e33179d480
Unexported names are a bit tricky, since they are not listed in the export data file. Perhaps unsurprisingly, it's only meant to expose exported objects. One option would be to go back to adding an extra header to the export data file, containing the unexported methods in a map[string]T or []string. However, we have an easier route: just parse the Go files and look up the names directly. This does mean that we parse the Go files every time "reverse" runs, even if the build cache is warm, but that should not be an issue. Parsing Go files without any typechecking is very cheap compared to everything else we do. Plus, we save having to load go/types information from the build cache, or having to load extra headers from export files. It should be noted that the obfuscation process does need type information, mainly to be careful about which names can be obfuscated and how they should be obfuscated. Neither is a worry here; all names belong to a single package, and it doesn't matter if some aren't actually obfuscated, since the string replacements would simply never trigger in practice. The test includes an unexported func, to test the new feature. We also start reversing the obfuscation of import paths. Now, the test's reverse output is as follows: goroutine 1 [running]: runtime/debug.Stack(0x??, 0x??, 0x??) runtime/debug/stack.go:24 +0x?? test/main/lib.ExportedLibFunc(0x??, 0x??, 0x??, 0x??) p.go:6 +0x?? main.unexportedMainFunc(...) C.go:2 main.main() z.go:3 +0x?? The only major missing feature is positions and filenames. A follow-up PR will take care of those. Updates #5. |
4 years ago | |
|---|---|---|
| .github | 5 years ago | |
| internal | 4 years ago | |
| scripts | 4 years ago | |
| testdata | 4 years ago | |
| .gitattributes | 5 years ago | |
| .gitignore | 5 years ago | |
| AUTHORS | 5 years ago | |
| CONTRIBUTING.md | 4 years ago | |
| LICENSE | 5 years ago | |
| README.md | 4 years ago | |
| bench_test.go | 4 years ago | |
| go.mod | 4 years ago | |
| go.sum | 4 years ago | |
| hash.go | 4 years ago | |
| import_obfuscation.go | 4 years ago | |
| line_obfuscator.go | 4 years ago | |
| main.go | 4 years ago | |
| main_test.go | 4 years ago | |
| reverse.go | 4 years ago | |
| runtime_strip.go | 4 years ago | |
| shared.go | 4 years ago | |
README.md
garble
GO111MODULE=on go get mvdan.cc/garble
Obfuscate Go code by wrapping the Go toolchain. Requires Go 1.15.x; note that support for Go 1.16 is a work in progress.
garble build [build flags] [packages]
See garble -h for up to date usage information.
Purpose
Produce a binary that works as well as a regular build, but that has as little information about the original source code as possible.
The tool is designed to be:
- Coupled with
cmd/go, to support modules and build caching - Deterministic and reproducible, given the same initial source code
- Reversible given the original source, to deobfuscate panic stack traces
Mechanism
The tool wraps calls to the Go compiler and linker to transform the Go build, in order to:
- Replace as many useful identifiers as possible with short base64 hashes
- Replace package paths with short base64 hashes
- Remove all build and module information
- Strip filenames and shuffle position information
- Strip debugging information and symbol tables
- Obfuscate literals, if the
-literalsflag is given - Remove extra information if the
-tinyflag is given
Options
By default, the tool obfuscates the packages under the current module. If not
running in module mode, then only the main package is obfuscated. To specify
what packages to obfuscate, set GOPRIVATE, documented at go help module-private.
Note that commands like garble build will use the go version found in your
$PATH. To use different versions of Go, you can
install them
and set up $PATH with them. For example, for Go 1.15.8:
$ go get golang.org/dl/go1.15.8
$ go1.15.8 download
$ PATH=$(go1.15.8 env GOROOT)/bin:${PATH} garble build
You can also declare a function to make multiple uses simpler:
$ withgo() {
local gocmd=go${1}
shift
PATH=$(${gocmd} env GOROOT)/bin:${PATH} "$@"
}
$ withgo 1.15.8 garble build
Caveats
Most of these can improve with time and effort. The purpose of this section is to document the current shortcomings of this tool.
-
Exported methods are never obfuscated at the moment, since they could be required by interfaces and reflection. This area is a work in progress.
-
Functions implemented outside Go, such as assembly, aren't obfuscated since we currently only transform the input Go source.
-
Go plugins are not currently supported; see #87.
-
There are cases where garble is a little too agressive with obfuscation, this may lead to identifiers getting obfuscated which are needed for reflection, e.g. to parse JSON into a struct; see #162. To work around this you can pass a hint to garble, that an type is used for reflection via passing it to
reflect.TypeOforreflect.ValueOfin the same file:// this is used for parsing json type Message struct { Command string Args string } // never obfuscate the Message type var _ = reflect.TypeOf(Message{})
Tiny Mode
When the -tiny flag is passed, extra information is stripped from the resulting
Go binary. This includes line numbers, filenames, and code in the runtime the
prints panics, fatal errors, and trace/debug info. All in all this can make binaries
6-10% smaller in our testing.
Note: if -tiny is passed, no panics, fatal errors will ever be printed, but they can
still be handled internally with recover as normal. In addition, the GODEBUG
environmental variable will be ignored.
Contributing
We actively seek new contributors, if you would like to contribute to garble use the CONTRIBUTING.md as a starting point.