XAP Signing

posted by alberto

XAP signing is important if you are creating an elevated trust out of browser application that can take advantage of Silverlight features that are inaccessible to sandboxed applications.

Babel Obfuscator can re-sign obfuscated assemblies but it cannot sign the XAP file after obfuscation. The trick is in executing the MSBuild task Exec calling the SDK tool signtool.exe after the XAP file obfuscation.

<UsingTask TaskName="BabelAssemblyName="Babel.Build, Version=, Culture=neutral, PublicKeyToken=138d17b5bd621ab7"/>

<Target Name="AfterBuild">

      <BabelOutputFile Include="$(TargetDir)BabelOut\$(XapFilename)" />

   <!-- XAP file obfuscation -->
   <Babel InputFile="$(TargetDir)$(XapFilename)"
          KeyFile="Keys.pfxKeyPwd="password" />
   <!-- Sign the XAP using signtool.exe SDK tool -->
   <Exec Command="&quot;$(SignToolPath)\signtool.exe&quot; 
         sign /v /f certificate.pfx /p password &quot;@(BabelOutputFile)&quot;" /> 

Note that &quot; tags inside the Command attribute are used to quote paths inside the executed command definition.

Back to List