justan0th3rstud3nt
/
garble
mirror of https://github.com/burrowers/garble
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity
Forked from: github.com/burrowers/garble
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
211 Commits
4 Branches
20 Tags
8.3 MiB
Go 98.1%
Shell 1.8%
AMPL 0.1%
 
 
 
master
release-v0.12
ci-test
literalRecheck
v0.12.1
v0.12.0
v0.11.0
v0.10.1
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.0
v0.7.2
v0.7.1
v0.7.0
v0.6.0
v0.5.1
v0.5.0
v0.4.0
v0.3.0
v0.2.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '79c775e218'
${ noResults }
Go to file
Daniel Martí 79c775e218
obfuscate unexported names like exported ones (#227) 
In 90fa325da7, the obfuscation logic was changed to use hashes for
exported names, but incremental names starting at just one letter for
unexported names. Presumably, this was done for the sake of binary size.

I argue that this is not a good idea for the default mode for a number
of reasons:

1) It makes reversing of stack traces nearly impossible for unexported
   names, since replacing an obfuscated name "c" with "originalName"
   would trigger too many false positives by matching single characters.

2) Exported and unexported names aren't different. We need to know how
   names were obfuscated at a later time in both cases, thanks to use
   cases like -ldflags=-X. Using short names for one but not the other
   doesn't make a lot of sense, and makes the logic inconsistent.

3) Shaving off three bytes for unexported names doesn't seem like a huge
   deal for the default mode, when we already have -tiny to optimize for
   size.

This saves us a bit of work, but most importantly, simplifies the
obfuscation state as we no longer need to carry privateNameMap between
the compile and link stages.

	name     old time/op       new time/op       delta
	Build-8        153ms ± 2%        150ms ± 2%    ~     (p=0.065 n=6+6)

	name     old bin-B         new bin-B         delta
	Build-8        7.09M ± 0%        7.08M ± 0%  -0.24%  (p=0.002 n=6+6)

	name     old sys-time/op   new sys-time/op   delta
	Build-8        296ms ± 5%        277ms ± 6%  -6.50%  (p=0.026 n=6+6)

	name     old user-time/op  new user-time/op  delta
	Build-8        562ms ± 1%        558ms ± 3%    ~     (p=0.329 n=5+6)

Note that I do not oppose using short names for both exported and
unexported names in the future for -tiny, since reversing of stack
traces will by design not work there. The code can be resurrected from
the git history if we want to improve -tiny that way in the future, as
we'd need to store state in header files again.

Another major cleanup we can do here is to no longer use the
garbledImports map. From a look at obfuscateImports, we hash a package's
import path with its action ID, much like exported names, so we can
simply re-do that hashing for the linker's -X flag.

garbledImports does have some logic to handle duplicate package names,
but it's worth noting that should not affect package paths, as they are
always unique. That area of code could probably do with some
simplification in the future, too.

While at it, make hashWith panic if either parameter is empty.
obfuscateImports was hashing the main package path without a salt due to
a bug, so we want to catch those in the future.

Finally, make some tiny spacing and typo tweaks to the README.
 		3 years ago
.github CI: comment out test-gotip for now (#157) 4 years ago
internal if the seed is random and the build fails, print the seed (#213) 3 years ago
scripts obfuscate fewer std packages (#196) 4 years ago
testdata obfuscate unexported names like exported ones (#227) 3 years ago
.gitattributes start testing on GitHub Actions 5 years ago
.gitignore skip literals used in constant expressions 4 years ago
AUTHORS set up an AUTHORS file to attribute copyright 4 years ago
CONTRIBUTING.md CONTRIBUTING: include some basic terminology (#188) 4 years ago
LICENSE set up an AUTHORS file to attribute copyright 4 years ago
README.md obfuscate unexported names like exported ones (#227) 3 years ago
bench_test.go obfuscate unexported names like exported ones (#227) 3 years ago
go.mod make -coverprofile include toolexec processes (#216) 3 years ago
go.sum make -coverprofile include toolexec processes (#216) 3 years ago
hash.go obfuscate unexported names like exported ones (#227) 3 years ago
import_obfuscation.go obfuscate unexported names like exported ones (#227) 3 years ago
line_obfuscator.go initial support for reversing panic output (#225) 3 years ago
main.go obfuscate unexported names like exported ones (#227) 3 years ago
main_test.go remove unused test cmds (#226) 3 years ago
reverse.go initial support for reversing panic output (#225) 3 years ago
runtime_strip.go Replaced asthelper.Ident with ast.NewIdent 4 years ago
shared.go initial support for reversing panic output (#225) 3 years ago

README.md

garble

GO111MODULE=on go get mvdan.cc/garble

Obfuscate Go code by wrapping the Go toolchain. Requires Go 1.15 or later, since Go 1.14 uses an entirely different object format.

garble build [build flags] [packages]

See garble -h for up to date usage information.

Purpose

Produce a binary that works as well as a regular build, but that has as little information about the original source code as possible.

The tool is designed to be:

  • Coupled with cmd/go, to support modules and build caching
  • Deterministic and reproducible, given the same initial source code
  • Reversible given the original source, to un-garble panic stack traces

Mechanism

The tool wraps calls to the Go compiler and linker to transform the Go build, in order to:

  • Replace as many useful identifiers as possible with short base64 hashes
  • Replace package paths with short base64 hashes
  • Remove all build and module information
  • Strip filenames and shuffle position information
  • Strip debugging information and symbol tables
  • Obfuscate literals, if the -literals flag is given
  • Remove extra information if the -tiny flag is given

Options

By default, the tool garbles the packages under the current module. If not running in module mode, then only the main package is garbled. To specify what packages to garble, set GOPRIVATE, documented at go help module-private.

Caveats

Most of these can improve with time and effort. The purpose of this section is to document the current shortcomings of this tool.

  • Exported methods are never garbled at the moment, since they could be required by interfaces and reflection. This area is a work in progress.

  • Functions implemented outside Go, such as assembly, aren't garbled since we currently only transform the input Go source.

  • Go plugins are not currently supported; see #87.

  • There are cases where garble is a little too agressive with obfuscation, this may lead to identifiers getting obfuscated which are needed for reflection, e.g. to parse JSON into a struct; see #162. To work around this you can pass a hint to garble, that an type is used for reflection via passing it to reflect.TypeOf or reflect.ValueOf in the same file:

    // this is used for parsing json
type Message struct {
    Command string
    Args    string
}

// never obfuscate the Message type
var _ = reflect.TypeOf(Message{})

Tiny Mode

When the -tiny flag is passed, extra information is stripped from the resulting Go binary. This includes line numbers, filenames, and code in the runtime the prints panics, fatal errors, and trace/debug info. All in all this can make binaries 6-10% smaller in our testing.

Note: if -tiny is passed, no panics, fatal errors will ever be printed, but they can still be handled internally with recover as normal. In addition, the GODEBUG environmental variable will be ignored.

Contributing

We actively seek new contributors, if you would like to contribute to garble use the CONTRIBUTING.md as a starting point.