Versions Compared

Version Old Version 1 New Version Current
Changes made by

Amos Joshua (Unlicensed)

bm

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Prerequisites

Step 1: Prerequresites

  1. An iOS project with the MobileProtect SDK installed

...

Step 2: add obfuscation build phases

...

  1. .

  2. A copy of the datatheorem-obfuscate tool.

Obfuscation Tool Download

In order to download the tool, you must have your Repo API Key on hand. You will find this API key in the Overview tab of the Active Protection page for Mobile Secure. Press the blue button on the right hand side that reads “Protect Mobile Apps“ and look for the “Keys & Config” section.

...

There are two options:

  1. Direct download from Data Theorem’s portal: Direct Download Link

    1. This link will open a login prompt, enter “1” for the user name and set the password to the contents of the Repo API Key.

  2. By cloning the MobileProtect build repository:

    1. Locate the Repo API Key and use it to run the following command:

      Code Block
      git clone https://1:{REPO_API_KEY}@mobile-protect-repos.securetheorem.com/mobileprotect-ios

Move the datatheorem-obfuscate binary to the root of the Xcode project (next to the .xcodeproj or .xcworkspace files).

Add Obfuscation Build Phases to Xcode

Disable ENABLE_USER_SCRIPT_SANDBOXING by setting the variable in Build Settings > Build Options > User Script Sandboxing to NO, so the tool has access to the built files to modify them.

For projects using Cocoapods

For projects that use Cocoapods, add the following line to each target that is defined in the Podfile:

Code Block
languageruby
    script_phase({name: "Data Theorem Static Obfuscation", script: "$PROJECT_DIR/datatheorem-obfuscate", execution_position: :after_compile})

For exampleAdditionally, add the following to the end of the Podfile:

Code Block
languageruby
post_install do |installer|
  installer.pods_project.targets.each do |target|
 `MyApp` do  target.new_shell_script_build_phase("Data Theorem  pod 'Pod1'
    pod 'Pod2'Static Obfuscation").shell_script = "$PODS_ROOT/../datatheorem-obfuscate"
  end
end

Example Podfile:

Code Block
languageruby
target `MyApp` do
    pod 'MobileProtect'
    script_phase({name: "Data Theorem Static Obfuscation", script: "$PROJECT_DIR/datatheorem-obfuscate", execution_position: :after_compile})    
end

And add these lines at the end of the Podfile:

Code Block
languageruby


post_install do |installer|
  installer.pods_project.targets.each do |target|
    target.new_shell_script_build_phase("Data Theorem Static Obfuscation").shell_script = "$PODS_ROOT/../datatheorem-obfuscate"
  end
end

...

For projects 
...
 not 
...
using Cocoapods
For each target in the project (app/framework), add a Run Script build phase named Data Theorem Static Obfuscation as the last build phase, to the Xcode project containing the following script:
 Code Block
languagebash
$PROJECT_DIR/datatheorem-obfuscate
Step 3: add the obfuscator binary
Place a copy of the datatheorem-obfuscate binary at the root of the project folder (next to the project's .xcodeproj or .xcworkspace files).
Step 4: configuration
Configuration
In the project's MobileProtect.config, add a plist configuration file, perform the following steps:
  1. Add a new key called StaticObfuscation
...
  1.  with its type set to Dictionary.
  2. Inside this dictionary, 
...
  1. insert a child key named Enabled
...
  1.  with the type Boolean
...
  1.  and set its value to YES.
Finally clean the project once. Installation is now complete - the After making these changes and performing a “clean” of the project, the installation is complete. The application will be statically obfuscated when the next time it is next compiled.Setup of static obfuscation is now complete.
Optional Configuration
The following configuration keys are supported:
  • Enabled: a A boolean value, set . Set to YES to enable static obfuscation.
  • ClassExcludeList: Specify a path, relative to the project root, pointing to a newline-separated a file that contains a list of class names, the selectors of which . Each class name should be on a separate line. The selectors associated with these classes will be excluded from static obfuscation.
  • SelectorExcludeList: a A file path, relative to the project root, pointing to a newline-separated file that contains a list of selector names to exclude . Each selector name should be on a separate line. Selectors in this file will be excluded from static obfuscation.
Excluding 
...
Selectors From Obfuscation
Projects that refer to selectors directly will need to exclude these selectors from obfuscation, otherwise the app might crash. Selectors are referred to directly:
  • When using the @selector(...) syntax.
  • when using reflection
  • when When using dynamic class lookup (NSClassFromString(), objc_getClass()).
  • When using key-value observation.
A typical crash due to caused by obfuscation of required selectors looks likedirectly-referenced selectors will look similar to this:
 Code Block
    *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[SomeClassName someSelector]: unrecognized selector sent to instance 0x123abc123'
To fix resolve such a crash, either add the class name (SomeClassName must be added ) to a the class exclude exclusion list (see refer to the ClassExcludeList configuration) or add the selector someSelector must be added to a the selector exclude exclusion list (see refer to the SelectorExcludeList).
Sometimes, the error will mention the obfuscated selector name, e.g.:
 Code Block
    *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[SomeClassName XJEJKANDFKW]: unrecognized selector sent to instance 0x123abc123'
...