Protect your Python code: The existing encryption schemes

Others 2020-03-26 16:24:06 views: null

Due to the dynamic characteristics and features of the Python open source, resulting in Python code that is hard to do a good encryption. Some voices in the community is the fact that such restrictions should be through legal means rather than encryption source code to achieve the purpose of commercial protection; and there are some sound irrespective want to have a means to encrypt. Ever since, people come up with all kinds or encrypted, or obfuscated program, thereby to achieve the purpose of protecting the source code.

Common source means of protection are summarized as follows:

  • .Pyc release files
  • Code obfuscation
  • Use py2exe
  • Use Cython

Let's talk about these simple solutions.

1 issue .pyc file

1.1 ideas

As we all know, Python interpreter will first generate .pyc file during the execution of the code, and then explain the implementation of the contents of .pyc file. Of course, Python interpreter can execute .pyc file directly. The .pyc files are binary files and can not see directly source content. If the code is issued .pyc rather than .py file to the client environment, then it would not be able to achieve the purpose of protection of Python code?

1.2 Methods

The .py files are compiled to .pyc file, is a very easy thing, all of the code may not need to run again, and then Qulao .pyc generated files.

In fact, Python standard library provides a library named compileall, and can easily be compiled.

Run the following command will be able to traverse All .py files in the directory, it will be compiled into .pyc file:

python -m compileall Then remove Directory of all .py files to be packaged released: 

$ find <src> -name '*.py' -type f -print -exec rm {} \;

1.3 advantage

  • Easy to improve a little break barriers source
  • Platform compatibility, .py run where, .pyc where you can run

Less than 1.4

  • Explain the difference compatibility, .pyc can only run on a specific version of the interpreter
  • There are ready-made tools to decompile, low cost break

python-uncompyle6 is such a decompiler, outstanding.

Run the following commands to the file decompile .pyc as .py files:

$ uncompyle6 *compiled-python-file-pyc-or-pyo*

2 code obfuscation

If the code is confusing to some extent, even the author looked at all strenuous, then, is not it also can achieve the purpose of protecting the source of it?

2.1 ideas

Since our aim is confusing, it is through a series of conversion, so that gradually the code is not so easy to make people understand that it may start like this: - Remove notes and documents. Without these instructions, in some critical logic is not so easy to understand. - change the indent. Perfect indentation looked just comfortable, if indentation suddenly long suddenly short, looking certainly suck. - adding a certain space in the middle of tokens. This change and indentation similar results. - Rename function, class, variable. Naming a direct impact on the readability of the name of a mess, but a major obstacle to reading comprehension. - Insert a blank line invalid code. This is the cover-up, with nothing to read code to disrupt the rhythm.

2.2 Method

Method One: Use oxyry be confused

http://pyob.oxyry.com/ is an online site confusion Python code, using it can easily be confused.

Suppose we have this piece of Python code related to the contents of classes, functions, parameters:

# coding: utf-8class A(object):
    """    Description    """

    def __init__(self, x, y, default=None):
        self.z = x + y
        self.default = default

    def name(self):
        return 'No Name'def always():
    return Truenum = 1a = A(num, 999, 100)a.name()always()

Obfuscated Oxyry obtain the following code:

class A (object ):#line:4
    ""#line:7
    def __init__ (O0O0O0OO00OO000O0 ,OO0O0OOOO0000O0OO ,OO0OO00O00OO00OOO ,OO000OOO0O000OOO0 =None ):#line:9
        O0O0O0OO00OO000O0 .z =OO0O0OOOO0000O0OO +OO0OO00O00OO00OOO #line:10
        O0O0O0OO00OO000O0 .default =OO000OOO0O000OOO0 #line:11
    def name (O000O0O0O00O0O0OO ):#line:13
        return 'No Name'#line:14def always ():#line:17
    return True #line:18num =1 #line:21a =A (num ,999 ,100 )#line:22a .name ()#line:23always ()

Code is obfuscated mainly in the comments, made some adjustments on the parameter name and space, creates a barrier on a little point of reading.

Method Two: Use pyobfuscate library confused

pyobfuscate be a year of considerable library of Python code obfuscation, but it is "healthy and strong" up.

