aboutsummaryrefslogtreecommitdiffstats

obfuscator

obfuscator is a C/C++ source-code obfuscation tool.
obfuscator can use SHAKE128 and SHAKE256 to generate hash digests.

Status

You can find a list of the implemented features and the ones that will be implemented below.
If you have suggestions or recommendations for features to add, please make an issue with the obfuscator label.
When an alpha version is ready, obfuscator will get its own mirror repo.

CLI options

In addition to the clang options,obfuscator defines some custom CLI options:
* --shake: the accepted values are 128 and 256 for SHAKE128 and SHAKE256 respectively.
* --shake_len: the length of the hash value in bytes. see NOTES for some explanation.

Implemented Features

  • Identifier Obfuscation: Swaps the name of all identifiers with their hash.
  • Comment Deletion: Deletes all comments.
  • SHAKE: you can choose to use SHAKE128 or SHAKE256 as the hashing function.

Future Features

  • Obfuscation Exclusion List: obfuscator will accept a list of idenftifiers and their namespace and will not obfuscate those. This feature is added so the user can refrain from obfuscating the standard library.
  • Support directory-wide and multiple files as input.

Running the Test

running run.sh should do the trick. Do note that you need to regenerate the compilation database for the test under the test directory to work. You could use bear. If you already have bear, just run make clean && bear make.

Notes

Just some points to keep in mind while using obfuscator:
* If you choose to use SHAKE as the hashing algorithm, you have the flexibility of getting a variable-length digest. Just bear in mind that the value provided by -shake_len is the number of bytes in the hash itself. The stringified digest will be twice that length plus, file names have FILE attached to their begenning and any other identifier in the source code will have ID prepended to the digest value.If your compiler has limitations regarding the length of identifiers(some embedded C/C++ compilers do), you should keep that in mind. * The hashed file names can end up being much longer than the original file name. Some tools have limitations regarding the length of arguments or file paths.
* Obfuscator uses the Clang Frontend(CFE) libraries. Most embedded hardware require the use of their custom toolchains and that can result in clang complaining about custom pragmas.
* If you want the preprocessor conditionals that evaluate to false that pertain to source code inclusion to be removed, use your compiler to get the output of the preprocessor and then pass that to obfuscator or just outright don't include them in the source code since obfuscator will not look through things that are not included in the source code by the preprocessor.
* Getting rid of the whitespaces in the source code is a moot point since reverting it is as easy as running something like clang-format on it, so the feature is not currently included in obfuscator.
* At a leter point in time, obfuscator will be moved to a mirror repo of it's own or the mirror might become the main repo.

Thanks

obfuscator uses keccak-tiny.