I have a VS.NET 2008 solution which contains a Setup Project. This Setup Project takes output of my other project (in the same solution) and produces a MSI. So far, so good... I would like the assemblies included in the MSI to be obfuscated. This obfuscation itself is simple, but how can I introduce this pre-step (obfuscation) to the MSI building? Anybody has an idea?

Thanks!

Use a build tool such as Finalbuilder to automate this process.

eg Build assemblies, then obfuscate them and finally build the setup project.

If you are using Dotfuscator Professional you can achieve this easily as it ships with a Visual Studio project that is added to your system upon installation.

All you need to do is to add a new Dotfuscator project to your solution, add the outputs from your other projects as inputs to the Dotfuscator project (using the Add Assembly/Add Project Output functionality), set any necessary obfuscation settings and then change the input for your setup project to be the Dotfuscator project. When you now build your solution your code files are compiled then obfuscated and then handed off to the setup project to be built into the MSI.

The obfuscator needs to support MSBuild integration for this to work, so that the build output of the compiler can be obfuscated and passed on to the MSI project as input.

Crypto Obfuscator is one such tool which supports this type of scenario.

Eazfuscator.NET was designed specifically to handle such scenario. To obfuscate your assemblies before they go to MSI, just do the following:

1. Drop your assembly project(s) in the green zone of Eazfuscator.NET Assistant
2. You are done. The assemblies are now automatically obfuscated and bundled into your MSI package every time the solution is built in Release configuration.

Some other obfuscators handle this too. For example, Dotfuscator provides the obfuscation project type for Visual Studio where you can define inputs and outputs and thus form a build pipeline. The pipeline can get the output of an assembly project, obfuscate it and then pass it to the setup project.

I would consider WiX or something similar (some other build tool) to create the MSI file. You can use the windows tools to decompile the MSI, and then obfuscate, and put them back in the MSI.

Another option is to add an obfuscation tool to the build process. I have done this post build with CodeVeil. If you can branch this into the Post Build steps of all of the projects, sans the setup project (which is built last), you should be able to do this. Having not worked heavily with the setup project, I am not certain this will work, but I see no reason it should not work.