如何对ClickOnce使用混淆处理？ [英] How to use obfuscation for ClickOnce?

问题描述

如果要发布 ClickOnce 版本， Dotfuscator ？

推荐答案

通过将部署清单（ foo.application）添加为Dotfuscator项目的输入，您可以使用Dotfuscator的商业版本自动混淆ClickOnce应用程序。 Dotfuscator将允许您向ClickOnce应用程序中包含的程序集添加任何必要的排除，并创建包含混淆程序集的更新的部署和应用程序清单。

You can use the commercial version of Dotfuscator to automatically obfuscate a ClickOnce application by adding the deployment manifest ("foo.application") as an input to your Dotfuscator project. Dotfuscator will allow you to add any necessary exclusions to the assemblies contained in the ClickOnce application and will create updated deployment and application manifests containing the obfuscated assemblies.

Dotfuscator的免费版本Visual Studio（包括Visual Studio 2010）中包含的功能不具有自动混淆ClickOnce应用程序的功能。为了获得功能良好的模糊ClickOnce应用程序，您需要重新创建或更新ClickOnce清单，因为模糊会更改程序集的签名。

The free version of Dotfuscator included in Visual Studio (including Visual Studio 2010) does not have the feature to automatically obfuscate ClickOnce applications. In order to get a functioning obfuscated ClickOnce application you will need to recreate or update the ClickOnce manifests since obfuscation changes the signatures of the assemblies.

您可以使用 mage.exe 或 mageui.exe （包含在Windows / .NET SDK中）以更新ClickOnce清单。如果要使用mage.exe，则需要注意，您无法在ClickOnce选项中使用使用.deploy文件扩展名选项，因为它无法识别。

You can use mage.exe or mageui.exe (included in the Windows/.NET SDK) to update the ClickOnce manifests. If you are going to use mage.exe you need to be aware that you cannot use the "Use .deploy file extension" option in your ClickOnce options as it does not recognize it.

假设您的ClickOnce应用程序名为 Foo，并且版本为1.0.0.0，您要遵循的过程是：

Assuming your ClickOnce application is named "Foo" and is at version 1.0.0.0 the process you will want to follow is:

1. 将ClickOnce应用程序发布到磁盘上的目录中


2. 运行Dotfuscator CE，并从项目的bin目录中添加要混淆的程序集


3. 混淆程序集。默认情况下，混淆后的程序集将放置在名为 Dotfuscated的子目录中。


4. 使用sn.exe（仅当您最初将其强命名时）将混淆后的程序集辞职


5. 将经过混淆的程序集复制到ClickOnce发布\Application Files\Foo_1_0_0_0目录中的那些程序集之上



6. 更新应用程序清单并签名：

1. Publish your ClickOnce application to a directory on disk
2. Run Dotfuscator CE and add the assemblies you want to be obfuscated from the bin directory of your project
3. Obfuscate the assemblies. The obfuscated assemblies will be put into a subdirectory named "Dotfuscated" by default.
4. Resign your obfuscated assemblies with sn.exe (only if you initially strong named them)
5. Copy the obfuscated assemblies over top of the ones in the ClickOnce publish\Application Files\Foo_1_0_0_0 directory

6. Update the application manifest and resign it:

mage.exe-更新应用程序文件\Foo_1_0_0_0\Foo.exe.manifest -CertFile c：\Foo\foo.pfx-密码密码

mage.exe -Update "Application Files\Foo_1_0_0_0\Foo.exe.manifest" -CertFile "c:\Foo\foo.pfx" -Password password

更新部署清单并签名：

mage.exe-更新Foo.application -AppManifest 应用程序文件\Foo_1_0_0_0\Foo.exe.manifest -CertFile c：\Foo\foo.pfx-密码

mage.exe -Update Foo.application -AppManifest "Application Files\Foo_1_0_0_0\Foo.exe.manifest" -CertFile "c:\Foo\foo.pfx" -Password password

您现在具有使用混淆程序集的有效应用程序和部署清单。您也可以使用MageUI.exe工具完成相同的任务（它知道如何使用.deploy扩展名处理程序集），但是自动化并不容易。

You now have a valid application and deployment manifest using obfuscated assemblies. You can also use the MageUI.exe tool to accomplish the same tasks (and it knows how to handle assemblies with the .deploy extension) but it is not as easy to automate.

这篇关于如何对ClickOnce使用混淆处理？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！