Best Product to Obfuscate a Mixed .NET DLL

Question

I have a .NET DLL and application. The DLL is written in C++/CLI and it's "mixed", i.e., partially managed code and partially native.

I have two goals:
1. Obfuscate all the managed code so it can't be disassembled
2. Obfuscate the public methods/classes of the mixed DLL so no one can use the DLL in their own applications, i.e., scramble the public names.

Yes, I understand obfuscation isn't perfect and people can still figure it out and blah blah. The two goals are a management requirement. The only app I've found that can handle this appears to be the Dotfuscator Professional Edition. Unfortunately it is one of those incredibly annoying apps where you have to beg a salesman to tell you the price. Does anyone know of a another solution, or know of a good place to buy a cheap, legal copy?

Don't tell me to rewrite the DLL in managed code, that would take a month of work and I'd never get approval. :-)

Note that I'm not particularly paranoid about how good the obfuscation is. Anything that scrambles the names of all the methods and classes in the app is probably good enough.

Here are the other obfuscators I have tried:
Dotfuscator Community Edition comes with Visual Studio 2008 but doesn't support mixed assemblies.
Eazfuscator .NET is simple and free but doesn't support mixed assemblies.
{smartassembly} is $500 for a single license. It has some interesting features, but it doesn't support mixed assemblies.
Salamander is $800. Claims to fully support mixed assemblies, but whenever I tried to use the obfuscated dll, the application crashed.
.NET Reactor is $180 for a single developer license. It supports "partial" obfuscation of mixed DLLs. Unfortunately if you obfuscate the public types on the DLL it doesn't work, the .exe can't find the classes. It has the ability to merge/pack DLLs into an .exe but when you do it with a mixed DLL it doesn't work (the exe can't find the DLL's assembly, even though it's part of the .exe)
Skater is $300 for a single license. I don't see anything on their website claiming it supports mixed assemblies and I'm tired of trying apps only to be disappointed so I'm going to assume it doesn't.

I have also tried Microsoft's ILMerge to see if I could merge the DLL with the .exe and then obfuscate, but it appears that also chokes on mixed DLLs.

Any suggestions for an alternative to Dotfuscator or a good place to buy a legitimate copy? I found a couple of no-name sites claiming to sell it cheap but I assume those are Russian pirated versions.

Answer 1

I've use {smartassembly} to merge SlimDX and DirectShow.Net together with my .net program. Both of that is wrtten using C++/CLI. They merged fine on my side. Where did you get the indication that it doesn't support mixed assemblies?

EDIT: I'm not 100% sure, as I myself never use C++\CLI before, but I've written pure C++ apps before. This is what I gather, in the AssemblyInfo.cpp file of SlimDX, there's a line which configure the assembly like:

[assembly:SecurityPermission(SecurityAction::RequestMinimum, UnmanagedCode = true)];

So, I assume it contain unmanaged code. Or maybe you could tell me what indication should I be looking for to show that it contain unmanaged code.

Btw, I'm using Version 3.0.3063 of {smartassembly}

Answer 2

Please contact our sales department for personalized assistance and pricing questions. We are here to help you with your all of your obfuscation needs.

[you can figure out how to find them, can't you?]

Answer 3

I've used CliSecure .NET Obfuscator to protect C#, VB.NET and C++/CLI assemblies. Here's the link CliSecure .NET Obfuscator, I use the PRO edition which 1299 USD but since you don't care about full protection the express edition (699 USD) might work for you.