External Code Files

When code encryption is applied to a method, Babel Obfuscator can extract the encrypted code of that method and store it as a separate binary file outside of the target assembly. This binary file will contain the encrypted MSIL code of the method, and it can be loaded into memory at runtime by the BVM when the method is called.

Since the encrypted code is not present in the main executable, it can be deployed separately from the application. This allows for various scenarios, including creating feature-based licenses where the external file containing the encrypted code can be deployed alongside the license.

To generate encrypted files for specific methods, we need to tag the encrypted methods using the Source property of the "msil encryption" feature. This tells Babel which methods to encrypt and strip out to a separate file. The Source property is one of the XML properties available for the "msil encryption" feature, along with Cache, MinInstructionCount, and MaxInstructionCount (see XML Rules). By setting a unique name for the Source property, we can associate it with all the methods captured by the rule and generate a separate file containing the encrypted data for those methods.

<Rule name="encrypt algorithms" feature="msil encryption" exclude="false">
  <Description>Encrypt code in Algorithms class.</Description>

This rule for the msil encryption feature, tells Babel Obfuscator to encrypt all the methods inside the Algorithm. It also sets the Source property to "algorithms", which will make Babel store the encrypted byte code in an external file named "algorithms.eil".

When a call is made to any method in the Algorithms class at runtime, the BVM needs to retrieve the encrypted bytecode stored in the external file algorithms.eil. To do this, the BVM will look for a method with the following signature:

[Obfuscation(Feature="msil encryption get stream")]
internal static Stream GetSourceStream(string source) 

This method should be decorated with the System.Reflection.ObfuscationAttribute attribute and the feature "msil encryption get stream". Once the BVM finds this method, it will call it with the name of the encrypted data source associated with the encrypted methods (in this case, "algorithms"). The GetSourceStream method should then return a Stream object containing the encrypted bytecode for the requested data source. The BVM can then decrypt and execute the requested method.

Last updated