Artifact 6d395bac20364951b16996d2c75efe55f67b441a:
Wiki page
[
Obfuscating Source Code in Toadkit] by
hypnotoad
2017-08-30 22:41:43.
D 2017-08-30T22:41:43.380
L Obfuscating\sSource\sCode\sin\sToadkit
U hypnotoad
W 1430
Toadkits include several tools to allow developers to obfuscate the Tcl source code embedded in a VFS. Toadkits take the approach of ONLY obfuscating individual files. The reasons are many, and should be obvious to anyone familiar with encryption.
Toadkits include odielb, which generates a random password and embeds it in C. That secret key is available in the build system as "password.txt" in the build directory. (You can also provide a manual password by replacing the contents of that file with your own chosen string.)
Also embedded in odielib is the following command: <b>::kit::crypt_eval</b>. This command can directly execute a block of code that was obfuscated with the embedded key.
The kit also has a built in function to generate an obfuscated block of code: <b>::kit::encrypt</b>. The default implementation uses a bare kit compiled without an attached VFS to act as a shell to run the scm-copy.tcl script distributed in the <a href=/fossil/odie/dir?ci=tip&name=scripts>scripts</a> folder.
Instead of copying the files into the VFS directory, the make system build an obfuscated version in the VFS, using this block of code:
<verbatim>
set VFS [file join $CWD toadkit.vfs]
file mkdir $VFS
# Copy in our "secret squirrel" code
set SCMCOPY [list ::exec [BASEKIT define get tclkit_bare] [file join $::SRCDIR scripts scm-copy.tcl]]
{*}$SCMCOPY [file join $::SRCDIR src] ${VFS}
</verbatim>
Z a11cc77bda3c23f75dd51ee55ec8e754
