garble/internal/literals/obfuscators.go

// Copyright (c) 2020, The Garble Authors.
// See LICENSE for licensing information.

package literals

import (
	"fmt"
	"go/ast"
	"go/token"
	mathrand "math/rand"
)

// obfuscator takes a byte slice and converts it to a ast.BlockStmt
type obfuscator interface {
	obfuscate(obfRand *mathrand.Rand, data []byte) *ast.BlockStmt
}

// obfuscators contains all types which implement the obfuscator Interface
var obfuscators = []obfuscator{
	simple{},
	swap{},
	split{},
	shuffle{},
	// seed{}, TODO: re-enable once https://go.dev/issue/47631 is fixed in Go 1.20
}

func genRandIntSlice(obfRand *mathrand.Rand, max, count int) []int {
	indexes := make([]int, count)
	for i := 0; i < count; i++ {
		indexes[i] = obfRand.Intn(max)
	}
	return indexes
}

func randOperator(obfRand *mathrand.Rand) token.Token {
	operatorTokens := [...]token.Token{token.XOR, token.ADD, token.SUB}
	return operatorTokens[obfRand.Intn(len(operatorTokens))]
}

func evalOperator(t token.Token, x, y byte) byte {
	switch t {
	case token.XOR:
		return x ^ y
	case token.ADD:
		return x + y
	case token.SUB:
		return x - y
	default:
		panic(fmt.Sprintf("unknown operator: %s", t))
	}
}

func operatorToReversedBinaryExpr(t token.Token, x, y ast.Expr) *ast.BinaryExpr {
	expr := &ast.BinaryExpr{X: x, Y: y}

	switch t {
	case token.XOR:
		expr.Op = token.XOR
	case token.ADD:
		expr.Op = token.SUB
	case token.SUB:
		expr.Op = token.ADD
	default:
		panic(fmt.Sprintf("unknown operator: %s", t))
	}

	return expr
}
set up an AUTHORS file to attribute copyright Many files were missing copyright, so also add a short script to add the missing lines with the current year, and run it. The AUTHORS file is also self-explanatory. Contributors can add themselves there, or we can simply update it from time to time via git-shortlog. Since we have two scripts now, set up a directory for them. 5 years ago			`// Copyright (c) 2020, The Garble Authors.`
			`// See LICENSE for licensing information.`

Use XOR instead of AES for literal obfuscation. Implement a literal obfuscator interface, to allow the easy addition of new encodings. Add literal obfuscation for byte literals. Choose a random obfuscator on literal obfuscation, useful when multiple obfuscators are implemented. Fixes #62 5 years ago			`package literals`

			`import (`
			`"fmt"`
			`"go/ast"`
Randomize operator (xor, add, subtract) on all obfuscators (#90) Co-authored-by: lu4p <lu4p@pm.me> 5 years ago			`"go/token"`
Use XOR instead of AES for literal obfuscation. Implement a literal obfuscator interface, to allow the easy addition of new encodings. Add literal obfuscation for byte literals. Choose a random obfuscator on literal obfuscation, useful when multiple obfuscators are implemented. Fixes #62 5 years ago			`mathrand "math/rand"`
			`)`

			`// obfuscator takes a byte slice and converts it to a ast.BlockStmt`
			`type obfuscator interface {`
avoid using math/rand's global funcs like Seed and Intn Go 1.20 is starting to deprecate the use of math/rand's global state, per https://go.dev/issue/56319 and https://go.dev/issue/20661. The reasoning is sound: Deprecated: Programs that call Seed and then expect a specific sequence of results from the global random source (using functions such as Int) can be broken when a dependency changes how much it consumes from the global random source. To avoid such breakages, programs that need a specific result sequence should use NewRand(NewSource(seed)) to obtain a random generator that other packages cannot access. Aside from the tests, we used math/rand only for obfuscating literals, which caused a deterministic series of calls like Intn. Our call to Seed was also deterministic, per either GarbleActionID or the -seed flag. However, our determinism was fragile. If any of our dependencies or other packages made any calls to math/rand's global funcs, then our determinism could be broken entirely, and it's hard to notice. Start using separate math/rand.Rand objects for each use case. Also make uses of crypto/rand use "cryptorand" for consistency. Note that this requires a bit of a refactor in internal/literals to start passing around Rand objects. We also do away with unnecessary short funcs, especially since math/rand's Read never errors, and we can obtain a byte via math/rand's Uint32. 3 years ago			`obfuscate(obfRand mathrand.Rand, data []byte) ast.BlockStmt`
Use XOR instead of AES for literal obfuscation. Implement a literal obfuscator interface, to allow the easy addition of new encodings. Add literal obfuscation for byte literals. Choose a random obfuscator on literal obfuscation, useful when multiple obfuscators are implemented. Fixes #62 5 years ago			`}`

