Rev 255 | Rev 268 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 255 | Rev 256 | ||
---|---|---|---|
Line 442... | Line 442... | ||
442 | AETE_WRITE_DWORD(0); /* padding (FIXME: do we need that? Adobe's Windows filters don't) */ |
442 | AETE_WRITE_DWORD(0); /* padding (FIXME: do we need that? Adobe's Windows filters don't) */ |
443 | 443 | ||
444 | return (unsigned char*)aeteptr - (unsigned char*)beginptr; // length of stuff written |
444 | return (unsigned char*)aeteptr - (unsigned char*)beginptr; // length of stuff written |
445 | } |
445 | } |
446 | 446 | ||
447 | void _xorshift(unsigned char** p, uint32_t* x32, size_t num) { |
447 | // Using rand() is more secure, because it differs from compiler to compiler, so |
448 | size_t i; |
- | |
449 | unsigned char* x = *p; |
448 | // it is harder to read a protected 8BF plugin. |
- | 449 | // Note that rand() in combination with srand() is deterministic, so it is safe |
|
- | 450 | // to use it: https://stackoverflow.com/questions/55438293/does-rand-function-in-c-follows-non-determinstc-algorithm |
|
450 | for (i = 0; i < num; i++) { |
451 | int randInRange(int min, int max) { |
451 | // https://de.wikipedia.org/wiki/Xorshift |
452 | // https://stackoverflow.com/questions/15621764/generate-a-random-byte-stream |
452 | *x32 ^= *x32 << 13; |
453 | double scale = 1.0 / (RAND_MAX + 1); |
453 | *x32 ^= *x32 >> 17; |
454 | double range = (double)max - (double)min + 1; |
454 | *x32 ^= *x32 << 5; |
455 | return min + (int)(rand() * scale * range); |
455 | *x++ ^= *x32; |
- | |
456 | } |
- | |
457 | *p = x; |
- | |
458 | } |
456 | } |
459 | 457 | ||
460 | void obfusc(unsigned char* pparm, size_t size, size_t seed_position) { |
458 | void obfusc(unsigned char* pparm, size_t size, size_t seed_position) { |
461 | unsigned char* p; |
459 | unsigned char* p; |
462 | uint32_t x32; |
460 | size_t i; |
463 | unsigned int seed; |
461 | unsigned int seed; |
464 | 462 | ||
465 | seed = (unsigned int)time(0); |
463 | seed = (unsigned int)time(0); |
- | 464 | srand(seed); |
|
466 | 465 | ||
467 | p = pparm; |
466 | p = pparm; |
468 | x32 = (uint32_t)seed; |
- | |
469 | _xorshift(&p, &x32, seed_position); |
467 | for (i = 0; i < seed_position; i++) *p++ ^= randInRange(0,255); |
470 | *((unsigned int*)p) = seed; // seed is placed at this position. data will lost! (in deobfusc, it will be set to 0x00000000) |
468 | *((unsigned int*)p) = seed; // seed is placed at this position. data will lost! (in deobfusc, it will be set to 0x00000000) |
471 | p += 4; |
469 | p += 4; |
472 | _xorshift(&p, &x32, size - seed_position - 4); |
470 | for (i = 0; i < size - seed_position - 4; i++) *p++ ^= randInRange(0, 255); |
473 | } |
471 | } |
474 | 472 | ||
475 | void deobfusc(unsigned char* pparm, size_t size, size_t seed_position) { |
473 | void deobfusc(unsigned char* pparm, size_t size, size_t seed_position) { |
476 | unsigned char* p; |
474 | unsigned char* p; |
477 | uint32_t x32; |
475 | size_t i; |
478 | unsigned int seed; |
476 | unsigned int seed; |
479 | 477 | ||
480 | seed = *((unsigned int*)(pparm + seed_position)); |
478 | seed = *((unsigned int*)(pparm + seed_position)); |
- | 479 | srand(seed); |
|
481 | 480 | ||
482 | p = pparm; |
481 | p = pparm; |
483 | x32 = (uint32_t)seed; |
- | |
484 | _xorshift(&p, &x32, seed_position); |
482 | for (i = 0; i < seed_position; i++) *p++ ^= randInRange(0, 255); |
485 | *((unsigned int*)p) = 0; // here was the seed. Fill it with 0x00000000 |
483 | *((unsigned int*)p) = 0; // here was the seed. Fill it with 0x00000000 |
486 | p += 4; |
484 | p += 4; |
487 | _xorshift(&p, &x32, size - seed_position - 4); |
485 | for (i = 0; i < size - seed_position - 4; i++) *p++ ^= randInRange(0, 255); |
488 | } |
486 | } |