Advanced encryption protecting your python codebase.
SOURCEdefender can protect your plaintext Python source code with AES 256-bit Encryption. There is no impact on the performance of your running application as the decryption process takes place during the import of your module or when loading your script on the command-line. Encrypted code won't run any slower when it is loaded from a .pye file compared to loading from a .py or .pyc file.
As we hook directly into the import process there are no cross platform or Python version compatibility issues. Encrypted code will run on the ANY target environment we support. Obviously your code needs to be written with the target platform in mind, we can't automagically make sys.getwindowsversion() work on Linux.
- Code encrypted with AES 256-bit encryption.
- Encrypted code will run on ANY supported environment.
- Enforced expire time on encrypted code (optional).
|Architecture||Operating System||Python 3.5||Python 3.6||Python 3.7||Python 3.8-dev||Python 3.9-dev|
No licence is required to distribute and run encrypted code. All you need to remember is to inlcude sourcedefender as a dependency while packaging your project and import the sourcedefender module before you attempt to use/import encrypted code.
To encrypt files you need a licence. To test the software you can create a trial licence that will last for 30 days. To create a trial licence you'll need to run the following command:
$ sourcedefender activate SOURCEdefender v5.0.2 Generating Trial Licence. Licence: Type : Trial File : /home/ubuntu/.sourcedefender Status : [ Timestamp 1 Month from now ] $
Note: This will create a .sourcedefender licence file in the current directory.
Any code encrypted with this licence will automatically have a 30 day expire period enforced by default, you can enforce a shorter expire time window with the --ttl option as we will do in the example below. The Registered version has no enforced expire period defined, but you can set one manually if you need to.
To remove the 30 day expire restriction you need to purchase a licence:
|Personal||A Personal License is a discounted option for a private individual who purchases a license for non-commercial use. Examples would be for learning purposes or managing a tryout-lab at home.|
|Commercial||A Commercial License is for organisations and business entities (including educational and non-profit organizations). Contact us for non-profit and educational organisations for a discount.|
Once you have completed your purchase, you will be emailed a Profile ID from PayPal. Activation of your subscription is a one time event and the licence is only valid for the device activating the subscription. To activate your subscription you'll need to run the following command:
$ sourcedefender activate --subscription="I-13K8MFCD23U3" SOURCEdefender v5.0.2 Validating subscription status.... Licence: Type : Subscription ID : I-13K8MFCD23U3 Status : Active File : .sourcedefender $
If you want to view your subscription status at any time you can run this:
$ sourcedefende view SOURCEdefender v5.0.2 Validating subscription status.... Licence: Type : Subscription ID : I-13K8MFCD23U3 Status : Active File : .sourcedefender $
There are four states for a subscription:
|Active||Successful validation of your active subscription.|
|Cancelled||You have cancelled your subscription via PayPal.|
|Uknown||We have been unable to validate the status of your licence.|
|Error||There has been an error with your registration details.|
Network Requirements for subscription activation
To activate your subscription you will need TCP access to port 993. This can be direct access or via a SOCKS4, SOCK5, or HTTP proxxy configured using the HTTP_PROXY/http_proxxy environment variables. The uppercase 'HTTP_PROXY' environment variable will take precedence over the lowercase 'http_proxy' one. As an example for a SOCKS4 proxy you could use the following format for your environment variable:
Here it is assumed that you are running your SOCKS Proxy on port 1080. If you use something like Squid, you can set it up as follows:
Obviously that assumes that Squid is using port 3128.
How do I protect my Python source code?
Let's have a look at an example of the encryption process:
$ cat /home/ubuntu/helloworld.py print("Hello World!")
This is a very basic example and produces the following output:
$ python3 /home/ubuntu/helloworld.py Hello World!
We do not want anyone to get at our source code and we also don't want anyone to run this code after 1 day. When we encrypt the file we can enforce an expire time of 1 day from now with the --ttl option as follows:
$ sourcedefender encrypt --ttl=1d /home/ubuntu/helloworld.py SOURCEdefender v5.0.2 Processing: /home/ubuntu/helloworld.py
Now the file is encrypted, its contents are as follows:
$ cat /home/ubuntu/helloworld.pye -----BEGIN SOURCEDEFENDER FILE----- Version : 5.0.2 PDVEZCZEVENjcUFLSzFCOGI7fjNubG14eGlGaUVANFI/dVU9WkpSeDI9NzA1JUxWJFUyRSpDPUQ5 VWxpVf5xfJFnn0ZMVuXDWSu8xJ+89JTzA4/W+hpgz/t2p90XquT4y+BtXSfDrINLXFe5j6+EYSr0 UVCi9Ad3119XXFgDzdMnjvhWVf8z5iH+BflX3wMDCM4M9qHPmqeB4j1xDDgMPwAW4biytQD8mc75 N7f+l3N4i0ZORa1hA6FhUFNuH2BjauDVKcNVZVlHOWRGOX5vZkt4JEJ7Tm9mc2YyRExRekFWQUhm N3JzKXkkX199Nn0wSVFDOSNYKk42T2BEV2goZEVvVQ== ------END SOURCEDEFENDER FILE------
Once a file has been encrypted, its extension is changed .py to .pye, this is so the module knows its encrypted and can process it accordingly during import.
Can I still run Python from the command-line?
Yes, you can still run scripts from the command-line, but you need to run the sourcedefender library module, and include your encrypted file name as the first argument:
$ python3 -m sourcedefender /home/ubuntu/helloworld.pye Hello World! $
Or access the module via the usual import system:
$ cd /home/ubuntu $ ls helloworld.pye $ python3 >>> >>> import sourcedefender >>> import helloworld Hello World! >>> exit() $
Copyright (c) 2018-2019 SOURCEdefender. All rights reserved.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. REVERSE ENGINEERING IS STRICTLY PROHIBITED.