Crypto Obfuscator supports F# assemblies - try it out.

By on 4/25/2012 4:21 AM ()

Hi Adam,

I'm using {smartassembly} here at TidePowerd and it's worked out very well so far; I'd been using {smartassembly} on our C# assemblies for a while, and though we did run into a few (mostly minor) issues when we first started using it on our F# assemblies, Red Gate quickly put some fixes in, and the latest versions work great for us.

That said, there are a few F#-specific issues to watch out for which are, for the most part, applicable to **any** obfuscator:

* F# marks union and record types as serializable by default; since obfuscating the name or any field names of serializable types can break serialization code, most obfuscators won't allow you to obfuscate these types. However, if you mark your union/record types with [<AutoSerializable(false)>] it seems to work correctly.

* Also related to the serialization issue, compiler-generated closure types are also marked serializable, and since there's no way to instruct the F# compiler otherwise, I've had to handle this in a custom post-compilation step (see below).

* Unless you specify otherwise (using command-line flags), the F# compiler adds two managed resource streams to every assembly; these resources contain F#-specific signature and intra-module optimization data, and leaving them in can betray type names, control-flow data, etc. I don't think any obfuscator ({smartassembly} included) removes these yet. However, using the compiler flags (to disable adding the resources) is annoying when you have one F# project which references another F# project, because the signature data includes information about DU types and removing it will basically break all of your pattern-matching code. My solution is to compile all of our projects as normal, then remove the streams in a post-compilation step (I wrote a small script for this, I'd be happy to send it to you if you'd like), then run the assemblies through {smartassembly}.

I hope this helps shed some light any F#-specific obfuscation troubles you're running into, whatever obfuscator you choose.

If you want to try {smartassembly}:

Disclaimer : Red-Gate (the company who makes {smartassembly}) owns a minor stake in TidePowerd. I don't get anything from them for saying nice things about {smartassembly}, it's just been super-helpful in solving some obscure bugs in our code (it includes crash-reporting functionality) and they've put in some extra effort to make it F#-compatible for us.

By on 12/5/2011 11:43 AM ()

There is a similar thread on FPish already:

Obfuscating F# code

By on 11/26/2011 1:52 PM ()

Be extra careful with CliSecure: their product doesn't give access to minor/major updates by default (you are buying whatever you can download at the time and NO updates later), and to get updates they insist on making you subscribe to a yearly support plan. Not sure how they manage to survive with this kind of conditions. We had an awful experience with their support, you may get more lucky, but don't count on it.

By on 11/24/2011 6:05 PM ()
IntelliFactory Offices Copyright (c) 2011-2012 IntelliFactory. All rights reserved.
Home | Products | Consulting | Trainings | Blogs | Jobs | Contact Us | Terms of Use | Privacy Policy | Cookie Policy
Built with WebSharper