Documentation
¶
Index ¶
- Variables
- func AsconDecrypt(key, nonce, ciphertextAndTag []byte) ([]byte, bool)
- func AsconEncrypt(key, nonce, plaintext []byte) []byte
- func Obfuscate(rand *mathrand.Rand, file *ast.File, info *types.Info, ...) *ast.File
- func RegisteredStrategyNames() []string
- func SetReversibleMode(reversible bool)
- type Builder
- type BuilderConfig
- type KeyProvider
- type NameProviderFunc
Constants ¶
This section is empty.
Variables ¶
var (
TestObfuscator string
)
Functions ¶
func AsconDecrypt ¶
AsconDecrypt performs ASCON-128 authenticated decryption Input: ciphertext || tag Returns: plaintext, success (false if authentication fails)
func AsconEncrypt ¶
AsconEncrypt performs ASCON-128 authenticated encryption Returns: ciphertext || tag (ciphertext length = plaintext length, tag = 16 bytes)
func Obfuscate ¶
func Obfuscate(rand *mathrand.Rand, file *ast.File, info *types.Info, linkStrings map[*types.Var]string, nameFunc NameProviderFunc, cfg BuilderConfig) *ast.File
Obfuscate replaces literals with obfuscated anonymous functions.
func RegisteredStrategyNames ¶
func RegisteredStrategyNames() []string
RegisteredStrategyNames returns the identifiers of all registered literal obfuscation strategies in registration order. It is primarily used by tooling and tests to reference specific strategies without exposing the underlying implementation type.
func SetReversibleMode ¶
func SetReversibleMode(reversible bool)
SetReversibleMode sets the obfuscation mode.
Types ¶
type Builder ¶
type Builder struct {
// contains filtered or unexported fields
}
func NewBuilder ¶
func NewBuilder(rand *mathrand.Rand, file *ast.File, nameFunc NameProviderFunc, cfg BuilderConfig) *Builder
func (*Builder) ObfuscateFile ¶
type BuilderConfig ¶
type BuilderConfig struct {
KeyProvider KeyProvider
}
type KeyProvider ¶
type KeyProvider interface {
// NextLiteralKeys returns a unique 16-byte key and 16-byte nonce pair for
// the ASCON literal backend.
NextLiteralKeys() (key, nonce []byte)
// NextIrreversibleMaterial returns deterministic pseudorandom bytes for the
// irreversible literal backend. The caller specifies how many bytes are
// required for round subkeys or other material.
NextIrreversibleMaterial(size int) []byte
}
KeyProvider generates per-literal keying material for encryption-based obfuscators.
func NewHKDFKeyProvider ¶
func NewHKDFKeyProvider(masterSecret, packageSalt []byte, fileID string) KeyProvider
NewHKDFKeyProvider constructs a KeyProvider backed by HKDF-SHA256.
masterSecret should come from combineSeedAndNonce(seed, nonce) when a CLI seed is provided; otherwise the package GarbleActionID is used. packageSalt must be a stable, package-unique identifier such as the GarbleActionID. fileID should be a trimmed/relative path that is stable across builds.
Source Files