justan0th3rstud3nt
/
garble
mirror of https://github.com/burrowers/garble
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
release-v0.12
ci-test
literalRecheck
v0.12.1
v0.12.0
v0.11.0
v0.10.1
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.0
v0.7.2
v0.7.1
v0.7.0
v0.6.0
v0.5.1
v0.5.0
v0.4.0
v0.3.0
v0.2.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '73b77ce6be'
${ noResults }
garble/testdata/script/seed.txtar

187 lines
4.6 KiB
Plaintext
Raw Normal View History Unescape Escape

deprecate using GOPRIVATE in favor of GOGARBLE (#427) Piggybacking off of GOPRIVATE is great for a number of reasons: * People tend to obfuscate private code, whose package paths will generally be in GOPRIVATE already * Its meaning and syntax are well understood * It allows all the flexibility we need without adding our own env var or config option However, using GOPRIVATE directly has one main drawback. It's fairly common to also want to obfuscate public dependencies, to make the code in private packages even harder to follow. However, using "GOPRIVATE=*" will result in two main downsides: * GONOPROXY defaults to GOPRIVATE, so the proxy would be entirely disabled. Downloading modules, such as when adding or updating dependencies, or when the local cache is cold, can be less reliable. * GONOSUMDB defaults to GOPRIVATE, so the sumdb would be entirely disabled. Adding entries to go.sum, such as when adding or updating dependencies, can be less secure. We will continue to consume GOPRIVATE as a fallback, but we now expect users to set GOGARBLE instead. The new logic is documented in the README. While here, rewrite some uses of "private" with "to obfuscate", to make the code easier to follow and harder to misunderstand. Fixes #276.
3 years ago
env GOGARBLE=test/main
testdata: set GOPRIVATE in all but two tests (#104) basic.txt just builds main.go without a module. Similarly, we leave imports.txt without a GOPRIVATE, to test the 'go list -m' fallback. For all other tests, explicitly set GOPRIVATE, to avoid two exec calls - both 'go env GOPRIVATE' as well as 'go list -m'. Each of those calls takes in the order of 10ms, so saving ~26 exec calls should easily add to 200-300ms saved from 'go test -short'.
4 years ago
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
# Note that in this test we use "! bincmp" on plaintext output files,
# as a workaround for "cmp" not supporting "! cmp".
work around a build cache regression in the previous commit The added comment in main.go explains the situation in detail. The added test is a minimization of the scenario, which failed: > cd mod1 > garble -seed=${SEED1} build -v gopkg.in/garbletest.v2 > cd ../mod2 > garble -seed=${SEED1} build -v [stderr] test/main/mod2 # test/main/mod2 cannot load garble export file for gopkg.in/garbletest.v2: open […]/go-build/ed/[…]-garble-ZV[…]-d: no such file or directory To work around the problem, we'll always add each package's GarbleActionID to its build artifact, even when not using -seed. This will get us the previous behavior with regards to the build cache, meaning that we fix the recent regression. The added variable doesn't make it to the final binary either. While here, improve the cached file loading error's context, and add an extra sanity check for duplicates on ListedPackages.
2 years ago
# TODO: now that obfuscation with -seed is deterministic,
# can we just rely on the regular "cmp" with fixed output files?
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
work around a build cache regression in the previous commit The added comment in main.go explains the situation in detail. The added test is a minimization of the scenario, which failed: > cd mod1 > garble -seed=${SEED1} build -v gopkg.in/garbletest.v2 > cd ../mod2 > garble -seed=${SEED1} build -v [stderr] test/main/mod2 # test/main/mod2 cannot load garble export file for gopkg.in/garbletest.v2: open […]/go-build/ed/[…]-garble-ZV[…]-d: no such file or directory To work around the problem, we'll always add each package's GarbleActionID to its build artifact, even when not using -seed. This will get us the previous behavior with regards to the build cache, meaning that we fix the recent regression. The added variable doesn't make it to the final binary either. While here, improve the cached file loading error's context, and add an extra sanity check for duplicates on ListedPackages.
