def setUp(self):
self.mba = MBA(8)
self.x = self.mba.var('x')
self.y = self.mba.var('y')
self.ex = EX.ExprBV(self.x)
self.ey = EX.ExprBV(self.y)
self.args = [self.x,self.y]
self.eargs = [EX.ExprBV(self.x),EX.ExprBV(self.y)]
self.func_name = "__arybo"
self.llvm_target = llvm_get_target()
self.machine = self.llvm_target.create_target_machine()
self.engine = llvm.create_mcjit_compiler(llvm.parse_assembly(""), self.machine)
def __identify(app, in_name):
# TODO: identify number of independant inputs
NL = app.nl().vector()
M = app.matrix()
nbits_in = M.ncols()
nbits_out = M.nlines()
if nbits_in != nbits_out:
raise ValueError("do not yet support application with a different\
number of input and output bits!")
mba = MBA(nbits_in)
var_in = mba.var(in_name)
if NL != Vector(len(NL)):
return _identify_nonaffine(app, var_in)
C = EX.ExprCst(mba.from_vec(app.cst()).to_cst(), nbits_out)
if M == Matrix(nbits_out, nbits_in):
# This is just a constant
return C
ret = EX.ExprBV(var_in)
matrix_empty = 0
# Find empty columns in the matrix.
for j in range(nbits_in):
is_zero = reduce(operator.and_, (M.at(i, j) == imm(0)
for i in range(nbits_out)), True)
if is_zero:
matrix_empty |= 1 << j
matrix_and_mask = (~matrix_empty) % (2**nbits_out)
if matrix_empty != 0:
ret = EX.ExprAnd(ret, EX.ExprCst(matrix_and_mask, nbits_out))
if mba.from_vec(M * var_in.vec) ^ (var_in & matrix_empty) == var_in:
# This is a XOR
return EX.ExprXor(ret, C)
raise ValueError("unable to identify an expression")
def setUp(self):
self.mba1 = MBA(1)
self.mba4 = MBA(4)
self.mba4.use_esf = False
self.mba8 = MBA(8)
self.mba8.use_esf = False
self.x4 = self.mba4.var('x')
self.y4 = self.mba4.var('y')
self.z4 = self.mba4.var('z')
self.x4_expr = EX.ExprBV(self.x4)
self.y4_expr = EX.ExprBV(self.y4)
self.z4_expr = EX.ExprBV(self.z4)
self.x8 = self.mba8.var('x')
self.y8 = self.mba8.var('y')
self.z8 = self.mba8.var('z')
self.x8_expr = EX.ExprBV(self.x8)
self.y8_expr = EX.ExprBV(self.y8)
self.z8_expr = EX.ExprBV(self.z8)
def tritonast2arybo(e, use_exprs=True, use_esf=False, context=None):
''' Convert a subset of Triton's AST into Arybo's representation
Args:
e: Triton AST
use_esf: use ESFs when creating the final expression
context: dictionnary that associates Triton expression ID to arybo expressions
Returns:
An :class:`arybo.lib.MBAVariable` object
'''
children_ = e.getChilds()
children = (tritonast2arybo(c, use_exprs, use_esf, context)
for c in children_)
reversed_children = (tritonast2arybo(c, use_exprs, use_esf, context)
for c in reversed(children_))
Ty = e.getKind()
if Ty == TAstN.ZX:
n = next(children)
v = next(children)
n += v.nbits
if n == v.nbits:
return v
return v.zext(n)
if Ty == TAstN.SX:
n = next(children)
v = next(children)
n += v.nbits
if n == v.nbits:
return v
return v.sext(n)
if Ty == TAstN.DECIMAL:
return e.getValue()
if Ty == TAstN.BV:
cst = next(children)
nbits = next(children)
if use_exprs:
return EX.ExprCst(cst, nbits)
else:
return _get_mba(nbits, use_esf).from_cst(cst)
if Ty == TAstN.EXTRACT:
last = next(children)
first = next(children)
v = next(children)
return v[first:last + 1]
if Ty == TAstN.CONCAT:
if use_exprs:
return EX.ExprConcat(*list(reversed_children))
else:
return flatten(reversed_children)
if Ty == TAstN.VARIABLE:
name = e.getValue()
ret = _get_mba(e.getBitvectorSize(), use_esf).var(name)
if use_exprs:
ret = EX.ExprBV(ret)
return ret
if Ty == TAstN.REFERENCE:
if context is None:
raise ValueError(
"reference node without context can't be resolved")
id_ = e.getValue()
ret = context.get(id_, None)
if ret is None:
raise ValueError("expression id %d not found in context" % id_)
return ret
if Ty == TAstN.LET:
# Alias
# djo: "c'est pas utilise osef"
raise ValueError("unsupported LET operation")
# Logical/arithmetic shifts
shifts = {
TAstN.BVLSHR: operator.rshift,
TAstN.BVSHL: operator.lshift,
}
shift = shifts.get(Ty, None)
if not shift is None:
v = next(children)
n = next(children)
return shift(v, n)
# We need to separate rotate shifts from the others because the triton API
# is different for this one... (no comment)
rshifts = {
TAstN.BVROL: lambda x, n: x.rol(n),
TAstN.BVROR: lambda x, n: x.ror(n)
}
rshift = rshifts.get(Ty, None)
if not rshift is None:
