程序師世界是廣大編程愛好者互助、分享、學習的平台,程序師世界有你更精彩!
首頁
編程語言
C語言|JAVA編程
Python編程
網頁編程
ASP編程|PHP編程
JSP編程
數據庫知識
MYSQL數據庫|SqlServer數據庫
Oracle數據庫|DB2數據庫
您现在的位置: 程式師世界 >> 編程語言 >  >> 更多編程語言 >> Python

How to protect your Python code with existing encryption schemes

編輯:Python

This series will first introduce the idea of the existing source code encryption scheme 、 Method 、 Advantages and disadvantages , Then it introduces how to customize Python Interpreter to achieve better encryption and decryption of the source .

because Python Dynamic and open source features , Lead to Python It's hard to encrypt the code well . Some voices in the community believe that such restrictions are true , The purpose of commercial protection should be achieved by legal means rather than by encrypting the source code ; And there are some voices that want a way to encrypt anyway . So , People come up with all kinds of encryption 、 Or a confused scheme , To protect the source code .

Common source protection methods are as follows :

  • issue .pyc file
  • Code obfuscation
  • Use py2exe
  • Use Cython

Let's talk about these plans briefly .

1 issue .pyc file
1.1 Ideas
Everybody knows ,Python The interpreter will first generate... During code execution .pyc file , Then explain the execution .pyc Contents of the file . Yes, of course ,Python The interpreter can also directly execute .pyc file . and .pyc Files are binary files , Can 't see the source content directly . If the code is released to the customer environment .pyc Instead of .py Word of the file , Can't that protect Python The purpose of the code ?

1.2 Method
hold .py The file is compiled as .pyc file , It's a very easy thing , You don't need to run all the code once , Then go and get the .pyc file .

in fact ,Python A standard library is provided with the name compileall The library of , It's easy to compile .

Execute the following command to traverse All under directory .py file , Compile it as .pyc file :

python -m compileall Then delete All under directory .py The files can be packaged and released :

$ find <src> -name '*.py' -type f -print -exec rm {} \;

1.3 advantage

  • Easy and convenient , Raised a little source code crack threshold
  • Good platform compatibility ,.py Where can I run ,.pyc Where to run

1.4 Insufficient
Bad interpreter compatibility ,.pyc Can only run on a specific version of the interpreter

There are decompilators out there , The cost of cracking is low
python-uncompyle6 It's such a decompiler , Excellent results .

Execute the following command , Can be .pyc Decompile file to .py file :

$ uncompyle6 *compiled-python-file-pyc-or-pyo*

2 Code obfuscation
If the code is confused to a certain extent , Even the author looked at all the words , Is it possible to protect the source code ?

2.1 Ideas
Since our aim is to confuse , Through a series of transformations , Let the code gradually not so easy to understand , Then we can do it like this :- Remove comments and documents . There are no such instructions , It's not so easy to understand in some key logics .- Change indent . The perfect indent is comfortable to watch , If the indent changes from long to short , You must be upset when you look at it .- stay tokens Put some space in the middle . It's like changing indent .- Rename function 、 class 、 Variable . Naming directly affects readability , Messy names are a big obstacle to reading comprehension .- Insert invalid code in a blank line . That's the trick , Use irrelevant code to disrupt the reading rhythm .

2.2 Method
Method 1 : Use oxyry Confusion
pyob.oxyry.com/ It's an online confusion Python Code site , Using it can easily confuse .

Suppose we have a paragraph like this Python Code , Class is involved 、 function 、 Parameters, etc :

# coding: utf-8
class A(object):
"""
Description
"""
def __init__(self, x, y, default=None):
self.z = x + y
self.default = default
def name(self):
return 'No Name'
def always():
return True
num = 1
a = A(num, 999, 100)
a.name()
always()

after Oxyry The confusion , Get the following code :

class A (object ):#line:4
""#line:7
def __init__ (O0O0O0OO00OO000O0 ,OO0O0OOOO0000O0OO ,OO0OO00O00OO00OOO ,OO000OOO0O000OOO0 =None ):#line:9
O0O0O0OO00OO000O0 .z =OO0O0OOOO0000O0OO +OO0OO00O00OO00OOO #line:10
O0O0O0OO00OO000O0 .default =OO000OOO0O000OOO0 #line:11
def name (O000O0O0O00O0O0OO ):#line:13
return 'No Name'#line:14
def always ():#line:17
return True #line:18
num =1 #line:21
a =A (num ,999 ,100 )#line:22
a .name ()#line:23
always ()

The code after confusion is mainly in comments 、 Some adjustments have been made to the parameter name and space , A little bit of a reading barrier .