2 years ago
# TODO: consider setting these seeds globally,
# so we can reuse them across tests and make better use of the shared build cache.
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
env SEED1=OQg9kACEECQ
env SEED2=NruiDmVz6/s
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
# Check the binary with a given base64 encoded seed.
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
garble -seed=${SEED1} build
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
exec ./main$exe
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
cmp stderr main.stderr
binsubstr main$exe 'teststring' 'imported var value'
work around a build cache regression in the previous commit The added comment in main.go explains the situation in detail. The added test is a minimization of the scenario, which failed: > cd mod1 > garble -seed=${SEED1} build -v gopkg.in/garbletest.v2 > cd ../mod2 > garble -seed=${SEED1} build -v [stderr] test/main/mod2 # test/main/mod2 cannot load garble export file for gopkg.in/garbletest.v2: open […]/go-build/ed/[…]-garble-ZV[…]-d: no such file or directory To work around the problem, we'll always add each package's GarbleActionID to its build artifact, even when not using -seed. This will get us the previous behavior with regards to the build cache, meaning that we fix the recent regression. The added variable doesn't make it to the final binary either. While here, improve the cached file loading error's context, and add an extra sanity check for duplicates on ListedPackages.
2 years ago
! binsubstr main$exe 'ImportedVar' ${SEED1}
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
[short] stop # the extra checks are relatively expensive
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
exec ./main$exe test/main/imported
cp stderr importedpkg-seed-static-1
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
# Also check that the binary is reproducible.
initial support for build caching (#142) As per the discussion in https://github.com/golang/go/issues/41145, it turns out that we don't need special support for build caching in -toolexec. We can simply modify the behavior of "[...]/compile -V=full" and "[...]/link -V=full" so that they include garble's own version and options in the printed build ID. The part of the build ID that matters is the last, since it's the "content ID" which is used to work out whether there is a need to redo the action (build) or not. Since cmd/go parses the last word in the output as "buildID=...", we simply add "+garble buildID=_/_/_/${hash}". The slashes let us imitate a full binary build ID, but we assume that the other components such as the action ID are not necessary, since the only reader here is cmd/go and it only consumes the content ID. The reported content ID includes the tool's original content ID, garble's own content ID from the built binary, and the garble options which modify how we obfuscate code. If any of the three changes, we should use a different build cache key. GOPRIVATE also affects caching, since a different GOPRIVATE value means that we might have to garble a different set of packages. Include tests, which mainly check that 'garble build -v' prints package lines when we expect to always need to rebuild packages, and that it prints nothing when we should be reusing the build cache even when the built binary is missing. After this change, 'go test' on Go 1.15.2 stabilizes at about 8s on my machine, whereas it used to be at around 25s before.
4 years ago
# No packages should be rebuilt either, thanks to the build cache.
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
cp main$exe main_seed1$exe
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
rm main$exe
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
garble -seed=${SEED1}= build -v
work around a build cache regression in the previous commit The added comment in main.go explains the situation in detail. The added test is a minimization of the scenario, which failed: > cd mod1 > garble -seed=${SEED1} build -v gopkg.in/garbletest.v2 > cd ../mod2 > garble -seed=${SEED1} build -v [stderr] test/main/mod2 # test/main/mod2 cannot load garble export file for gopkg.in/garbletest.v2: open […]/go-build/ed/[…]-garble-ZV[…]-d: no such file or directory To work around the problem, we'll always add each package's GarbleActionID to its build artifact, even when not using -seed. This will get us the previous behavior with regards to the build cache, meaning that we fix the recent regression. The added variable doesn't make it to the final binary either. While here, improve the cached file loading error's context, and add an extra sanity check for duplicates on ListedPackages.
2 years ago
! stderr .