prepare for v0.5.0 While here, add a TODO I forgot about, and run gofumpt. Also bump all test timeouts slightly, as the Mac and Windows hosted runners are a bit slow and I've hit failures twice recently. 4 years ago			`// obfuscators contains all types which implement the obfuscator Interface`
			`var obfuscators = []obfuscator{`
			`simple{},`
			`swap{},`
			`split{},`
			`shuffle{},`
update the state of a few TODOs related to upstream Go The generics issue has been fixed for the upcoming Go 1.20. Include that version as a reminder for when we can drop Go 1.19. The fs.SkipAll proposal is also implemented for Go 1.20. The BinaryContentID comment was a little bit trickier. We did get stamped VCS information some time ago, but it only provides us with the current commit info and a dirty bit. That is not enough for our use of the build cache, because we want any uncommitted changes to garble to cause rebuilds. I don't think we'll get any better than using garble's own build ID. Reword the quasi-TODO to instead explain what we're doing and why. 3 years ago			`// seed{}, TODO: re-enable once https://go.dev/issue/47631 is fixed in Go 1.20`
prepare for v0.5.0 While here, add a TODO I forgot about, and run gofumpt. Also bump all test timeouts slightly, as the Mac and Windows hosted runners are a bit slow and I've hit failures twice recently. 4 years ago			`}`
Use XOR instead of AES for literal obfuscation. Implement a literal obfuscator interface, to allow the easy addition of new encodings. Add literal obfuscation for byte literals. Choose a random obfuscator on literal obfuscation, useful when multiple obfuscators are implemented. Fixes #62 5 years ago
avoid using math/rand's global funcs like Seed and Intn Go 1.20 is starting to deprecate the use of math/rand's global state, per https://go.dev/issue/56319 and https://go.dev/issue/20661. The reasoning is sound: Deprecated: Programs that call Seed and then expect a specific sequence of results from the global random source (using functions such as Int) can be broken when a dependency changes how much it consumes from the global random source. To avoid such breakages, programs that need a specific result sequence should use NewRand(NewSource(seed)) to obtain a random generator that other packages cannot access. Aside from the tests, we used math/rand only for obfuscating literals, which caused a deterministic series of calls like Intn. Our call to Seed was also deterministic, per either GarbleActionID or the -seed flag. However, our determinism was fragile. If any of our dependencies or other packages made any calls to math/rand's global funcs, then our determinism could be broken entirely, and it's hard to notice. Start using separate math/rand.Rand objects for each use case. Also make uses of crypto/rand use "cryptorand" for consistency. Note that this requires a bit of a refactor in internal/literals to start passing around Rand objects. We also do away with unnecessary short funcs, especially since math/rand's Read never errors, and we can obtain a byte via math/rand's Uint32. 3 years ago			`func genRandIntSlice(obfRand *mathrand.Rand, max, count int) []int {`
Add new obfuscators for literals - swap (#74) Implement swap obfuscator 5 years ago			`indexes := make([]int, count)`
			`for i := 0; i < count; i++ {`
avoid using math/rand's global funcs like Seed and Intn Go 1.20 is starting to deprecate the use of math/rand's global state, per https://go.dev/issue/56319 and https://go.dev/issue/20661. The reasoning is sound: Deprecated: Programs that call Seed and then expect a specific sequence of results from the global random source (using functions such as Int) can be broken when a dependency changes how much it consumes from the global random source. To avoid such breakages, programs that need a specific result sequence should use NewRand(NewSource(seed)) to obtain a random generator that other packages cannot access. Aside from the tests, we used math/rand only for obfuscating literals, which caused a deterministic series of calls like Intn. Our call to Seed was also deterministic, per either GarbleActionID or the -seed flag. However, our determinism was fragile. If any of our dependencies or other packages made any calls to math/rand's global funcs, then our determinism could be broken entirely, and it's hard to notice. Start using separate math/rand.Rand objects for each use case. Also make uses of crypto/rand use "cryptorand" for consistency. Note that this requires a bit of a refactor in internal/literals to start passing around Rand objects. We also do away with unnecessary short funcs, especially since math/rand's Read never errors, and we can obtain a byte via math/rand's Uint32. 3 years ago			`indexes[i] = obfRand.Intn(max)`
