Rev 255 | Rev 268 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 255 | Rev 256 | ||
|---|---|---|---|
| Line 442... | Line 442... | ||
| 442 | AETE_WRITE_DWORD(0); /* padding (FIXME: do we need that? Adobe's Windows filters don't) */ |
442 | AETE_WRITE_DWORD(0); /* padding (FIXME: do we need that? Adobe's Windows filters don't) */ |
| 443 | 443 | ||
| 444 | return (unsigned char*)aeteptr - (unsigned char*)beginptr; // length of stuff written |
444 | return (unsigned char*)aeteptr - (unsigned char*)beginptr; // length of stuff written |
| 445 | } |
445 | } |
| 446 | 446 | ||
| 447 | void _xorshift(unsigned char** p, uint32_t* x32, size_t num) { |
447 | // Using rand() is more secure, because it differs from compiler to compiler, so |
| 448 | size_t i; |
- | |
| 449 | unsigned char* x = *p; |
448 | // it is harder to read a protected 8BF plugin. |
| - | 449 | // Note that rand() in combination with srand() is deterministic, so it is safe |
|
| - | 450 | // to use it: https://stackoverflow.com/questions/55438293/does-rand-function-in-c-follows-non-determinstc-algorithm |
|
| 450 | for (i = 0; i < num; i++) { |
451 | int randInRange(int min, int max) { |
| 451 | // https://de.wikipedia.org/wiki/Xorshift |
452 | // https://stackoverflow.com/questions/15621764/generate-a-random-byte-stream |
| 452 | *x32 ^= *x32 << 13; |
453 | double scale = 1.0 / (RAND_MAX + 1); |
| 453 | *x32 ^= *x32 >> 17; |
454 | double range = (double)max - (double)min + 1; |
| 454 | *x32 ^= *x32 << 5; |
455 | return min + (int)(rand() * scale * range); |
| 455 | *x++ ^= *x32; |
- | |
| 456 | } |
- | |
| 457 | *p = x; |
- | |
| 458 | } |
456 | } |
| 459 | 457 | ||
| 460 | void obfusc(unsigned char* pparm, size_t size, size_t seed_position) { |
458 | void obfusc(unsigned char* pparm, size_t size, size_t seed_position) { |
| 461 | unsigned char* p; |
459 | unsigned char* p; |
| 462 | uint32_t x32; |
460 | size_t i; |
| 463 | unsigned int seed; |
461 | unsigned int seed; |
| 464 | 462 | ||
| 465 | seed = (unsigned int)time(0); |
463 | seed = (unsigned int)time(0); |
| - | 464 | srand(seed); |
|
| 466 | 465 | ||
| 467 | p = pparm; |
466 | p = pparm; |
| 468 | x32 = (uint32_t)seed; |
- | |
| 469 | _xorshift(&p, &x32, seed_position); |
467 | for (i = 0; i < seed_position; i++) *p++ ^= randInRange(0,255); |
| 470 | *((unsigned int*)p) = seed; // seed is placed at this position. data will lost! (in deobfusc, it will be set to 0x00000000) |
468 | *((unsigned int*)p) = seed; // seed is placed at this position. data will lost! (in deobfusc, it will be set to 0x00000000) |
| 471 | p += 4; |
469 | p += 4; |
| 472 | _xorshift(&p, &x32, size - seed_position - 4); |
470 | for (i = 0; i < size - seed_position - 4; i++) *p++ ^= randInRange(0, 255); |
| 473 | } |
471 | } |
| 474 | 472 | ||
| 475 | void deobfusc(unsigned char* pparm, size_t size, size_t seed_position) { |
473 | void deobfusc(unsigned char* pparm, size_t size, size_t seed_position) { |
| 476 | unsigned char* p; |
474 | unsigned char* p; |
| 477 | uint32_t x32; |
475 | size_t i; |
| 478 | unsigned int seed; |
476 | unsigned int seed; |
| 479 | 477 | ||
| 480 | seed = *((unsigned int*)(pparm + seed_position)); |
478 | seed = *((unsigned int*)(pparm + seed_position)); |
| - | 479 | srand(seed); |
|
| 481 | 480 | ||
| 482 | p = pparm; |
481 | p = pparm; |
| 483 | x32 = (uint32_t)seed; |
- | |
| 484 | _xorshift(&p, &x32, seed_position); |
482 | for (i = 0; i < seed_position; i++) *p++ ^= randInRange(0, 255); |
| 485 | *((unsigned int*)p) = 0; // here was the seed. Fill it with 0x00000000 |
483 | *((unsigned int*)p) = 0; // here was the seed. Fill it with 0x00000000 |
| 486 | p += 4; |
484 | p += 4; |
| 487 | _xorshift(&p, &x32, size - seed_position - 4); |
485 | for (i = 0; i < size - seed_position - 4; i++) *p++ ^= randInRange(0, 255); |
| 488 | } |
486 | } |