|
|
Re: How to obfuscate [message #652625 is a reply to message #652617] |
Fri, 04 February 2011 18:06 |
Carsten Reckord Messages: 139 Registered: July 2009 |
Senior Member |
|
|
Hi Paul,
We are using Obclipse (http://obclipse.sourceforge.net/) with a bit of ant
magic which is called from a Buckminster Ant action either during site.p2 or
during create.product.
Obclipse is a wrapper around Proguard, which is aimed at easily obfuscating
entire eclipse products (or update sites for that matter). I've done some
minor local changes to it to better fit our usecase, which I haven't gotten
around to contribute back. But other than that, we are very happy with it.
I'd have to wade through the involved scripts to untangle them from other
dependencies, but then I could post them here if you're interested.
Cheers,
Carsten
On 04.02.2011 18:53, Paul Nguyen wrote:
> Hi all,
>
> Can buckminster do obfuscation? I am unable to find any information about it.
>
> Thanks,
>
> Paul
|
|
|
Re: How to obfuscate [message #652659 is a reply to message #652617] |
Fri, 04 February 2011 21:44 |
|
Hi Paul,
Buckminster has no built in support for obfuscation but you can always use an ant actor and do it using an ant-script.
- thomas
On 2011-02-04 18:53, Paul Nguyen wrote:
> Hi all,
>
> Can buckminster do obfuscation? I am unable to find any information about it.
>
> Thanks,
>
> Paul
|
|
|
|
Re: How to obfuscate [message #652728 is a reply to message #652715] |
Sat, 05 February 2011 22:28 |
|
On 2011-02-05 21:11, Paul Nguyen wrote:
> Thank you everyone for the answers.
>
> We are using Zelix KlassMaster which (I believe) only obfuscates java bytecode (not the source code). This means that we
> will have to obfuscate the resulting bundle jar file which already built and signed by buckminster.
> The problem is the obfuscator removed the signing info after obfuscating the jar. As the result, we cannot use the
> built-in buckminster jar signing capacity. Am I wrong on this?
>
The reason you sign a bundle is to verify that it contains the exact same bytes when you use it as it did when you
signed it. Obfuscating will of course alter the bytes and must therefore occur prior to signing. To do that, you must
alter the generated cspec (using a cspex) and inject the signing at the correct place. Perhaps that's what Carsten is
doing with his scripts?
- thomas
|
|
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.02676 seconds