MonoTouch:如何保护我的应用程序 [英] MonoTouch: How to protect my application

问题描述

我使用 Dotfuscator 来保护我的应用程序免受逆向工程 我在 Windows 应用程序中加密了 dll 文件，但我如何在 OSX/MonoTouch 中进行加密?

I used Dotfuscator to protect my application from reverse engineering I encrypted the dll files in windows application, but how can I do it in OSX/MonoTouch?

从ipa中提取dll，然后在windows中混淆dll，将加密后的dll重新打包成IPA，然后发布到appstore?

Extract the dll from ipa, then confuse the dlls in windows, and repack the encrypted dlls into IPA, then publish it to appstore?

有什么简单的解决方法吗?

Is there any simple solution?

推荐答案

首先，您需要记住 iOS 不允许 JIT(及时)编译.这意味着一切都需要通过 AOT(提前)编译器.

Foremost you need to remember that iOS does not allow JIT (just in time) compiling. This means everything needs to go thru the AOT (ahead of time) compiler.

这会导致来自您程序集的所有 IL 代码都被转换为原生 ARM(v6、v7 和/或拇指)指令并且该 IL 是不需要了.

This results that all the IL code from your assemblies is being converted into native ARM (v6, v7 and/or thumb) instructions and that the IL is not required anymore.

这意味着，当您为 Release|iPhone 构建时，IL 代码将从您的程序集中删除.因为它被剥离了，所以它不会出现在您发布的应用程序中(被反编译).

This means that, when you're building for Release|iPhone, the IL code will be removed from your assemblies. Since it's strip'ed away it won't be present (to be decompiled) in the application you publish.

注意事项

• 程序集仍将在应用程序中因为元数据仍然是必需的(例如，System.Reflection 需要它).所以符号名称和资源文件不会像混淆器那样被破坏/加密；

• the assemblies will still be inside the application because the metadata is still required (e.g. System.Reflection needs it). So symbols names and resources files won't be mangled/encrypted like obfuscators generally do;

您可以反汇编 ARM 程序集(即使您在 AOT 编译之前混淆程序集也是如此)，但它比 IL 更难理解(并回到 C#).

You can disassemble ARM assembly (that would be true even if you obfuscated the assemblies before the AOT compilation) but it's much harder to understand (and get back to C#) than IL is.

从 IPA 中提取程序集并对其进行处理将破坏至少应用程序的签名(您可以重新签名).它还会可能破坏很多其他东西(因为代码将引用可能已更改的名称/结构).我认为这行不通(但这取决于您从混淆器中使用的选项).

Extracting the assemblies from the IPA and procesing them will break at least the application's signature (you can re-sign it). It will also likely break a lot of other things (since the code will refer to names/structures that might have changed). I do not think this will work (but it depends on the options you would use from your obfuscator).

这篇关于MonoTouch:如何保护我的应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！