Prevent automated plaintext extraction of literals with current tools (#930)

Some programs which could automatically reverse string literals obfuscated with `-literals` exist. They currently work by emulating the string literal decryption functions we insert. We prevent this naive emulation from succeeding by making the decryption functions dependent on global state. This can still be broken with enough effort, we are curious which approach reverse-engineers come up with next, we certainly still have some ideas to make this harder. Fixes #926 --------- Co-authored-by: Paul Scheduikat <lu4p@pm.me>
2026-04-22 23:57:14 +08:00 · 2025-06-03 02:37:51 +02:00
parent be4462bc23
commit d47e0761eb
13 changed files with 635 additions and 82 deletions
@@ -53,6 +53,9 @@ grep '^(\s+)?\w+ = .*\bappend\(\w+,(\s+\w+\[\d+\^\s.+\][\^\-+]\w+\[\d+\^\s.+\],?
 # XorSeed obfuscator. Detect type decFunc func(byte) decFunc
 grep '^\s+type \w+ func\(byte\) \w+$' debug1/test/main/extra_literals.go

+# Check external keys
+grep 'garbleExternalKey' debug1/test/main/extra_literals.go
+
 # Finally, sanity check that we can build all of std with -literals.
 # Analogous to gogarble.txt.
 exec garble -literals build std