codedefender_config/
lib.rs

1use serde::{Deserialize, Serialize};
2use std::path::PathBuf;
3
4pub const YAML_CONFIG_VERSION: &str = "1.0.0";
5
6#[derive(Debug, Serialize, Deserialize)]
7pub enum MutationEngineExtension {
8    Generic = 0,
9    SSE = 1,
10}
11
12#[derive(Debug, Clone, Copy, Eq, PartialEq, PartialOrd, Ord, Serialize, Deserialize)]
13pub enum PeEnvironment {
14    UserMode,
15    KernelMode,
16    UEFI,
17}
18
19#[derive(Debug, Serialize, Deserialize)]
20pub struct LifterSettings {
21    pub lift_calls: bool,
22    pub max_stack_copy_size: u32,
23    pub split_on_calls_fallback: bool,
24}
25
26#[derive(Debug, Serialize, Deserialize)]
27pub struct OptimizationSettings {
28    pub constant_propagation: bool,
29    pub instruction_combine: bool,
30    pub dead_code_elim: bool,
31    pub prune_useless_block_params: bool,
32    pub iterations: u32,
33}
34
35#[derive(Debug, Serialize, Deserialize)]
36pub struct AssemblerSettings {
37    pub shuffle_basic_blocks: bool,
38    pub instruction_prefix: String,
39    pub random_prefix_chance: f64,
40}
41
42#[derive(Debug, Serialize, Deserialize)]
43pub struct CDCompilerSettings {
44    pub assembler_settings: AssemblerSettings,
45    pub optimization_settings: OptimizationSettings,
46    pub lifter_settings: LifterSettings,
47}
48
49#[derive(Debug, Serialize, Deserialize)]
50pub struct FakePdbString {
51    pub enabled: bool,
52    pub value: String,
53}
54
55#[derive(Debug, Serialize, Deserialize)]
56pub struct CustomSectionName {
57    pub enabled: bool,
58    pub value: String,
59}
60
61#[derive(Debug, Serialize, Deserialize)]
62pub struct CDModuleSettings {
63    pub ida_crasher: bool,
64    pub import_protection: bool,
65    pub fake_pdb_string: FakePdbString,
66    pub custom_section_name: CustomSectionName,
67}
68
69#[derive(Debug, Serialize, Deserialize)]
70pub struct Semantics {
71    pub add: bool,
72    pub sub: bool,
73    pub and: bool,
74    pub xor: bool,
75    pub or: bool,
76    pub not: bool,
77    pub neg: bool,
78}
79
80#[derive(Debug, Serialize, Deserialize)]
81pub struct BitWidths {
82    pub bit8: bool,
83    pub bit16: bool,
84    pub bit32: bool,
85    pub bit64: bool,
86}
87
88#[derive(Debug, Serialize, Deserialize)]
89pub struct LoopEncodeSemantics {
90    pub iterations: u32,
91    pub probability: u32,
92    pub semantics: Semantics,
93    pub bitwidths: BitWidths,
94}
95
96#[derive(Debug, Serialize, Deserialize)]
97pub struct MixedBooleanArithmetic {
98    pub iterations: u32,
99    pub probability: u32,
100    pub semantics: Semantics,
101    pub bitwidths: BitWidths,
102}
103
104#[derive(Debug, Serialize, Deserialize)]
105pub struct MutationEngine {
106    pub iterations: u32,
107    pub probability: u32,
108    pub extension: MutationEngineExtension,
109    pub semantics: Semantics,
110    pub bitwidths: BitWidths,
111}
112
113/// Unit‑struct passes
114#[derive(Debug, Serialize, Deserialize)]
115pub struct IDADecompilerCrasher;
116
117#[derive(Debug, Serialize, Deserialize)]
118pub struct ObscureConstants;
119
120#[derive(Debug, Serialize, Deserialize)]
121pub struct ObscureReferences;
122
123#[derive(Debug, Serialize, Deserialize)]
124pub struct ObscureControlFlow;
125
126#[derive(Debug, Serialize, Deserialize)]
127pub enum ObfuscationPass {
128    LoopEncodeSemantics(LoopEncodeSemantics),
129    MixedBooleanArithmetic(MixedBooleanArithmetic),
130    MutationEngine(MutationEngine),
131    IDADecompilerCrasher(IDADecompilerCrasher),
132    ObscureConstants(ObscureConstants),
133    ObscureReferences(ObscureReferences),
134    ObscureControlFlow(ObscureControlFlow),
