#[obfuscate_strings]Expand description
String obfuscation attribute macro
Encrypts all string literals in a function at compile time. Each build produces different ciphertext (based on build seed).
§Usage
ⓘ
use aegis_vm_macro::obfuscate_strings;
#[obfuscate_strings]
fn error_handler(code: u32) -> &'static str {
match code {
1 => "Invalid input", // Encrypted!
2 => "Access denied", // Encrypted!
_ => "Unknown error", // Encrypted!
}
}§How It Works
- At compile time, all string literals are found and encrypted
- Each string gets a unique key derived from: build_seed + string_id
- At runtime, strings are decrypted on first use and cached
- No plaintext strings appear in the binary
§Security Features
- Build-specific: Same source produces different ciphertext each build
- Position-dependent: Same string at different locations = different ciphertext
- No static keys: Keys derived from build seed (not in binary)
- Lazy decryption: Strings decrypted only when accessed
§Performance
- First access: ~100ns decryption overhead
- Subsequent access: Zero overhead (cached)
- Memory: Encrypted + decrypted versions both in memory after first use
§Example Output (in binary)
// Before: plaintext visible
"VM bytecode decryption failed"
// After: only encrypted bytes visible
[0x4a, 0x7f, 0x2c, 0x91, 0x3e, ...]