Due to the dynamic characteristics and features of the Python open source, resulting in Python code that is hard to do a good encryption. Some voices in the community is the fact that such restrictions should be through legal means rather than encryption source code to achieve the purpose of commercial protection; and there are some sound irrespective want to have a means to encrypt. Ever since, people come up with all kinds or encrypted, or obfuscated program, thereby to achieve the purpose of protecting the source code.
Common source means of protection are summarized as follows:
- .Pyc release files
- Code obfuscation
- Use py2exe
- Use Cython
Let's talk about these simple solutions.
1 issue .pyc file
1.1 ideas
As we all know, Python interpreter will first generate .pyc file during the execution of the code, and then explain the implementation of the contents of .pyc file. Of course, Python interpreter can execute .pyc file directly. The .pyc files are binary files and can not see directly source content. If the code is issued .pyc rather than .py file to the client environment, then it would not be able to achieve the purpose of protection of Python code?
1.2 Methods
The .py files are compiled to .pyc file, is a very easy thing, all of the code may not need to run again, and then Qulao .pyc generated files.
In fact, Python standard library provides a library named compileall, and can easily be compiled.
Run the following command will be able to traverse
python -m compileall
$ find <src> -name '*.py' -type f -print -exec rm {} \;
1.3 advantage
- Easy to improve a little break barriers source
- Platform compatibility, .py run where, .pyc where you can run
Less than 1.4
- Explain the difference compatibility, .pyc can only run on a specific version of the interpreter
- There are ready-made tools to decompile, low cost break
python-uncompyle6 is such a decompiler, outstanding.
Run the following commands to the file decompile .pyc as .py files:
$ uncompyle6 *compiled-python-file-pyc-or-pyo*
2 code obfuscation
If the code is confusing to some extent, even the author looked at all strenuous, then, is not it also can achieve the purpose of protecting the source of it?
2.1 ideas
Since our aim is confusing, it is through a series of conversion, so that gradually the code is not so easy to make people understand that it may start like this: - Remove notes and documents. Without these instructions, in some critical logic is not so easy to understand. - change the indent. Perfect indentation looked just comfortable, if indentation suddenly long suddenly short, looking certainly suck. - adding a certain space in the middle of tokens. This change and indentation similar results. - Rename function, class, variable. Naming a direct impact on the readability of the name of a mess, but a major obstacle to reading comprehension. - Insert a blank line invalid code. This is the cover-up, with nothing to read code to disrupt the rhythm.
2.2 Method
Method One: Use oxyry be confused
http://pyob.oxyry.com/ is an online site confusion Python code, using it can easily be confused.
Suppose we have this piece of Python code related to the contents of classes, functions, parameters:
# coding: utf-8class A(object):
""" Description """
def __init__(self, x, y, default=None):
self.z = x + y
self.default = default
def name(self):
return 'No Name'def always():
return Truenum = 1a = A(num, 999, 100)a.name()always()
Obfuscated Oxyry obtain the following code:
class A (object ):#line:4
""#line:7
def __init__ (O0O0O0OO00OO000O0 ,OO0O0OOOO0000O0OO ,OO0OO00O00OO00OOO ,OO000OOO0O000OOO0 =None ):#line:9
O0O0O0OO00OO000O0 .z =OO0O0OOOO0000O0OO +OO0OO00O00OO00OOO #line:10
O0O0O0OO00OO000O0 .default =OO000OOO0O000OOO0 #line:11
def name (O000O0O0O00O0O0OO ):#line:13
return 'No Name'#line:14def always ():#line:17
return True #line:18num =1 #line:21a =A (num ,999 ,100 )#line:22a .name ()#line:23always ()
Code is obfuscated mainly in the comments, made some adjustments on the parameter name and space, creates a barrier on a little point of reading.
Method Two: Use pyobfuscate library confused
pyobfuscate be a year of considerable library of Python code obfuscation, but it is "healthy and strong" up.
