XAP signing is important if you are creating an elevated trust out of browser application that can take advantage of Silverlight features that are inaccessible to sandboxed applications.
Babel Obfuscator can re-sign obfuscated assemblies but it cannot sign the XAP file after obfuscation. The trick is in executing the MSBuild task Exec calling the SDK tool signtool.exe after the XAP file obfuscation.
|
<UsingTask TaskName="Babel" AssemblyName="Babel.Build, Version=4.2.0.0, Culture=neutral, PublicKeyToken=138d17b5bd621ab7"/> <ItemGroup>
<BabelOutputFile Include="$(TargetDir)BabelOut\$(XapFilename)" />
</ItemGroup>
<!-- XAP file obfuscation -->
<Babel InputFile="$(TargetDir)$(XapFilename)"
OutputFile="$(BabelOutputFile)"
KeyFile="Keys.pfx" KeyPwd="password" />
<!-- Sign the XAP using signtool.exe SDK tool -->
<Exec Command=""$(SignToolPath)\signtool.exe"
sign /v /f certificate.pfx /p password "@(BabelOutputFile)"" />
</Target>
|
Note that " tags inside the Command attribute are used to quote paths inside the executed command definition.