Code protection allows for automatic removal of its portion from the protected application and addressing it only as requested upon execution. Any addressing of the code’s secured location first initiates the availability of the dongle, and only upon positive verification, further decryption of the protected code.
The code of each method of the protected application has its unique strings, independent from all other code, binding it to the dongle. This approach significantly complicates regressive analysis and implements a unique sequence of calls based on the dataflow graph of the protected application execution.
EXE protection
The protected executable file remains a Managed-assembly, but the main part of its code is transferred to a Native-DLL of a special type, which becomes the code’s secure storage location:
- In the process of execution there are calls made to the protected method, after which the stub’s code is addressed
- The stub initiates the execution of the code contained in the secure storage location against the addressed method
- The protected code is executed
DLL protection
When protecting dynamic DLL-libraries for the .NET platform a similar approach is used to the one used for protecting executable files, but taking into account the specifics of using the code library. In the process of protecting the original DLL library, the MSIL-code is deleted and its place is taken by the calls of special method stubs. In this way, after protection what’s left from the original DLL-library is simply the code with calls to the method stubs. Such an approach to protection allows saving the operating capacity of the principles of interaction with the protected library: reference links can still be added from other .NET assemblies and it still has the status of a Managedassembly. Upon protecting a DLL assembly it is not necessary to make any changes in the code that already uses the protected library, since method stubs will assume all the work for rerouting calls to the code’s secure storage location.
- Executable file addresses the method from the protected library
- Stub’s code is called upon addressing the protected method
- The stub initiates the execution of code from the secured location against the addressed method
- Protected code is executed.