Similarly Python code section above, the following effects after pyobfuscate confusion:
# coding: utf-8if 64 - 64: i11iIiiIiiif 65 - 65: O0 / iIii1I11I1II1 % OoooooooOO - i1IIiclass o0OO00 ( object ) :
if 78 - 78: i11i . oOooOoO0Oo0O
if 10 - 10: IIiI1I11i11
if 54 - 54: i11iIi1 - oOo0O0Ooo
if 2 - 2: o0 * i1 * ii1IiI1i % OOooOOo / I11i / Ii1I
def __init__ ( self , x , y , default = None ) :
self . z = x + y
self . default = default
if 48 - 48: iII111i % IiII + I1Ii111 / ooOoO0o * Ii1I
def name ( self ) :
return 'No Name'
if 46 - 46: ooOoO0o * I11i - OoooooooOO
if 30 - 30: o0 - O0 % o0 - OoooooooOO * O0 * OoooooooOOdef Oo0o ( ) :
return True
if 60 - 60: i1 + I1Ii111 - I11i / i1IIi
if 40 - 40: oOooOoO0Oo0O / O0 % ooOoO0o + O0 * i1IIiI1Ii11I1Ii1i = 1Ooo = o0OO00 ( I1Ii11I1Ii1i , 999 , 100 )Ooo . name ( )Oo0o ( ) # dd678faae9ac167bc83abf78e5cb2f3f0688d3a3
Compared to the effect of a method, second method looks better. In addition to classes and functions have been renamed, added some spaces, most notably independent code inserted several segments, it becomes more difficult to read.
2.3 advantage
- Easy to improve a little break barriers source
- Compatibility is good, as long as the source logic can be accommodating, obfuscated code can also
Less than 2.4
- Only a single file confusion, can not be linked to multiple source files in conjunction with each other confused
- Did not change the structure of the code, bytecode can be acquired, not difficult to break
3 Using py2exe
3.1 ideas
py2exe is a Python script to convert executable files tool on the Windows platform. The principle is to compile the source file for the .pyc, coupled with the necessary dependencies, packaged together into a single executable file.
If the final release package by the py2exe binary files, would not achieve the purpose of protecting the source code?
3.2 Method
To use py2exe to package a relatively simple.
1) preparation of import documents. In this example named hello.py:
print 'Hello World'
2) written setup.py:
from distutils.core import setupimport py2exesetup(console=['hello.py'])
3) to generate an executable file
python setup.py py2exe
The resulting executable file is located in dist \ hello.exe.
3.3 advantage
It can be packaged directly into exe, easy to distribute and execute
Some crack threshold higher than .pyc
Less than 3.4
Poor compatibility, layout in the generated executable files can only run on a Windows system is clear and open, you can find the corresponding source code .pyc file, and then decompile the source code
4 Use Cython
4.1 ideas
Although the main purpose is to bring Cython performance improvement, but it's based on the principle: the .py / .pyx .c file is compiled, then the .c file is compiled .so (Unix) or .pyd (Windows), which another benefits is difficult to crack.
4.2 Method
To use Cython development is not complicated.
1) preparation of documents hello.pyx or hello.py:
def hello():
print('hello')
2) written setup.py:
from distutils.core import setupfrom Cython.Build import cythonizesetup(name='Hello World app',
ext_modules=cythonize('hello.pyx'))
3) compiled as .c, further compiled as .so or .pyd:
python setup.py build_ext --inplace
Performing python -c "from hello import hello; hello ()" direct reference to a binary file generated hello () function.
4.3 advantage
- The resulting binary file .so difficult to crack or .pyd
- While offering performance improvements
Less than 4.4
- Compatibility somewhat less, for different versions of the operating system, you may need to recompile
- While supported by most Python code, but if once part of the code is not found support and improve higher costs
Wen source network for study purposes, if infringement contact deleted.
I will be high-quality technical articles and lessons learned are gathered in my public No. [] in Python circles as to facilitate learning, but also put together a set of learning materials, free to love Python students! More learning exchange group, and more communication problems can progress faster ~