How To: Integrate Protection into Visual Studio and Automated Builds (KB12)

This article offers guidance on how to effectively integrate protection into an automated build script.  Previously, the main documented technique for integrating protection into an automated build script was via Post Build Steps. SLPS Code Protector versions 3.0.1908 and later provide an MSBuild task that intercepts binaries (DLLs or EXE's) immediately after compilation in order to protect them as an integrated part of the build process.

Background

Until V3.0.1908, the main documented technique for integrating protection into an automated build script was via Post Build Steps. This can be cumbersome in many ways. In the case of ClickOnce, another key issue is that one cannot simply transform the DLLs to protect the final binaries prior to deploying the files as the manifest contains checksums that would need updating.

New MSBuild Target

SLPS Code Protector versions 3.0.1908 and later provide an MSBuild target  that intercepts binaries (DLLs or EXE's) immediately after compilation in order to protect them as an integrated part of the build process.

This will apply to any project that:

  1. Has a SLMCfg stored alongside the project (.vbproj/.csproj) file named:
    <ProjectName><.Configuration><.Platform>.SLMCfg
    <ProjectName><.Configuration>.SLMCfg
    <ProjectName>.SLMCfg
     
  2. Has the conditional compilation (i.e., #define) symbol SLPS_PROTECT defined (referred to as DefineConstant within MSBuild properties) for the active build configuration. (NB For SLPS_PROTECT to be detected correctly all symbols must be delimited by semi-colons - the Visual Studio project system also accepts spaces and commas)

Prerequisites

You should not need to make any changes to your .csproj/.vbproj files in order to use the integrated protection - the Code Protector SDK installation adds it in as a build extension by default.

After installing the Code Protector SDK, the Slps.Protect.targets file is  automatically imported in all builds via a hook inserted into %ProgramFiles%\MSBuild\<msbuild version>\Custom.After.Microsoft.Common.targets.

If you wish to explicitly ensure that the target is included for a specific project, one can add an import of the same targets file to your project by adding the following before </Project> in your .csproj/.vbproj etc. file

<Import Project="$(MSBuildExtensionsPath)\InishTech\Slps.Protector\Slps.Protect.targets" />

To Use MS Build Task

To use the SLPS MSBuild task the following steps should be carried out:

  1. In Visual Studio, go to Project|<ProjectName> Properties|Build|Conditional compilation symbols: Add  ;SLPS_PROTECT (Note you can do this just for the release configuration if you wish - however if you are doing any SLPS customisations i.e., referencing the Runtime DLL, be sure to reference the Permutation DLL too as all three of the SLPS runtime DLLs need to be present alongside eachother even when the code is not protected.) Please ensure that all symbols are delimited by semi-colons (;) - SLPS_PROTECT will not be correctly detected if any other  delimiter is used e.g. space, comma.
     
  2. Create a configuration (.SLMCfg) file as covered in http://support.inishtech.com/KB2
     
  3. Save the configuration file to the same folder as your project  (.csproj/.vbproj) file.

Troubleshooting

In order for this approach to work the following needs to be in place:

  1. The MSBuild integration needs to be installed (versions 3.0.1908 and later of the Code Protector SDK provide this by default) and C:\Program Files (x86)\InishTech SLP Code Protector\Slps.Protect.targets should exist
     
  2. Check the Slps.Protect.targets file is included. This can be via either: 
    1. Normal automatic inclusion into all builds via: %ProgramFiles$\MSBuild\<msbuild version>\Custom.After.Microsoft.Common.targets
    2. Adding an explicit import of the targets file to your project by adding the following before </Project> in your .csproj/.vbproj etc. file
        <Import Project="$(MSBuildExtensionsPath)\InishTech\Slps.Protector\Slps.Protect.targets" />
       
  3. In Visual Studio 2008 or 2010, turn on detailed logging via Tools|Options|Projects and Solutions|Build and Run|MsBuild project build output verbosity. You can quickly locate SLPS related activity by searching for "Slps_Protect" in the build output (View|Output)