Method 2 : Use pyobfuscate Library to confuse
pyobfuscate It's a very old Python Code obfuscation Library , But it is “ Hale and hearty ” 了 .

For the same paragraph above Python Code , the pyobfuscate The effect of confusion is as follows :

# coding: utf-8
if 64 - 64: i11iIiiIii
if 65 - 65: O0 / iIii1I11I1II1 % OoooooooOO - i1IIi
class o0OO00 ( object ) :
if 78 - 78: i11i . oOooOoO0Oo0O
if 10 - 10: IIiI1I11i11
if 54 - 54: i11iIi1 - oOo0O0Ooo
if 2 - 2: o0 * i1 * ii1IiI1i % OOooOOo / I11i / Ii1I
def __init__ ( self , x , y , default = None ) :
self . z = x + y
self . default = default
if 48 - 48: iII111i % IiII + I1Ii111 / ooOoO0o * Ii1I
def name ( self ) :
return 'No Name'
if 46 - 46: ooOoO0o * I11i - OoooooooOO
if 30 - 30: o0 - O0 % o0 - OoooooooOO * O0 * OoooooooOO
def Oo0o ( ) :
return True
if 60 - 60: i1 + I1Ii111 - I11i / i1IIi
if 40 - 40: oOooOoO0Oo0O / O0 % ooOoO0o + O0 * i1IIi
I1Ii11I1Ii1i = 1
Ooo = o0OO00 ( I1Ii11I1Ii1i , 999 , 100 )
Ooo . name ( )
Oo0o ( ) # dd678faae9ac167bc83abf78e5cb2f3f0688d3a3

Compared to method one , Method two looks better . Except for class and function renaming 、 Added some spaces , The most obvious is the insertion of a number of unrelated pieces of code , It's getting harder to read .

2.3 advantage

  • Easy and convenient , Raised a little source code crack threshold
  • Compatibility is good. , As long as the source logic can be compatible , Obfuscating code can also

2.4 Insufficient

  • You can only confuse a single file , It is impossible to confuse multiple linked source files
  • The code structure has not changed , Can also get bytecode , It's not hard to crack

3 Use py2exe
3.1 Ideas

py2exe It's a will Python The script is converted to Windows Tools for executable files on the platform . The principle is to compile the source code as .pyc file , Plus the necessary dependencies , Package them together into an executable .

If the final issue is by py2exe Packaged binaries , That is not to achieve the purpose of protecting the source code ?

3.2 Method
Use py2exe It's easy to pack .

1) Write entry file . In this example, the name is hello.py:

print 'Hello World`

2) To write setup.py:

from distutils.core import setup
import py2exe
setup(console=['hello.py'])

3) Generate executable files

python setup.py py2exe

The generated executable is located at dist\hello.exe.

3.3 advantage

  • Can be packaged directly into exe, Easy to distribute and execute
  • Break the threshold ratio .pyc Higher

3.4 Insufficient

  • Compatibility is poor , It can only run on Windows On the system
  • The layout within the generated executable is clear 、 Open , You can find the source code corresponding to .pyc file , Then decompile the source code

4 Use Cython
4.1 Ideas
although Cython The main purpose is to improve the performance , But based on its principles : take .py/.pyx Compiled into .c file , then .c The file is compiled as .so(Unix) or .pyd(Windows), Another advantage is that it's hard to crack .

4.2 Method
Use Cython The steps of development are not complicated .

1) Write file hello.pyx or hello.py:

def hello():
print('hello')

2) To write setup.py:

from distutils.core import setup
from Cython.Build import cythonize
setup(name='Hello World app',
ext_modules=cythonize('hello.pyx'))

3) Compiled into .c, And then compile it to .so or .pyd:

python setup.py build_ext --inplace

perform python -c "from hello import hello;hello()" Can directly reference the generated binary file hello() function .

4.3 advantage

  • Generated binary .so or .pyd Documents are hard to crack
  • At the same time, it brings performance improvement

4.4 Insufficient

  • Compatibility is a little bit poor , For different versions of the operating system , You may need to recompile
  • While supporting most Python Code , But if you find that some code doesn't support , The cost of improvement is high

The above is all the content shared this time , Want to know more python Welcome to official account :Python Programming learning circle , send out “J” Free access to , Daily dry goods sharing


  1. 上一篇文章:
  2. 下一篇文章:
Copyright © 程式師世界 All Rights Reserved