I need to write some license checking code in Swift.
I know Swift is not optimal for that kind of code in the first place, as it is
harder to obfuscate and easier to patch than say, pure C.
But if the code that needs to know whether the app is registered is written in
Swift, this is still better than putting the license checking code in a
separate framework that can be swapped out.
To make attacking that code harder, I'm trying to obfuscate the code by at
least removing the symbols related to it.
For this, I have some inlined methods with internal visibility as follows:
@inline(__always) static func checkLicense() { /* license checking code */ }
Inlining should also help with forcing the attacker to separately patch the
licensing function at each call site, rather than just patching the licensing
function itself. (I am e.g. not using protocols in my licensing code for
similar reasons.)
Given that the method should always be inlined, there should be no need to
include the method's name in the binary's symbol table. (I know that `inline`
annotations often only are hints to the compiler, but I have reason to believe
that they do work in this case.)
In line with that, `nm MyApp.app/Contents/MacOS/MyApp` does not contain
references to `checkLicense`.
However, the output of `strings MyApp.app/Contents/MacOS/MyApp` still contains
references to `checkLicense`, and I'm afraid that an attacker could use that
information to somehow more easily attack the license checking code.
Here are my questions:
1. Will these strings help an attacker, or are they useless without the
corresponding symbol info (which would be exposed by `nm`)?
2. Would the strip settings listed below (in particular, stripping all symbols
and "-Xlinker -x") cause a problem when shipping my code - e.g. when trying to
symbolicate stack traces? I do keep the dSYMs of the shipped binaries.
3. Would setting "Perform Single-Object Prelink" to Yes help in obfuscating the
code? The only effect I can see is that the dSYMs size shrinks from ~8 MB to ~6
MB.
I am currently using the following build options:
* Deployment Postprocessing = Yes
* Strip Linked Product = Yes
* Use Separate Strip = Yes
* Strip Style = All Symbols
* Other Linker Flags = "-Xlinker -x" (this seems to be the only option that
actually cause the symbols to disappear from the results of the `nm` command.)
* Perform Single-Object Prelink = No (see above)
Thanks,
Daniel Alm
_______________________________________________
swift-users mailing list
swift-users@swift.org
https://lists.swift.org/mailman/listinfo/swift-users
