Several transformations rely on boolean and integer expressions that have a known value, known as opaque predicates and expressions. To construct these, data structures with precise invariants are added to the code.

Options

At a minimum, you must create one or more opaque invariant data structures:

Option	Arguments	Description
`--Transform`	`InitOpaque`	Add opaque initialization code. This initialization code has to be added to a function that gets called before any uses of opaque predicates, usually, but not necessarily, to main.
`--InitOpaqueStructs`	`list, array, input, env, *`	Comma-separated list of the kinds of opaque constructs to add. Default=list,array. `list` = Generate opaque expressions using linked lists `array` = Generate opaque expressions using arrays `input` = Generate opaque expressions that depend on input. Requires --Inputs to set invariants over input. `env` = Generate opaque expressions from entropy. Requires --InitEntropy. `*` = Same as list,array,input,env
`--InitOpaqueCount`	`INTSPEC`	How many opaque data structures (lists or arrays) to add to the program. They will be split roughly evenly between the different declared opaque structures. Default=1.
`--InitOpaqueTrace`	`BOOLSPEC`	Print the generated structure. Default=false.
`--InitOpaqueSize`	`INTSPEC`	Size of opaque arrays. Default=30.

To frustrate analysis, updates that maintain the invariants should be sprinkled throughout the program. This is done by the --Transform=UpdateOpaque option.

Option	Arguments	Description
`--Transform`	`UpdateOpaque`	Add code that makes updates to opaque predicates.
`--UpdateOpaqueCount`	`INTSPEC`	How many updates to opaque data structures to add to the function. Default=1.
`--UpdateOpaqueTrace`	`BOOLSPEC`	Print the updated structure. Default=false.
`--UpdateOpaqueAllowAddNodes`	`bool`	Is it safe to malloc new nodes for the opaque data structure in this function? Only set to true if the function is called sparingly. Default=false.

News: In --Transform=InitOpaque --Functions=foo, the function foo must execute before any use of an opaque expression. Easiest is to set --Transform=InitOpaque --Functions=main but this is best avoided since it is very obvious.

Issues

Tigress will generate copious numbers of extra local variables and statements of the form _*__BARRIER_* = 1, _*__BEGIN_* = 1, _*__END_* = 1. They will be removed by any competent compiler, or by the --Transform=CleanUp --CleanUpKinds=annotations transformation.

References

Collberg and Nagra, Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection
Dalla Preda et al., Opaque Predicates Detection by Abstract Interpretation.

Opaque Expressions

Options

Issues

References