卡密 license-system client SDK + server-bound Python source protection (encrypt / obfuscate / Cython / one-command packaging)
Project description
kami-armor
卡密(license)系统的 Python 客户端 SDK + 服务端绑定密钥的源码保护工具链。
- 🔑 客户端 SDK(
kami_client):在线激活 / 校验 / 心跳 / 解绑、价值闸门调用、按授权解锁加密资源、完整性自测量——只内嵌公钥,离线验签,永远拿不到可伪造卡密的私钥。 - 🛡 源码保护(
kami_armor):把 Python 模块加密成密文随程序分发,发布物里没有密钥,运行时经服务器按授权下发密钥、内存解密导入。比 PyArmor 强在一个结构性维度——密钥托管(PyArmor 的密钥静态内嵌、可离线脱壳;这里密钥根本不在文件里,可吊销/溯源)。 - 🧩 混淆 + 原生编译 + 一键打包:自建免费的改名/字符串加密(symtable 保证不改坏代码)、Cython 原生编译皇冠模块、
kami-armor harden一条命令 混淆→Cython→加密→PyInstaller/Nuitka 出 exe。
⚠️ 这是客户端库,需要配合一个 kami 授权服务器(你自建/自部署的单文件 Go 服务)才能工作。SDK 只负责和你的服务器对话。
安装
pip install kami-armor
# 需要"一键打包/Cython"功能时(构建期工具):
pip install "kami-armor[harden]"
客户端 SDK 快速上手
from kami_client import KamiClient, LicenseError
client = KamiClient("https://license.example.com", "你的产品代号", "<服务器公钥HEX>")
try:
lic = client.validate() # 先用缓存/在线校验
except LicenseError:
lic = client.activate(user_code) # 首次激活(卡密)
if lic.has_feature("premium"):
out, quota = client.gated("premium", {"k": "v"}, cost=1) # 价值在服务端执行
key = client.unlock("model") # 按授权拿密钥
data = client.decrypt_resource(sealed_bytes, key) # 仅内存解密
client.attest("build-1") # 可选:完整性证明
# 可选:后台心跳(实时在线 + 即时感知吊销/踢下线)
stop = client.start_heartbeat # 见文档
源码保护(kami_armor)
import kami_armor
# 构建期:加密模块 + 注册密钥(密钥不进发布物)
kami_armor.build([{"src": "core/algo.py", "module": "core.algo",
"resource": "algo_v1", "feature": "premium", "keep": ["compute"]}],
admin_url="https://license.example.com", token="<后台JWT>")
# 运行期:装上加密导入
from kami_client import KamiClient
import kami_armor
client = KamiClient(url, product, pubkey); client.validate()
kami_armor.install(client, "dist_protected/manifest.json")
import core.algo # ← 经服务器按授权解密后才能导入
命令行:
# 只做混淆(改名+字符串加密,供 Cython/Nuitka 用)
python -m kami_armor obfuscate core/algo.py -o core/algo_obf.py --keep run
# 一键:混淆→Cython→加密→打包出 exe
python -m kami_armor harden --config kami-harden.toml
诚实定位
客户端的混淆/加密只能抬高破解成本,不是绝对保密——解密后的代码运行时仍可能被持有效授权的攻击者内存 dump(CPython 的硬限制,所有方案都一样)。真正耐久的保护是:把价值与密钥留在服务端(价值闸门 + 按授权发密钥),并用比 crack 传播更快的吊销与更新让破解迅速过期。本库正是围绕这一原则设计。
License
MIT © yuge666
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file kami_armor-0.1.0.tar.gz.
File metadata
- Download URL: kami_armor-0.1.0.tar.gz
- Upload date:
- Size: 21.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8e4e38264ad78ebc98eebffaed70bbc5585a8e7d2f978574ba65c3cd9846fed4
|
|
| MD5 |
2e5aafdd0d11c39ca4a6c9c9712787bb
|
|
| BLAKE2b-256 |
a36f1d46ffc526a11e07978ea5680a97d61998721b2fd61e07442844b5a56350
|
File details
Details for the file kami_armor-0.1.0-py3-none-any.whl.
File metadata
- Download URL: kami_armor-0.1.0-py3-none-any.whl
- Upload date:
- Size: 24.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
74b119af1c9823890c8cd4fc100c0b67e4e8876a92210957b1944e817a6daaf0
|
|
| MD5 |
ef96fd0af654725b8db2f3ab13d061c1
|
|
| BLAKE2b-256 |
74216e57024a62dd54a6cbcd454d0e19ce493a30e659fec0186fb05af5fcc52f
|