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
bincmp main$exe main_seed1$exe
exec ./main$exe test/main/imported
cmp stderr importedpkg-seed-static-1
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
# Even if we use the same seed, the same names in a different package
# should still be obfuscated in a different way.
exec ./main$exe test/main
cp stderr mainpkg-seed-static-1
! bincmp mainpkg-seed-static-1 importedpkg-seed-static-1
# Using different flags which affect the build, such as -literals or -tiny,
# should result in the same obfuscation as long as the seed is constant.
# TODO: also test that changing non-garble build parameters,
# such as GOARCH or -tags, still results in the same hashing via the seed.
garble -seed=${SEED1} -literals build
exec ./main$exe test/main/imported
cmp stderr importedpkg-seed-static-1
garble -seed=${SEED1} -tiny build
exec ./main$exe test/main/imported
cmp stderr importedpkg-seed-static-1
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
initial support for build caching (#142) As per the discussion in https://github.com/golang/go/issues/41145, it turns out that we don't need special support for build caching in -toolexec. We can simply modify the behavior of "[...]/compile -V=full" and "[...]/link -V=full" so that they include garble's own version and options in the printed build ID. The part of the build ID that matters is the last, since it's the "content ID" which is used to work out whether there is a need to redo the action (build) or not. Since cmd/go parses the last word in the output as "buildID=...", we simply add "+garble buildID=_/_/_/${hash}". The slashes let us imitate a full binary build ID, but we assume that the other components such as the action ID are not necessary, since the only reader here is cmd/go and it only consumes the content ID. The reported content ID includes the tool's original content ID, garble's own content ID from the built binary, and the garble options which modify how we obfuscate code. If any of the three changes, we should use a different build cache key. GOPRIVATE also affects caching, since a different GOPRIVATE value means that we might have to garble a different set of packages. Include tests, which mainly check that 'garble build -v' prints package lines when we expect to always need to rebuild packages, and that it prints nothing when we should be reusing the build cache even when the built binary is missing. After this change, 'go test' on Go 1.15.2 stabilizes at about 8s on my machine, whereas it used to be at around 25s before.
4 years ago
# Also check that a different seed leads to a different binary.
# We can't know if caching happens here, because of previous test runs.
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
cp main$exe main_seed2$exe
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
rm main$exe
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
garble -seed=${SEED2} build
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
! bincmp main$exe main_seed2$exe
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
exec ./main$exe test/main/imported
cp stderr importedpkg-seed-static-2
! bincmp importedpkg-seed-static-2 importedpkg-seed-static-1
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
initial support for build caching (#142) As per the discussion in https://github.com/golang/go/issues/41145, it turns out that we don't need special support for build caching in -toolexec. We can simply modify the behavior of "[...]/compile -V=full" and "[...]/link -V=full" so that they include garble's own version and options in the printed build ID. The part of the build ID that matters is the last, since it's the "content ID" which is used to work out whether there is a need to redo the action (build) or not. Since cmd/go parses the last word in the output as "buildID=...", we simply add "+garble buildID=_/_/_/${hash}". The slashes let us imitate a full binary build ID, but we assume that the other components such as the action ID are not necessary, since the only reader here is cmd/go and it only consumes the content ID. The reported content ID includes the tool's original content ID, garble's own content ID from the built binary, and the garble options which modify how we obfuscate code. If any of the three changes, we should use a different build cache key. GOPRIVATE also affects caching, since a different GOPRIVATE value means that we might have to garble a different set of packages. Include tests, which mainly check that 'garble build -v' prints package lines when we expect to always need to rebuild packages, and that it prints nothing when we should be reusing the build cache even when the built binary is missing. After this change, 'go test' on Go 1.15.2 stabilizes at about 8s on my machine, whereas it used to be at around 25s before.
