5.9. Deterministic Obfuscation

Deterministic obfuscation allows to produce an assembly whose byte-for-byte output is identical across obfuscations for identical inputs.

By default, obfuscator output from a given set of inputs is unique, since the obfuscator uses randomly generated cryptographic material for every obfuscation. You can use deterministic obfuscation directive or command-line parameter to produce a deterministic assembly, one whose binary content is identical across obfuscations as long as the input remains the same. In such an obfuscation, the cryptographic material is derived from a hash of all obfuscation inputs. The obfuscator considers the following inputs that affect determinism:

• The precise version of the obfuscator used
• The binary contents of the assembly files explicitly passed to the obfuscator as inputs
• The obfuscator license key

Instructions on enabling deterministic obfuscation

1. Open obfuscatable project inside the IDE

2. Add new source file to the project and call it ObfuscationSettings.cs (for C#) or ObfuscationSettings.vb (for Visual Basic .NET). You may prefer to use another name instead of ObfuscationSettings.cs or ObfuscationSettings.vb

3. Fill ObfuscationSettings.cs with the following content (C#):

   using System;
   using System.Reflection;
   
   [assembly: Obfuscation(Feature = "deterministic", Exclude = false)]

   For Visual Basic .NET, fill ObfuscationSettings.vb with the following content:

   Imports System
   Imports System.Reflection
   
   <Assembly: Obfuscation(Feature:="deterministic", Exclude:=False)>

Alternatively, deterministic obfuscation can be enabled by specifying --deterministic option in the command-line interface of Eazfuscator.NET or by setting EAZFUSCATOR_NET_DETERMINISTIC environment variable to 1.

Note

Deterministic obfuscation is only available in the Enterprise edition of Eazfuscator.NET (Site License).