Versions Compared

Old Version 1

changes.mady.by.user Amos Joshua (Unlicensed)

Saved on

compared with

New Version Current

changes.mady.by.user Ethan Arbuckle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Prerequisites

Step 1: Prerequresites

  1. An iOS project with the MobileProtect SDK installed.

  2. A copy of the datatheorem-obfuscate tool.

...

Step 2: add obfuscation build phases

...

Obfuscation Tool Download

The datatheorem-obfuscate tool can be acquired using the following methods:

  1. Direct download from Data Theorem’s portal: Direct Link Download

  2. By cloning the MobileProtect build repository:

    1. Code Block
      git clone https://1:{REPO_API_KEY}@mobile-protect-repos.securetheorem.com/mobileprotect-ios

Move the datatheorem-obfuscate binary to the root of the Xcode project (next to the .xcodeproj or .xcworkspace files).

Add Obfuscation Build Phases to Xcode

For projects using Cocoapods

For projects that use Cocoapods, add the following line to each target that is defined in the Podfile:

Code Block
languageruby
    script_phase({name: "Data Theorem Static Obfuscation", script: "$PROJECT_DIR/datatheorem-obfuscate", execution_position: :after_compile})

For exampleAdditionally, add the following to the end of the Podfile:

Code Block
languageruby
post_install do |installer|
  installer.pods_project.targets.each do |target|
   `MyApp` do
    pod 'Pod1'
    pod 'Pod2' target.new_shell_script_build_phase("Data Theorem Static Obfuscation").shell_script = "$PODS_ROOT/../datatheorem-obfuscate"
  end
end

Example Podfile:

Code Block
languageruby
target `MyApp` do
    pod 'MobileProtect'
    script_phase({name: "Data Theorem Static Obfuscation", script: "$PROJECT_DIR/datatheorem-obfuscate", execution_position: :after_compile})    
end

And add these lines at the end of the Podfile:

Code Block
languageruby


post_install do |installer|
  installer.pods_project.targets.each do |target|
    target.new_shell_script_build_phase("Data Theorem Static Obfuscation").shell_script = "$PODS_ROOT/../datatheorem-obfuscate"
  end
end

Step 2.b: Build phases for projects without Cocoapods

For projects

...

not

...

using Cocoapods

For each target in the project (app/framework), add a Run Script build phase named Data Theorem Static Obfuscation as the last build phase, to the Xcode project containing the following script:

Code Block
languagebash
$PROJECT_DIR/datatheorem-obfuscate

Step 3: add the obfuscator binary

Place a copy of the datatheorem-obfuscate binary at the root of the project folder (next to the project's .xcodeproj or .xcworkspace files).

Step 4: configuration

Configuration

In the project's MobileProtect.config, add a plist configuration file, perform the following steps:

  1. Add a new key called StaticObfuscation

...

  1. with its type set to Dictionary.

  2. Inside this dictionary,

...

  1. insert a child key named Enabled

...

  1. with the type Boolean

...

  1. and set its value to YES.

Finally clean the project once. Installation is now complete - the After making these changes and performing a “clean” of the project, the installation is complete. The application will be statically obfuscated when the next time it is next compiled.

Setup of static obfuscation is now complete.

Optional Configuration

The following configuration keys are supported:

  • Enabled: a A boolean value, set . Set to YES to enable static obfuscation.

  • ClassExcludeList: Specify a path, relative to the project root, pointing to a newline-separated a file that contains a list of class names, the selectors of which . Each class name should be on a separate line. The selectors associated with these classes will be excluded from static obfuscation.

  • SelectorExcludeList: a A file path, relative to the project root, pointing to a newline-separated a file that contains a list of selector names to exclude . Each selector name should be on a separate line. Selectors in this file will be excluded from static obfuscation.

Excluding

...

Selectors From Obfuscation

Projects that refer to selectors directly will need to exclude these selectors from obfuscation, otherwise the app might crash. Selectors are referred to directly:

  • When using the @selector(...) syntax.

  • when using reflection

  • when When using dynamic class lookup (NSClassFromString(), objc_getClass()).

  • When using key-value observation.

A typical crash due to caused by obfuscation of required selectors looks likedirectly-referenced selectors will look similar to this:

Code Block
    *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[SomeClassName someSelector]: unrecognized selector sent to instance 0x123abc123'

To fix resolve such a crash, either add the class name (SomeClassName must be added ) to a the class exclude exclusion list (see refer to the ClassExcludeList configuration) or add the selector someSelector must be added to a the selector exclude exclusion list (see refer to the SelectorExcludeList).

Sometimes, the error will mention the obfuscated selector name, e.g.:

Code Block
    *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[SomeClassName XJEJKANDFKW]: unrecognized selector sent to instance 0x123abc123'

...