Search code examples
.netobfuscationdotfuscatorpreemptiveilspy

How to obfuscate const variable values using dotfuscator

This is my code:

namespace Password.Lib
{
    public class PassRepo: IPassRepo
    {
        const string mEntropy= "djbiudv-dsvjkbdjs-svdjkbv";
        const string logLevel = "logLevelKey";

        private string currentLevel;

        public PassRepo()
        {
            int answer = OldPasswordRepo();
        }
    }
}

For above dll I have following options set in my dotfuscator config file:

        <option>stripoa</option>
        <option>library</option>
        <option>transformxaml</option>
        <controlflow level="high" />

Along with it, renaming rules are also enabled:

<referencerulelist>
      <referencerule rulekey="{6655B10A-FD58-462d-8D4F-5B1316DFF0FF}" />
      <referencerule rulekey="{7D9C8B02-2383-420f-8740-A9760394C2C1}" />
      <referencerule rulekey="{229FD6F8-5BCC-427b-8F72-A7A413ECDF1A}" />
      <referencerule rulekey="{2B7E7C8C-A39A-4db8-9DFC-6AFD38509061}" />
      <referencerule rulekey="{494EA3BA-B947-44B5-BEE8-A11CC85AAF9B}" />
      <referencerule rulekey="{89769974-93E9-4e71-8D92-BE70E855ACFC}" />
      <referencerule rulekey="{4D81E604-A545-4631-8B6D-C3735F793F80}" />
      <referencerule rulekey="{62bd3899-7d53-4336-8ca2-4e5dbae187d5}" />
    </referencerulelist>

  <removal>
    <option>disable</option>
    <removalreport overwrite="true">
      <file dir="" name="Removal.xml" />
    </removalreport>
    <referencerulelist />
  </removal>

When I build the code using dotfuscator UI, and then try to decompile it, I get following output:

public class PassRepo: IPassRepo
{
    private const string a = "djbiudv-dsvjkbdjs-svdjkbv";

    private const string b = "logLevelKey";

    private string c;


    public PassRepo()
    {
        int l = OldPasswordRepo;
    }
}

I need to obfuscate values of these variables: mEntropy="djbiudv-dsvjkbdjs-svdjkbv" and logLevel="logLevelKey". How can I achieve that?

I tried to disable library mode, but in that case my app does not work properly. UI is not at all displayed.

Can someone please help?

Solution

  • const variables have their value available at compile-time (even when compiling client libraries that use your library!). In fact, any use of a const string will copy the string value to the use-site.

    This means the string value must be stored in a form that the C# compiler understands, and thus cannot be encrypted.

    If you want to protect the string value, switch to a static readonly string.