# obfuscator
obfuscator is a C/C++ source-code obfuscation tool.
obfuscator can use SHAKE128 and SHAKE256 to generate hash digests.
## Status
You can find a list of the implemented features and the ones that will be implemented below.
If you have suggestions or recommendations for features to add, please make an issue with the `obfuscator` label.
When an alpha version is ready, `obfuscator` will get its own mirror repo.
## CLI options
In addition to the clang options,obfuscator defines some custom CLI options:
* --shake: the accepted values are 128 and 256 for SHAKE128 and SHAKE256 respectively.
* --shake_len: the length of the hash value in bytes. see NOTES for some explanation.
### Implemented Features
* Identifier Obfuscation: Swaps the name of all identifiers with their hash.
* Comment Deletion: Deletes all comments.
* SHAKE: you can choose to use SHAKE128 or SHAKE256 as the hashing function.
### Future Features
* Obfuscation Exclusion List: obfuscator will accept a list of idenftifiers and their namespace and will not obfuscate those. This feature is added so the user can refrain from obfuscating the standard library.
* Support directory-wide and multiple files as input.
### Running the Test
running `run.sh` should do the trick. Do note that you need to regenerate the compilation database for the test under the `test` directory to work. You could use `bear`. If you already have `bear`, just run `make clean && bear make`.
## Notes
Just some points to keep in mind while using obfuscator:
* If you choose to use SHAKE as the hashing algorithm, you have the flexibility of getting a variable-length digest. Just bear in mind that the value provided by `-shake_len` is the number of bytes in the hash itself. The stringified digest will be twice that length plus, file names have `FILE` attached to their begenning and any other identifier in the source code will have `ID` prepended to the digest value.If your compiler has limitations regarding the length of identifiers(some embedded C/C++ compilers do), you should keep that in mind.
* The hashed file names can end up being much longer than the original file name. Some tools have limitations regarding the length of arguments or file paths.
* Obfuscator uses the Clang Frontend(CFE) libraries. Most embedded hardware require the use of their custom toolchains and that can result in clang complaining about custom pragmas.
* If you want the preprocessor conditionals that evaluate to false that pertain to source code inclusion to be removed, use your compiler to get the output of the preprocessor and then pass that to `obfuscator` or just outright don't include them in the source code since `obfuscator` will not look through things that are not included in the source code by the preprocessor.
* Getting rid of the whitespaces in the source code is a moot point since reverting it is as easy as running something like `clang-format` on it, so the feature is not currently included in obfuscator.
* At a leter point in time, obfuscator will be moved to a mirror repo of it's own or the mirror might become the main repo.
## Thanks
obfuscator uses [keccak-tiny](https://github.com/coruus/keccak-tiny).