Any questions? Ask us: support@enigmaprotector.com

C++ Markers / SDK

Post here any topics that related to Enigma Protector, its functionality, your misunderstanding, offers to improvements etc etc etc

C++ Markers / SDK

Postby 0x53616D61676F6E » Wed Apr 11, 2018 9:45 pm

Hi,

I use Enigma Protector since some years, mostly to use the VirtualBox + basic Encryption through the GUI.
Now i have some important code in my software, which I need to protect in a stronger way.

I saw that Enigma has markers for execution inside of the VM and SDK (ex. EP_ProtectedStringByKey)

I have got some questions about this stuff:

First of all:
Do I need to use the #include stuff or can I simply create a define like the following, without any security issues (it works, but could there be any problems):
Code: Select all
#define ENIGMA_VM_START \
       __asm _emit 0xEB \
       __asm _emit 0x08 \
       __asm _emit 0x56 \
       __asm _emit 0x4D \
       __asm _emit 0x42 \
       __asm _emit 0x45 \
       __asm _emit 0x47 \
       __asm _emit 0x49 \
       __asm _emit 0x4E \
       __asm _emit 0x31

#define ENIGMA_VM_END \
      __asm _emit 0xEB \
      __asm _emit 0x08 \
      __asm _emit 0x56 \
      __asm _emit 0x4D \
      __asm _emit 0x45 \
      __asm _emit 0x4E \
      __asm _emit 0x44 \
      __asm _emit 0x31 \
      __asm _emit 0x00 \
      __asm _emit 0x00


Second question, should I call SDK methods like "EP_ProtectedStringByKey" inside of the risc vm or doesnt this matter?
Code: Select all
   char ret[255];
   ENIGMA_VM_START; // #include "EnigmaSDK/vm_risc_begin.inc"
   EP_ProtectedStringByKey("KEY", &ret[0], sizeof(ret));
   ENIGMA_VM_END; // #include "EnigmaSDK/vm_risc_end.inc"
   std::string IDKJustSomething(ret);


4 question:
Is it ok/right to call a method which also runs in the VM through a method that runs in the VM (it works, but could there be any problems)?
Code: Select all
void BLA::Test2(std::string * ret)
{
   ENIGMA_VM_START; // #include "EnigmaSDK/vm_risc_begin.inc"
   char test[299];
   EP_ProtectedStringByKey("KEY", &test[0], sizeof(test));
   ret->append(test);
   ENIGMA_VM_END; // #include "EnigmaSDK/vm_risc_end.inc"
}

void BLA::Test(std::string * ret)
{
   ENIGMA_VM_START; // #include "EnigmaSDK/vm_risc_begin.inc"
   char test[299];
   EP_ProtectedStringByKey("KEY", &test[0], sizeof(test));
   Test2(ret); // runs in the VM too
   ENIGMA_VM_END; // #include "EnigmaSDK/vm_risc_end.inc"
}


Last question, is there any support of returns inside of the VM markers planed? Of course I can use other ways to return a value but it would be a nice feature.
0x53616D61676F6E
 
Posts: 1
Joined: Wed Apr 11, 2018 9:25 pm

Re: C++ Markers / SDK

Postby Enigma » Thu Apr 12, 2018 10:31 am

Hi, regarding your questions:

0x53616D61676F6E wrote:Do I need to use the #include stuff or can I simply create a define like the following, without any security issues (it works, but could there be any problems):


This way is perfect, it is the same as #include, so if this way is more suitable for you, feel free to use it.

0x53616D61676F6E wrote:Second question, should I call SDK methods like "EP_ProtectedStringByKey" inside of the risc vm or doesnt this matter?


This does not matter, but calling inside the marker serves the better protection as it would be impossible to somehow hook the results that EP_ProtectedStringByKey returns.

0x53616D61676F6E wrote:4 question:
Is it ok/right to call a method which also runs in the VM through a method that runs in the VM (it works, but could there be any problems)?


It is OK and it is right, there is no any problems. Just a small note. If it would be possible to use virtual machine thought MAP file and functions selecting, rather than through markers, it would be a better way. If you protect the function through MAP file, it also protects the function epilog and prolog, plus better handling of nested functions. Portection using markers does not have such advantages.

0x53616D61676F6E wrote:Last question, is there any support of returns inside of the VM markers planed? Of course I can use other ways to return a value but it would be a nice feature.


We do not limit using "return" inside vm markers. It is impossible to use return in other kind of markers, but not for VM/VM_RISC. So feel free to use it.
Enigma
Site Admin
 
Posts: 2310
Joined: Wed Aug 20, 2008 2:24 pm


Return to Basic

Who is online

Users browsing this forum: No registered users and 25 guests