Add new obfuscators for literals - swap (#74) Implement swap obfuscator 5 years ago			`}`
			`return indexes`
			`}`
Randomize operator (xor, add, subtract) on all obfuscators (#90) Co-authored-by: lu4p <lu4p@pm.me> 5 years ago
avoid using math/rand's global funcs like Seed and Intn Go 1.20 is starting to deprecate the use of math/rand's global state, per https://go.dev/issue/56319 and https://go.dev/issue/20661. The reasoning is sound: Deprecated: Programs that call Seed and then expect a specific sequence of results from the global random source (using functions such as Int) can be broken when a dependency changes how much it consumes from the global random source. To avoid such breakages, programs that need a specific result sequence should use NewRand(NewSource(seed)) to obtain a random generator that other packages cannot access. Aside from the tests, we used math/rand only for obfuscating literals, which caused a deterministic series of calls like Intn. Our call to Seed was also deterministic, per either GarbleActionID or the -seed flag. However, our determinism was fragile. If any of our dependencies or other packages made any calls to math/rand's global funcs, then our determinism could be broken entirely, and it's hard to notice. Start using separate math/rand.Rand objects for each use case. Also make uses of crypto/rand use "cryptorand" for consistency. Note that this requires a bit of a refactor in internal/literals to start passing around Rand objects. We also do away with unnecessary short funcs, especially since math/rand's Read never errors, and we can obtain a byte via math/rand's Uint32. 3 years ago			`func randOperator(obfRand *mathrand.Rand) token.Token {`
Randomize operator (xor, add, subtract) on all obfuscators (#90) Co-authored-by: lu4p <lu4p@pm.me> 5 years ago			`operatorTokens := [...]token.Token{token.XOR, token.ADD, token.SUB}`
avoid using math/rand's global funcs like Seed and Intn Go 1.20 is starting to deprecate the use of math/rand's global state, per https://go.dev/issue/56319 and https://go.dev/issue/20661. The reasoning is sound: Deprecated: Programs that call Seed and then expect a specific sequence of results from the global random source (using functions such as Int) can be broken when a dependency changes how much it consumes from the global random source. To avoid such breakages, programs that need a specific result sequence should use NewRand(NewSource(seed)) to obtain a random generator that other packages cannot access. Aside from the tests, we used math/rand only for obfuscating literals, which caused a deterministic series of calls like Intn. Our call to Seed was also deterministic, per either GarbleActionID or the -seed flag. However, our determinism was fragile. If any of our dependencies or other packages made any calls to math/rand's global funcs, then our determinism could be broken entirely, and it's hard to notice. Start using separate math/rand.Rand objects for each use case. Also make uses of crypto/rand use "cryptorand" for consistency. Note that this requires a bit of a refactor in internal/literals to start passing around Rand objects. We also do away with unnecessary short funcs, especially since math/rand's Read never errors, and we can obtain a byte via math/rand's Uint32. 3 years ago			`return operatorTokens[obfRand.Intn(len(operatorTokens))]`
Randomize operator (xor, add, subtract) on all obfuscators (#90) Co-authored-by: lu4p <lu4p@pm.me> 5 years ago			`}`

			`func evalOperator(t token.Token, x, y byte) byte {`
			`switch t {`
			`case token.XOR:`
			`return x ^ y`
			`case token.ADD:`
			`return x + y`
			`case token.SUB:`
			`return x - y`
			`default:`
			`panic(fmt.Sprintf("unknown operator: %s", t))`
			`}`
			`}`

			`func operatorToReversedBinaryExpr(t token.Token, x, y ast.Expr) *ast.BinaryExpr {`
			`expr := &ast.BinaryExpr{X: x, Y: y}`

			`switch t {`
			`case token.XOR:`
			`expr.Op = token.XOR`
			`case token.ADD:`
			`expr.Op = token.SUB`
			`case token.SUB:`
			`expr.Op = token.ADD`
			`default:`
			`panic(fmt.Sprintf("unknown operator: %s", t))`
			`}`

			`return expr`
			`}`