4

I need to obfuscate my code as part of company policy. I'm using MSBuild to automate the process with this:

<Exec Command="$(MsBuildPath) /p:Configuration=Release /t:Rebuild;SignAndroidPackage &quot;$(CodeRootPath)\Mfx.UI.Droid\Mfx.UI.Droid.csproj&quot; > &quot;$(OutputPath)\3_BuildApkLog.txt&quot;" />

being the relevant line that builds the solution and creates the apk. I have my obfuscation in a post build event:

COPY $(TargetDir)*.* $(TargetDir)..\..\..\..\Obfuscation\workbench "C:\Program Files (x86)\MSBuild\14.0\Bin\msbuild.exe" "$(TargetDir)..\..\..\..\Obfuscation\Capture.babel"

which copies the output of the build folder to a different folder and calls my babel project, which outputs the obfuscated DLLs to the original build folder. After my batch file completes, the DLLs in bin\Release\ are all obfuscated, but when I decompile my APK, the DLLs within are not obfuscated.

Is there a way to obfuscate the DLLs after the APK is generated or is there a better time to do the obfuscation?

Slepz
  • 460
  • 3
  • 18
  • Possible duplicate of [Obfuscation in Xamarin Projects](http://stackoverflow.com/questions/36423030/obfuscation-in-xamarin-projects) – Martynnw Mar 10 '17 at 15:33

1 Answers1

3

In addition to using an obfuscator, you could:

  • Use AOT compilation for Android, where the IL code is removed and replaced with native code, and just the metadata is preserved. This is significantly harder to decompile.

  • Embed assemblies in Native Code, which makes it harder to get to the IL.

miguel.de.icaza
  • 32,654
  • 6
  • 58
  • 76