Obfuscating And Code-Protecting Silverlight Assemblies Effectively

Introduction

Silverlight projects are deployed as XAP files which are just normal zip archive files with an extension of .xap instead of .zip. As such, their contents can be easily extracted and the .Net assemblies contained therein easily viewed in tools like .Net Reflector. Therefore, just like for any other type of .Net assembly, it is necessary to obfuscate the .Net assemblies within XAP files before they are deployed. This article discusses the best way to obfuscate Silverlight projects and assemblies using Crypto Obfuscator, so as to have maximum code-protection and obfuscation.

Obfuscating Silverlight Assemblies As Part Of the Visual Studio Build Process

The stone-age way to perform obfuscation is to extract the assemblies from xap file after it is output by Visual Studio, obfuscate them, and then replace the original unobfuscated assemblies in the XAP file with the new obfuscated assemblies. However, Crypto Obfuscator provides a better and hassle-free way to achieve this by integrating the obfuscation step directly in the Visual Studio build process, so that the compiled .Net assemblies are obfuscated immediately after they are output by Visual Studio, but before they are packaged in the XAP file. By inserting itself in the build pipeline, the XAP file contains the final obfuscated .Net assemblies.

To enable this integration. simply run the Visual Studio Project Integration Wizard (XAP Projects) from Crypto Obfuscator.

Support For Obfuscating XAML Files

Silverlight uses XAML files in many places, and it is desirable to obfuscate the textual references to classes/methods found in these XAML files. Crypto Obfuscator supports this - whenever any class or method/property/event is renamed by its Symbol Renaming feature, the corresponding textual references in all the XAML files are also renamed to keep them in sync.

Ensuring Maximum Obfuscation For Silverlight Assemblies

When obfuscating Silverlight assemblies, it may be desirable to use the 'Non-Public Only' symbol renaming scheme, since renaming all (public as well as non-public) classes/methods/properties/events may cause the obfuscated assembly to fail to run correctly. To ensure that the maximum number of classes and members are renamed, declare as many of them as possible, private/internal, especially if they are not referenced from XAML files. This ensures that they will be renamed when using the 'Non-Public Only' renaming scheme.

Desired Obfuscation And Code-Protection Techniques For Silverlight Assemblies

When obfuscating Silverlight assemblies, it is desirable to include a wide variety of settings and protections to ensure the maximum obfuscation for your Silverlight assemblies. Crypto Obfuscator supports a variety of such protections including Symbol Renaming, String Encryption, Constant Encryption, Const Removal, Control Flow Obfuscation, and more. All these combined work in tandem to ensure the best protection and obfuscation for your Silverlight assemblies.

Silverlight Version Support

Crypto Obfuscator supports all versions of Silverlight right from Silverlight 2.0 to the latest Silverlight 5.0.

Download  or  Buy Now Have a question? Contact us.