4 years ago
# Use a random seed, which should always trigger a full build.
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
garble -seed=random build -v
stderr -count=1 '^runtime$'
stderr -count=1 '^test/main$'
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
exec ./main$exe
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
cmp stderr main.stderr
binsubstr main$exe 'teststring' 'imported var value'
! binsubstr main$exe 'ImportedVar'
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
exec ./main$exe test/main/imported
cp stderr importedpkg-seed-random-1
! bincmp importedpkg-seed-random-1 importedpkg-seed-static-1
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
# Also check that the random binary is not reproducible.
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
cp main$exe main_random$exe
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
rm main$exe
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
garble -seed=random build -v
initial support for build caching (#142) As per the discussion in https://github.com/golang/go/issues/41145, it turns out that we don't need special support for build caching in -toolexec. We can simply modify the behavior of "[...]/compile -V=full" and "[...]/link -V=full" so that they include garble's own version and options in the printed build ID. The part of the build ID that matters is the last, since it's the "content ID" which is used to work out whether there is a need to redo the action (build) or not. Since cmd/go parses the last word in the output as "buildID=...", we simply add "+garble buildID=_/_/_/${hash}". The slashes let us imitate a full binary build ID, but we assume that the other components such as the action ID are not necessary, since the only reader here is cmd/go and it only consumes the content ID. The reported content ID includes the tool's original content ID, garble's own content ID from the built binary, and the garble options which modify how we obfuscate code. If any of the three changes, we should use a different build cache key. GOPRIVATE also affects caching, since a different GOPRIVATE value means that we might have to garble a different set of packages. Include tests, which mainly check that 'garble build -v' prints package lines when we expect to always need to rebuild packages, and that it prints nothing when we should be reusing the build cache even when the built binary is missing. After this change, 'go test' on Go 1.15.2 stabilizes at about 8s on my machine, whereas it used to be at around 25s before.
4 years ago
stderr .
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
! bincmp main$exe main_random$exe
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
exec ./main$exe test/main/imported
cp stderr importedpkg-seed-random-2
! bincmp importedpkg-seed-random-2 importedpkg-seed-random-1
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
# Finally, ensure that our runtime and reflect test code does what we think.
go build
exec ./main$exe
cmp stderr main.stderr
exec ./main$exe test/main
cmp stderr mainpkg.stderr
exec ./main$exe test/main/imported
cmp stderr importedpkg.stderr
make -seed=random use the same random seed for all packages Otherwise, a different random seed per package will break imported names.
4 years ago
-- go.mod --
module test/main
testdata: don't let tests rely on rewriting mod files In Go 1.15, if a dependency is required but not listed in go.mod/go.sum, it's resolved and added automatically. This is changing in 1.16. From that release, one will have to explicitly update the mod files via 'go mod tidy' or 'go get'. To get ahead of the curve, start using -mod=readonly to get the same behavior in 1.15, and fix all existing tests. The only tests that failed were imports.txt and syntax.txt, the only ones to require other modules. But since we're here, let's add the 'go' line to all go.mod files as well.
4 years ago
drop support for Go 1.18.x With Go 1.19 having been out for two months, and Go 1.20's first beta coming out in two months, it is now time to move forward again.
2 years ago
go 1.19
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
-- main.go --
package main
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
import (
"os"
"test/main/imported"
)
make -seed=random use the same random seed for all packages Otherwise, a different random seed per package will break imported names.
4 years ago
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
var teststringVar = "teststring"
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
func main() { mainFunc() }
func mainFunc() {
if len(os.Args) > 1 {
switch os.Args[1] {
case "test/main":
imported.PrintNames(NamedTypeValue, NamedFunc)
case "test/main/imported":
imported.PrintNames(imported.NamedType{}, imported.NamedFunc)
default:
panic("unknown package")
}
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
} else {
println(teststringVar)
println(imported.ImportedVar)
}
}
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
// A workaround to fool garble's reflect detection,
// because we want it to show us the obfuscated NamedType.
all: drop support for Go 1.17 Now that we've released v0.6.0, that will be the last feature release to feature support for Go 1.17. The upcoming v0.7.0 will be Go 1.18+. Code-wise, the cleanup here isn't super noticeable, but it will be easier to work on features like VCS-aware version information and generics support without worrying about Go 1.17. Plus, now CI is back to being much faster. Note how "go 1.18" in go.mod makes "go mod tidy" more aggressive.
