Red Gate forums :: View topic - Guide to getting a WCF service host application obfuscated?
Return to www.red-gate.com RSS Feed Available

Search  | Usergroups |  Profile |  Messages |  Log in  Register 
Go to product documentation
SmartAssembly 6
SmartAssembly 6 forum

Guide to getting a WCF service host application obfuscated?

Search in SmartAssembly 6 forum
Post new topic   Reply to topic
Jump to:  
Author Message
phaedrus30



Joined: 25 Jan 2013
Posts: 6

PostPosted: Fri Jan 25, 2013 5:22 am    Post subject: Guide to getting a WCF service host application obfuscated? Reply with quote

Hi, I'm trialling SmartAssembly 6.7 at the moment.

We have an application that is split into two major deployable components, set of Silverlight XAP files and a Windows service that runs as a .NET 4.5 EXE.

I'm currently working on just the Windows service EXE, which is the application server. It references one main application DLL (call it the framework DLL) and several 3rd-party DLLS. It's basically a WCF service host.

I've been able to run most protection options on the framework DLL by itself (everything except resource compression and pruning), and it runs fine when used by the service host EXE, but when I try to merge the framework DLL into the service host EXE using the same settings, the service won't start due to several problems:

1) Service names are obfuscated, so I have to exclude all service implementations from being obfuscated, this then brings me to:

2) Data contracts can't be initialized because they can't be serialized.

I could exclude all data contracts from being obfuscated, but this includes all our models so the benefit of obfuscation is reducing very quickly.

Who knows how many other problems would come after this one.

I also wasn't able to embed any of the reference 3rd-party assemblies

Basically, is there any guidance on how to use SmartAssembly for a WCF service host application? I'm really in the dark as to how this works.

Any information welcome!

Thanks
Back to top
View user's profile Send private message
Brian Donahue



Joined: 23 Aug 2004
Posts: 6673

PostPosted: Mon Jan 28, 2013 1:52 pm    Post subject: Reply with quote

The only thing I know to do with regards to WCF is to exclude anything with the ServiceContract attribute from obfuscation and pruning. Then, as you mention, you will probably need to put any logic you want to protect in a private member, so it will be obfuscated by SmartAssembly.

The rest of your problems are probably specific to your application.

If something doesn't merge or embed, it may be a microsoft assembly. SmartAssembly will not automatically merge or embed something if it thinks it's part of the .NET Framework.
Back to top
View user's profile Send private message
phaedrus30



Joined: 25 Jan 2013
Posts: 6

PostPosted: Mon Jan 28, 2013 11:44 pm    Post subject: Reply with quote

I've already tried excluding the service contracts and implementations - that resolved the first error, but then I got an error that data contracts could not be serialized.

Excluding or re-writing all data contracts wasn't feasible.

However, I have managed to get a solution that is acceptable for our server-side application - the service host itself does not really need obfuscation as it is really just a thin wrapper for WCF hosting and doesn't contain any business logic.

I obfuscated the application DLLs separately in their own projects, and this seems to work fine - dependency merging / embedding doesn't work but we don't really need it.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic All times are GMT + 1 Hour
Page 1 of 1

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group