Dotfuscator User's Guide
Tamper Actions

In addition to sending tamper notifications to the managed service, the InsertTamperCheck attribute can be used to inject code that gets executed during the tamper verification.

Application Notification

To accomplish this, the InsertTamperCheck attribute is used to specify an ApplicationNotificationSink, which Dotfuscator uses to generate code that communicates the results of the tamper check back to the application. The ApplicationNotificationSink may be a writeable boolean valued property or field, or it may be a method or delegate with the signature void(bool). After a tamper check, the generated code sets the boolean value to true if the application has been tampered with; false if not. The application is free to react in any way in response to a tamper notification.

The InsertTamperCheck attribute defines three properties for specifying an ApplicationNotificationSink:

These properties are described in detail in the InsertTamperCheckAttribute section of the custom attribute reference.

The application notification sink settings are optional. If they are omitted, the application is not notified when the tamper check is executed.

If the ApplicationNotificationSinkElement is set to DefaultAction, Dotfuscator injects code that exits the application if tampering is detected.

Sample InsertTamperCheck attribute usage with ApplicationNotificationSink as an instance field defined in the same class as the attributed method:

InsertTamperCheck Attribute Usage with ApplicationNotificationSink
Copy Code
class TamperSample {
   bool instanceTamperFlag;
  
   [PreEmptive.Attributes.InsertTamperCheck(
      ApplicationNotificationSinkElement = SinkElements.Field,
      ApplicationNotificationSinkName = "instanceTamperFlag"
   )]
   private void Verify() {
     // Dotfuscator will add Tamper detection and notification code here
   }
   private CheckTamperState() {
      if ( instanceTamperFlag ) {
         // app has been tampered with
      }
      else {
         // app has not been tampered with
      }
   }
}

 

 


© 2016 PreEmptive Solutions, LLC. All Rights Reserved.

www.preemptive.com