135}
136
137#[derive(Debug, Serialize, Deserialize)]
138pub struct CDProfile {
139    pub name: String,
140    pub passes: Vec<ObfuscationPass>,
141    pub compiler_settings: CDCompilerSettings,
142    pub symbols: Vec<u64>,
143}
144
145#[derive(Debug, Serialize, Deserialize)]
146pub struct CDConfig {
147    pub module_settings: CDModuleSettings,
148    pub profiles: Vec<CDProfile>,
149}
150
151/// High level function information
152#[derive(serde::Deserialize, serde::Serialize, Clone)]
153pub struct AnalysisFunction {
154    /// Rva of the function
155    pub rva: u64,
156    /// Name of the function
157    pub symbol: String,
158    /// However many times this function is referenced
159    pub ref_count: usize,
160}
161
162/// Reject string stuff for saas
163#[derive(serde::Deserialize, serde::Serialize, Clone)]
164pub struct AnalysisReject {
165    /// Address of rejected function
166    pub rva: u64,
167    /// Name of rejected function
168    pub symbol: String,
169    /// MlnFunctionRejectReason mnemonic
170    pub ty: String,
171    /// .to_string()'ed MlnFunctionRejectReason
172    pub reason: String,
173}
174
175/// Small wrapper container for source level macros. name contains the profile name
176/// and rvas for that profile.
177#[derive(serde::Deserialize, serde::Serialize, Clone)]
178pub struct AnalysisMacroProfile {
179    /// Profile name
180    pub name: String,
181    /// List of rvas to be associated with the profile
182    pub rvas: Vec<u64>,
183}
184
185/// This structure gets sent to the browser as json.
186#[derive(serde::Deserialize, serde::Serialize, Clone)]
187pub struct AnalysisResult {
188    /// (UserMode/Kernel/UEFI)
189    pub environment: PeEnvironment,
190    /// Function name (or hex of the rva) --> rva of the function.
191    pub functions: Vec<AnalysisFunction>,
192    /// All of the rejected functions and why they were rejected.
193    pub rejects: Vec<AnalysisReject>,
194    /// If someone is using source macros, this will contain
195    /// the profiles and functions to put into that profile. Empty
196    /// if no source macros are used.
197    pub macros: Vec<AnalysisMacroProfile>,
198}
199
200/// Abstraction for symbols to specify them via name or RVA.
201#[derive(Debug, Serialize, Deserialize)]
202pub enum YamlSymbol {
203    /// Name of a symbol
204    Name(String),
205    /// RVA of a symbol
206    Rva(u64),
207}
208
209/// High level profile abstraction
210#[derive(Debug, Serialize, Deserialize)]
211pub struct YamlProfile {
212    /// Name of the profile, this is also used by the source macros to specify which profile to obfuscate the function with!
213    pub name: String,
214    /// Passes to run on the symbols contained inside of this profile
215    pub passes: Vec<ObfuscationPass>,
216    /// Compiler settings for this profile.
217    pub compiler_settings: CDCompilerSettings,
218    /// Symbols contained inside of this profile
219    pub symbols: Vec<YamlSymbol>,
220}
221
222#[derive(Debug, Serialize, Deserialize)]
223pub struct YamlConfig {
224    /// Version of this CodeDefender CLI file
225    pub version: String,
226    /// API generated on the website
227    pub api_key: String,
228    /// Input file for processing (exe, dll, sys)
229    pub input_file: PathBuf,
230    /// Input PDB file for processing (optional)
231    pub pdb_file: Option<PathBuf>,
232    /// Module wide obfuscation settings
233    pub module_settings: CDModuleSettings,
234    /// All of the profiles used for obfuscation
235    pub profiles: Vec<CDProfile>,
236}
codedefender_config/lib.rs

codedefender_config/
lib.rs