Similarly Python code section above, the following effects after pyobfuscate confusion:

# coding: utf-8if 64 - 64: i11iIiiIiiif 65 - 65: O0 / iIii1I11I1II1 % OoooooooOO - i1IIiclass o0OO00 ( object ) :
 if 78 - 78: i11i . oOooOoO0Oo0O
 if 10 - 10: IIiI1I11i11
 if 54 - 54: i11iIi1 - oOo0O0Ooo
 if 2 - 2: o0 * i1 * ii1IiI1i % OOooOOo / I11i / Ii1I
 def __init__ ( self , x , y , default = None ) :
  self . z = x + y
  self . default = default
  if 48 - 48: iII111i % IiII + I1Ii111 / ooOoO0o * Ii1I
 def name ( self ) :
  return 'No Name'
  if 46 - 46: ooOoO0o * I11i - OoooooooOO
  if 30 - 30: o0 - O0 % o0 - OoooooooOO * O0 * OoooooooOOdef Oo0o ( ) :
 return True
 if 60 - 60: i1 + I1Ii111 - I11i / i1IIi
 if 40 - 40: oOooOoO0Oo0O / O0 % ooOoO0o + O0 * i1IIiI1Ii11I1Ii1i = 1Ooo = o0OO00 ( I1Ii11I1Ii1i , 999 , 100 )Ooo . name ( )Oo0o ( ) # dd678faae9ac167bc83abf78e5cb2f3f0688d3a3

Compared to the effect of a method, second method looks better. In addition to classes and functions have been renamed, added some spaces, most notably independent code inserted several segments, it becomes more difficult to read.

2.3 advantage

  • Easy to improve a little break barriers source
  • Compatibility is good, as long as the source logic can be accommodating, obfuscated code can also

Less than 2.4

  • Only a single file confusion, can not be linked to multiple source files in conjunction with each other confused
  • Did not change the structure of the code, bytecode can be acquired, not difficult to break

3 Using py2exe

3.1 ideas

py2exe is a Python script to convert executable files tool on the Windows platform. The principle is to compile the source file for the .pyc, coupled with the necessary dependencies, packaged together into a single executable file.

If the final release package by the py2exe binary files, would not achieve the purpose of protecting the source code?

3.2 Method

To use py2exe to package a relatively simple.

1) preparation of import documents. In this example named hello.py:

print 'Hello World'

2) written setup.py:

from distutils.core import setupimport py2exesetup(console=['hello.py'])

3) to generate an executable file

python setup.py py2exe

The resulting executable file is located in dist \ hello.exe.

3.3 advantage

  • It can be packaged directly into exe, easy to distribute and execute

  • Some crack threshold higher than .pyc

  • Less than 3.4

Poor compatibility, layout in the generated executable files can only run on a Windows system is clear and open, you can find the corresponding source code .pyc file, and then decompile the source code

4 Use Cython

4.1 ideas

Although the main purpose is to bring Cython performance improvement, but it's based on the principle: the .py / .pyx .c file is compiled, then the .c file is compiled .so (Unix) or .pyd (Windows), which another benefits is difficult to crack.

4.2 Method

To use Cython development is not complicated.

1) preparation of documents hello.pyx or hello.py:

def hello():
    print('hello')

2) written setup.py:

from distutils.core import setupfrom Cython.Build import cythonizesetup(name='Hello World app',
     ext_modules=cythonize('hello.pyx'))

3) compiled as .c, further compiled as .so or .pyd:

python setup.py build_ext --inplace

Performing python -c "from hello import hello; hello ()" direct reference to a binary file generated hello () function.

4.3 advantage

  • The resulting binary file .so difficult to crack or .pyd
  • While offering performance improvements

Less than 4.4

  • Compatibility somewhat less, for different versions of the operating system, you may need to recompile
  • While supported by most Python code, but if once part of the code is not found support and improve higher costs

    Wen source network for study purposes, if infringement contact deleted.

    I will be high-quality technical articles and lessons learned are gathered in my public No. [] in Python circles as to facilitate learning, but also put together a set of learning materials, free to love Python students! More learning exchange group, and more communication problems can progress faster ~

wulishinian
Published 38 original articles · won praise 1 · views 2170
Private letter concerns

Guess you like

Origin blog.csdn.net/wulishinian/article/details/105120515
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com