annotated method.
  • ExtendedKeyMethodArguments: Specifies which (if any) arguments of the annotated method should be sent as user-defined data with Debugging Check telemetry.

  • ExtendedKeySourceElement: Specifies the kind of code element that contains the user-defined data to be sent with Debugging Check telemetry. This code element is known as an Extended Key Source.

    • Defaults to None, which means Check Telemetry will only send user-defined data specified by ExtendedKeyMethodArguments.

    • If MethodArgument, Field, or Property, the Check uses data stored in a IDictionary<string, string> method argument, field, or property (use of the non-generic IDictionary is also permitted).

    • If Method, the Check calls and uses the return value of a method with the signature IDictionary<string, string>() (use of the non-generic IDictionary() signature is also permitted).

    • DefaultAction is deprecated. Please use None for the same behavior.

  • ExtendedKeySourceName: Specifies the name of the Extended Key Source.

    • Required unless ExtendedKeySourceElement is a None or DefaultAction.
  • ExtendedKeySourceOwner: Specifies the name of the type that declares the Extended Key Source.

    • Defaults to the type that defines the annotated method.

ShelfLifeCheckAttribute

Instructs Dotfuscator to inject a Shelf Life Check with the annotated method as its sole location.

A Shelf Life Activation Key is required to use this attribute.

In prior versions of Dotfuscator, this attribute was known as InsertShelfLifeAttribute. That attribute is now deprecated; we recommend using ShelfLifeCheckAttribute.

Namespace: PreEmptive.Attributes

Applies to: Method

Multiple allowed on one code element: No

Requirements:

Properties:

  • ActivationKeyFile: The path to a valid Shelf Life Activation Key file at build time.

    • Always required.

    • The file is not needed after Dotfuscator processes the assembly.

  • ExpirationDate: The expiration date of the application, expressed either as an absolute date (YYYY-MM-DD) or as the number of days beyond the date of Dotfuscator's processing.

  • Required if ShelfLifeTokenSource is None (which it is by default).
  • ExpirationNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application either whether the application is expired or of the warning and expiration dates. This code element is known as an Expiration Notification Sink.

    • Defaults to None, which means the application is not notified through the Expiration Notification sink.

    • To report whether the application has expired:

      • If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature void(bool).

      • If Field or Property, the Check sets a bool field or property.

    • To report the Shelf Life warning and expiration dates:

      • If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature void(string, string).

      • Field and Property are not supported in this mode.

    • If DefaultAction, the Check exits the application if the application is expired.

  • ExpirationNotificationSinkName: Specifies the name of the Expiration Notification Sink.

    • Required unless ExpirationNotificationSinkElement is a None or DefaultAction.
  • ExpirationNotificationSinkOwner: Specifies the name of the type that declares the Expiration Notification Sink.

    • Defaults to the type that defines the annotated method.
  • WarningDate: The warning date of the application, expressed either as an absolute date (YYYY-MM-DD) or as the number of days beyond the date of Dotfuscator's processing.

    • Defaults to no warning date.

    • If specified, it must be before the ExpirationDate.

  • WarningNotificationSinkElement: Specifies the kind of code element that the Check will use to inform the application either whether the application is in the warning period or of the warning and expiration dates. This code element is known as an Warning Notification Sink.

    • Defaults to None, which means the application is not notified through the Warning Notification sink.

    • To report whether the application is in the warning period:

      • If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature void(bool).

      • If Field or Property, the Check sets a bool field or property.

    • To report the Shelf Life warning and expiration dates:

      • If Method, MethodArgument, or Delegate, the Check calls a method, delegate method argument, or delegate field with the signature void(string, string).

      • Field and Property are not supported in this mode.

    • DefaultAction is deprecated. Please use None for the same behavior.

  • WarningNotificationSinkName: Specifies the name of the Warning Notification Sink.

    • Required unless WarningNotificationSinkElement is a None or DefaultAction.
  • WarningNotificationSinkOwner: Specifies the name of the type that declares the Warning Notification Sink.

    • Defaults to the type that defines the annotated method.
  • PrivateKeyFile: The path to a private key files (in the PKCS #12 format) at build time.

  • PrivateKeyFilePassword: The password to the private key file.

    • Defaults to no password.

    • Only used if PrivateKeyFile is specified.

  • ShelfLifeTokenSourceElement: Specifies the kind of code element that contains an externally-stored Shelf Life Token. This code element is known as a Shelf Life Token Source.

    • Defaults to None, which means Dotfuscator will automatically embed a Shelf Life Token with the Check, based on the ExpirationDate, WarningDate, PrivateKeyFile, and PrivateKeyFilePassword properties.

    • If MethodArgument, Field, or Property, the Check uses a Shelf Life Token provided in a string method argument, field, or property.

    • If Method, the Check uses a Shelf Life Token returned by a method with the signature string().

    • DefaultAction is not supported.

  • ShelfLifeTokenSourceName: Specifies the name of the Shelf Life Token Source.

    • Required unless ShelfLifeTokenSourceElement is a None or DefaultAction.
  • ShelfLifeTokenSourceOwner: Specifies the name of the type that declares the Shelf Life Token Source.

    • Defaults to the type that defines the annotated method.
  • ExtendedKeyMethodArguments: Specifies which (if any) arguments of the annotated method should be sent as user-defined data with Shelf Life Check telemetry.

  • ExtendedKeySourceElement: Specifies the kind of code element that contains the user-defined data to be sent with Shelf Life Check telemetry. This code element is known as an Extended Key Source.

    • Defaults to None, which means Check Telemetry will only send user-defined data specified by ExtendedKeyMethodArguments.

    • If MethodArgument, Field, or Property, the Check uses data stored in a IDictionary<string, string> method argument, field, or property (use of the non-generic IDictionary is also permitted).

    • If Method, the Check calls and uses the return value of a method with the signature IDictionary<string, string>() (use of the non-generic IDictionary() signature is also permitted).

    • DefaultAction is deprecated. Please use None for the same behavior.

  • ExtendedKeySourceName: Specifies the name of the Extended Key Source.

    • Required unless ExtendedKeySourceElement is a None or DefaultAction.
  • ExtendedKeySourceOwner: Specifies the name of the type that declares the Extended Key Source.

    • Defaults to the type that defines the annotated method.

Dotfuscator Version 4.31.0.6091. Copyright © 2017 PreEmptive Solutions, LLC