# Notice the order here compared to above...
n = next(children)
v = next(children)
return rshift(v, n)
# Unary op
unops = {
TAstN.BVNOT: lambda x: ~x,
TAstN.LNOT: lambda x: ~x,
TAstN.BVNEG: operator.neg
}
unop = unops.get(Ty, None)
if unop != None:
return unop(next(children))
binops = {
TAstN.BVADD: operator.add,
TAstN.BVSUB: operator.sub,
TAstN.BVAND: operator.and_,
TAstN.BVOR: operator.or_,
TAstN.BVXOR: operator.xor,
TAstN.BVMUL: operator.mul,
TAstN.BVNAND: lambda x, y: ~(x & y),
TAstN.BVNOR: lambda x, y: ~(x | y),
TAstN.BVXNOR: lambda x, y: ~(x ^ y),
TAstN.BVUDIV: lambda x, y: x.udiv(y),
TAstN.BVSDIV: lambda x, y: x.sdiv(y),
TAstN.LAND: operator.and_,
TAstN.LOR: operator.or_
}
binop = binops.get(Ty, None)
if binop != None:
return reduce(binop, children)
# Logical op
lops = {
TAstN.EQUAL: lambda x, y: EX.ExprCmpEq(x, y),
TAstN.DISTINCT: lambda x, y: EX.ExprCmpNeq(x, y),
TAstN.BVUGE: lambda x, y: EX.ExprCmpGte(x, y, False),
TAstN.BVUGT: lambda x, y: EX.ExprCmpGt(x, y, False),
TAstN.BVULE: lambda x, y: EX.ExprCmpLte(x, y, False),
TAstN.BVULT: lambda x, y: EX.ExprCmpLt(x, y, False),
TAstN.BVSGE: lambda x, y: EX.ExprCmpGte(x, y, True),
TAstN.BVSGT: lambda x, y: EX.ExprCmpGt(x, y, True),
TAstN.BVSLE: lambda x, y: EX.ExprCmpLte(x, y, True),
TAstN.BVSLT: lambda x, y: EX.ExprCmpLt(x, y, True)
}
lop = lops.get(Ty, None)
if lop != None:
return reduce(lop, children)
# Conditional
if Ty != TAstN.ITE:
raise ValueError("unsupported node type %s" % str(Ty))
return EX.ExprCond(next(children), next(children), next(children))
use_exprs = int(sys.argv[1])
def f(x):
v0 = x * 0xe5 + 0xF7
v0 = v0 & 0xFF
v3 = (((((v0 * 0x26) + 0x55) & 0xFE) + (v0 * 0xED) + 0xD6) & 0xFF)
v4 = ((((((-(v3 * 0x2)) + 0xFF) & 0xFE) + v3) * 0x03) + 0x4D)
v5 = (((((v4 * 0x56) + 0x24) & 0x46) * 0x4B) + (v4 * 0xE7) + 0x76)
v7 = ((((v5 * 0x3A) + 0xAF) & 0xF4) + (v5 * 0x63) + 0x2E)
v6 = (v7 & 0x94)
v8 = ((((v6 + v6 + (-(v7 & 0xFF))) * 0x67) + 0xD))
res = ((v8 * 0x2D) + (((v8 * 0xAE) | 0x22) * 0xE5) + 0xC2) & 0xFF
return (0xed * (res - 0xF7)) & 0xff
mba8 = MBA(8)
X = mba8.var('X')
if use_exprs:
X = EX.ExprBV(X)
res = f(X)
if use_exprs:
res = EX.eval_expr(res, use_esf=False)
print(res)
if use_exprs:
X = X.v
VD = res.vectorial_decomp([X])
print("====")
print("Cst = " + hex(VD.cst().get_int_be()))
def setUp(self):
self.mba8 = MBA(8)
self.x = self.mba8.var('x')
self.ex = EX.ExprBV(self.mba8.var('x'))