I need to write some license checking code in Swift. I know Swift is not optimal for that kind of code in the first place, as it is harder to obfuscate. But if the code that needs to know whether the app is registered is written in Swift, this is still better than putting the license checking code in a separate framework that can be swapped out.
To make attacking that code harder, I'm trying to obfuscate the code by at least removing the symbols related to it.
For this, I have some inlined methods with internal visibility as follows:
@inline(__always) static func checkLicense() { /* license checking code */ }
Given that the method should always be inlined, there should be no need to include the method's name in the binary's symbol table. (I know that inline
annotations often only are hints to the compiler, but I have reason to believe that they do work in this case.)
In line with that, nm MyApp.app/Contents/MacOS/MyApp
does not contain references to checkLicense
.
However, the output of strings MyApp.app/Contents/MacOS/MyApp
still contains references to checkLicense
, and I'm afraid that an attacker could use that information to more easily attack the license checking code.
Here are my questions:
nm
)?I am currently using the following build options:
I have investigated this again, and found the following strip settings to work well for Release builds:
-Xlinker -s
according to this guide)-Xlinker -x
)If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With