4.10. Resource Encryption
4.10.1. Introduction
Resource encryption feature allows to encrypt and optionally compress the embedded resources of an assembly.
4.10.2. Instructions
To enable resource encryption, you should apply an attribute to your assembly. In order to do that, you can use the instructions below.
Instructions on enabling resource encryption
-
Open obfuscatable project inside the IDE
-
Add new source file to the project and call it
ObfuscationSettings.cs(for C#) orObfuscationSettings.vb(for Visual Basic .NET). You may prefer to use another name instead ofObfuscationSettings.csorObfuscationSettings.vb -
Fill
ObfuscationSettings.cswith the following content (C#):using System;
using System.Reflection;
[assembly: Obfuscation(Feature = "encrypt resources", Exclude = false)]For Visual Basic .NET, fill
ObfuscationSettings.vbwith the following content:Imports System
Imports System.Reflection
<Assembly: Obfuscation(Feature:="encrypt resources", Exclude:=False)>
If you want to encrypt resources stored in satellite assemblies, use the following directive from the assemblies embedding feature:
[assembly: Obfuscation(Feature = "embed satellites", Exclude = false)]
Assembly resources are not compressed by default. If you want to achieve smaller size of an output assembly then you may consider to turn on the resource compression. The [compress] flag turns on the compression when specified as shown in the sample below.
Example 4.32. Encrypt and compress all resources
using System;
using System.Reflection;
[assembly: Obfuscation(Feature = "encrypt resources [compress]", Exclude = false)]
Sometimes it may be beneficial to encrypt just some resources while leaving the others intact. The Exclude attribute property set to true can be used in order to do that, as shown in the sample below.
Example 4.33. Encrypt all resources except .png files
using System;
using System.Reflection;
[assembly: Obfuscation(Feature = "encrypt resources", Exclude = false)]
[assembly: Obfuscation(Feature = "encrypt resources *.png", Exclude = true)]
It may be profitable to go other way around by explicitly specifying just those resources that should be encrypted. This technique is shown in the sample below.
Example 4.34. Encrypt secret.txt and all .sql resources; the others are left intact
using System;
using System.Reflection;
[assembly: Obfuscation(Feature = "encrypt resources secret.txt", Exclude = false)]
[assembly: Obfuscation(Feature = "encrypt resources *.sql", Exclude = false)]
Notice how both examples use the concept of a glob mask to target multiple resources at once.
The given options can be combined in a free way giving you the power to choose the best combination for performance, security and possibly obscurity to mislead the hacker.
If you are not sure which combination to choose then just go with a simplest one: encrypt all resources.
If you know what you are doing then you can end up with something like that:
Example 4.35. Advanced resource encryption configuration
using System;
using System.Reflection;
[assembly: Obfuscation(Feature = "encrypt resources", Exclude = false)]
[assembly: Obfuscation(Feature = "encrypt resources License.txt", Exclude = true)]
[assembly: Obfuscation(Feature = "encrypt resources CommandLineOptions.txt", Exclude = true)]
[assembly: Obfuscation(Feature = "encrypt resources [compress] *.dat", Exclude = false)]
[assembly: Obfuscation(Feature = "encrypt resources [compress] *.sql", Exclude = false)]