Dotfuscator and strong names

[Wacom]

Hi all!

I'm doing some test of obfuscation of assembly marked with the strong
name
(Fw 2.0).

Someone can tell me how does this work?
I mean: if I have an exe and a couple of dll marked w/strong name and I

obfuscate the dll when I run the exe it crashes because cannot load the
dll
cause there are problems with the strong name.

Have I to choose between the strong name and the obfuscation or there
is
something that I'm missing?

Thanks!

 

[Wacom]

Wacom ha scritto:

Hi all!

I'm really sorry for the repost
Excuse me.

 

[SharpCoderMP]

you have to resign your dll's after obfuscation. if you are using
dotfuscator community edition shipped with VS, then you're out of luck.

 

[Fabio Z]

you have to resign your dll's after obfuscation. if you are using
dotfuscator community edition shipped with VS, then you're out of luck.

That's what I thinked
I wonder why the dotfuscator don't warning about this, and I don't know why
the obfuscated assembly seems to be resigned right

Ok... maybe I'll do the trick using ngen in place of the offuscation.

Thanks

 

[John Liu]

Huh?

You can't delaysign the assembly, obfuscate it, and then re-sign it?
I've never tried this, but I'd have thought you should be able to do
this, that's what delay-sign is for...

Even the help "obfuscating, strong-named assemblies" says:

"Strong named assemblies are digitally signed. This allows the runtime
to determine if an assembly has been altered after signing. The
signature is an SHA1 hash signed with the private key of an RSA
public/private key pair. Both the signature and the public key are
embedded in the assembly's metadata.

Since Dotfuscator modifies the assembly, it is essential that signing
occur after running the assembly through Dotfuscator. You should delay
sign the assembly during development and before Dotfuscation, then
complete the signing process afterward. See the .NET Framework
documentation for more details about delay signing assemblies. Remember
to turn off strong name validation while testing your delay signed
assemblies!"

jliu

 

[Fabio Z]

Huh?

You can't delaysign the assembly, obfuscate it, and then re-sign it?
I've never tried this, but I'd have thought you should be able to do
this, that's what delay-sign is for...

mmm... and how can this be done using VS and Dotfuscator comunity ed.?
Dotfuscator.c.e seems that don't support strong name operations.

Thanks

 

[Nicole Calinoiu]

Dotfuscator won't re-sign the assembly for you, but there's nothing stopping
you from using sn.exe to re-sign an assembly after Dotfuscator is done with
it.

 

[Fabio]

Dotfuscator won't re-sign the assembly for you, but there's nothing
stopping you from using sn.exe to re-sign an assembly after Dotfuscator is
done with it.

And can you tell me the procedure to do this?
I mean starting from what to do in VS to the use of sn.exe?

Thanks

 

[Nicole Calinoiu]

See http://msdn2.microsoft.com/en-us/library/ms227311.aspx for 1.1
instructions. In 2.0, the only difference would be that delay signing
should be specified via the project properties rather than via
assembly-level attributes.