Obfuscation

Cangjie provides multiple obfuscation technologies to protect developers' software assets and make it more difficult for attackers to attack Cangjie software. Attackers often use reverse engineering techniques to attack programs and obtain symbol names, path information, line number information, feature strings, feature constants, and control flow information from programs. Cangjie's obfuscation technology can obfuscate and hide this information, making it difficult for attackers to use the information to understand the running logic of programs.

  • Layout obfuscation: Layout obfuscation obfuscates the symbol names, path information, and line number information of Cangjie applications, and rearranges the functions in the Cangjie binary. Once layout obfuscation is used on a program, attackers cannot use the information to understand the running logic of program. Layout obfuscation causes function names and variable names to be replaced by random strings, path names to be replaced by the string "SOURCE", and line numbers to be changed to 0.

  • Data obfuscation: The Cangjie compiler supports string obfuscation and constant obfuscation. String obfuscation identifies plaintext strings in code and encrypts and saves them. During program initialization, the strings are decrypted and then the program is executed according to the code logic. Therefore, external attackers cannot directly obtain plaintext strings from program files and can only view encrypted data. As a result, they cannot guess the code logic based on information from string literals. For known constants used in programs, the Cangjie compiler supports constant obfuscation, which converts code snippets that use these constants into equivalent code snippets that are more difficult to understand.

  • Control flow obfuscation: The Cangjie compiler supports two control flow obfuscation mechanisms: false control flow and control flow flattening. Control flow obfuscation disrupts and rearranges the patterns of jumps between basic blocks without affecting the normal execution of programs, thereby increasing the difficulty of analyzing and understanding the control flow of the program. Meanwhile, false control flow randomly adds a large number of false conditional jump branches to a program, and the condition variables of these conditional jump branches are the results of opaque predicates. The main purpose of control flow flattening is to hide the jump relationship between basic blocks while ensuring that the execution sequence of the basic blocks during actual execution is consistent with that before obfuscation, so that the normal operation of the program is not affected and attackers cannot statically know the execution sequence relationship and jump relationship between the basic blocks based on the control flow information.