2 years ago
var NamedTypeValue any = NamedType{}
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
type NamedType struct {
NamedField int
}
func NamedFunc() string {
return imported.CallerFuncName()
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
}
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
make -seed=random use the same random seed for all packages Otherwise, a different random seed per package will break imported names.
4 years ago
-- imported/imported.go --
package imported
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
import (
"reflect"
"runtime"
)
make -seed=random use the same random seed for all packages Otherwise, a different random seed per package will break imported names.
4 years ago
var ImportedVar = "imported var value"
add seed flag to control how builds are reproducible Fixes #26.
4 years ago
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
type NamedType struct {
NamedField int
}
func NamedFunc() string {
return CallerFuncName()
}
all: drop support for Go 1.17 Now that we've released v0.6.0, that will be the last feature release to feature support for Go 1.17. The upcoming v0.7.0 will be Go 1.18+. Code-wise, the cleanup here isn't super noticeable, but it will be easier to work on features like VCS-aware version information and generics support without worrying about Go 1.17. Plus, now CI is back to being much faster. Note how "go 1.18" in go.mod makes "go mod tidy" more aggressive.
2 years ago
func PrintNames(v any, fn func() string) {
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
typ := reflect.TypeOf(v)
println("path:", typ.PkgPath())
println("type:", typ.Name())
println("field:", typ.Field(0).Name)
println("func: ", fn())
}
func CallerFuncName() string {
pc, _, _, _ := runtime.Caller(1)
fn := runtime.FuncForPC(pc)
return fn.Name()
}
make flags like -literals and GOPRIVATE affect hashing (#288) In 6898d61637, we switched from using action IDs from "go list -toolexec=garble" to those from the original "go list". We still wanted the obfuscation and hashing to change if the version of garble changes, so we hashed that "original action ID" with garble's own content ID, and called the new hash "garble action ID". While working on a different patch, I noticed something weird: with the new mechanism, adding or removing flags like -literals did not alter those hashes, unlike the old method. This is because the old method used ownContentID, which includes such bits of information, but the new method does not. Change that, and add a test that locks in the behavior we want. In seed.txt, we check that a single function name gets hashed in particular ways in different scenarios. Note that we use a mix of "cmp" and "! bincmp", since the former has no negated form. While at it, the seed.txt test is revamped a bit. Now, we only run with -literals once, as this test is mainly about -seed. We also declare seed strings once, as environment variables, which makes it easier to track what each step is doing.
3 years ago
-- main.stderr --
make -seed=random use the same random seed for all packages Otherwise, a different random seed per package will break imported names.
4 years ago
teststring
various minor cleanups and fixes (#99) Error strings should never be capitalized. A binsubstr line in one of the tests was duplicate and thus useless. Remove duplicate or trailing spaces in test scripts. Finally, add a TODO for an optimization I just spotted.
4 years ago
imported var value
make obfuscation fully deterministic with -seed The default behavior of garble is to seed via the build inputs, including the build IDs of the entire Go build of each package. This works well as a default, and does give us determinism, but it means that building for different platforms will result in different obfuscation per platform. Instead, when -seed is provided, don't use any other hash seed or salt. This means that a particular Go name will be obfuscated the same way as long as the seed, package path, and name itself remain constant. In other words, when the user supplies a custom -seed, we assume they know what they're doing in terms of storage and rotation. Expand the README docs with more examples and detail. Fixes #449.
2 years ago
-- mainpkg.stderr --
path: main
type: NamedType
field: NamedField
func: main.NamedFunc
-- importedpkg.stderr --
path: test/main/imported
type: NamedType
field: NamedField
func: test/main/imported.NamedFunc