Code_Virtualizer/CodeVirtualizer/RipXorInst.h

#ifndef __RIP_XOR_INST_H
#define __RIP_XOR_INST_H

#include "Windas.h"
#include "XedWrap.h"
#include "NativeCode.h"

#define DWORD_XOR_INST_LENGTH		10
#define DWORD_XOR_INST_RIP_OFFSET	2
#define DWORD_XOR_INST_XOR_OFFSET	6

#define WORD_XOR_INST_LENGTH		9
#define WORD_XOR_INST_RIP_OFFSET	3
#define WORD_XOR_INST_XOR_OFFSET	7

#define BYTE_XOR_INST_LENGTH		7
#define BYTE_XOR_INST_RIP_OFFSET	2
#define BYTE_XOR_INST_XOR_OFFSET	6


typedef struct _XOR_INST_DATA
{
	ULONG Data[5];
}XOR_INST_DATA, *PXOR_INST_DATA;

BOOL ObfEmitPushfqInst(PNATIVE_CODE_BLOCK Block);

BOOL ObfEmitPopfqInst(PNATIVE_CODE_BLOCK Block);

BOOL ObfEmitRipRelativeXorD(PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value);

BOOL ObfEmitRipRelativeXorW(PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value);

BOOL ObfEmitRipRelativeXorB(PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value);

VOID ObfXorInstBytes(PNATIVE_CODE_LINK Link, PXOR_INST_DATA XorData);

//Used to see if the PreXor needs to save the flags.
//If all flags are written to by the XORs are also written to by the target inst theres no point in saving flags
BOOL ObfDoesInstWriteToAllXorFlags(PNATIVE_CODE_LINK Link);

BOOL ObfAreXorFlagsClobberedBeforeUse(PNATIVE_CODE_LINK Link);

PNATIVE_CODE_BLOCK ObfEmitPreXorForInst(PNATIVE_CODE_LINK Link, PXOR_INST_DATA XorData, BOOL SaveFlags, INT32 DeltaToInst = 0);

PNATIVE_CODE_BLOCK ObfEmitPostXorForInst(PNATIVE_CODE_LINK Link, PXOR_INST_DATA XorData, BOOL SaveFlags, INT32 DeltaToInst = 0);



#endif