Skip to main content

Advanced encryption protecting your python codebase.

Project description

SOURCEdefender - advanced encryption protecting your Python codebase


python downloads downloads license

SOURCEdefender can protect your plaintext Python source code with AES 256-bit Encryption. There is no impact on the performance of your running application as the decryption process takes place during the import of your module or when loading your script on the command-line. Encrypted code won't run any slower when it is loaded from a .pye file compared to loading from a .py or .pyc file.

As we hook directly into the import process there are no cross platform or Python version compatibility issues. Encrypted code will run on the ANY target environment we support. Obviously your code needs to be written with the target platform in mind, we can't automagically make sys.getwindowsversion() work on Linux.

Features

  • Code encrypted with AES 256-bit encryption.
  • Encrypted code will run on ANY supported environment.
  • Enforced expire time on encrypted code (optional).

Supported Environments

Architecture Operating System Python 3.5 Python 3.6 Python 3.7 Python 3.8-dev Python 3.9-dev
x86_64 Windows 10 Y Y Y N N
x86_64 Linux Y Y Y Y Y
x86_64 macOS Y Y Y N N
ARMv7 Linux Y Y Y Y Y

Licence

Runtime

No licence is required to distribute and run encrypted code. All you need to remember is to inlcude sourcedefender as a dependency while packaging your project and import the sourcedefender module before you attempt to use/import encrypted code.

Encryption

To encrypt files you need a licence. To test the software you can create a trial licence that will last for 30 days. To create a trial licence you'll need to run the following command:

$ sourcedefender activate
SOURCEdefender v5.0.3

Generating Trial Licence.

Licence:

Type    : Trial
File    : /home/ubuntu/.sourcedefender
Status  : [ Timestamp 1 Month from now ]
$

Note: This will create a .sourcedefender licence file in the current directory.

Any code encrypted with this licence will automatically have a 30 day expire period enforced by default, you can enforce a shorter expire time window with the --ttl option as we will do in the example below. The Registered version has no enforced expire period defined, but you can set one manually if you need to.

Registration

To remove the 30 day expire restriction you need to purchase a licence:

Licence Usage
Personal A Personal License is a discounted option for a private individual who purchases a license for non-commercial use. Examples would be for learning purposes or managing a tryout-lab at home.
Commercial A Commercial License is for organisations and business entities (including educational and non-profit organizations). Contact us for non-profit and educational organisations for a discount.

Activation

Once you have completed your purchase, you will be emailed a Profile ID from PayPal. Activation of your subscription is a one time event and the licence is only valid for the device activating the subscription. To activate your subscription you'll need to run the following command:

$ sourcedefender activate --subscription="I-13K8MFCD23U3"
SOURCEdefender v5.0.3

Validating subscription status....

Licence:

Type   : Subscription
ID     : I-13K8MFCD23U3
Status : Active
File   : .sourcedefender
$

If you want to view your subscription status at any time you can run this:

$ sourcedefende view
SOURCEdefender v5.0.3

Validating subscription status....

Licence:

Type   : Subscription
ID     : I-13K8MFCD23U3
Status : Active
File   : .sourcedefender
$

There are four states for a subscription:

Status Comment
Active Successful validation of your active subscription.
Cancelled You have cancelled your subscription via PayPal.
Uknown We have been unable to validate the status of your licence.
Error There has been an error with your registration details.

Network Requirements for subscription activation

To activate your subscription you will need TCP access to port 993. This can be direct access or via a SOCKS4, SOCK5, or HTTP proxxy configured using the HTTP_PROXY/http_proxxy environment variables. The uppercase 'HTTP_PROXY' environment variable will take precedence over the lowercase 'http_proxy' one. As an example for a SOCKS4 proxy you could use the following format for your environment variable:

$ ALL_PROXY="socks4://username:password@hostname"

OR

$ HTTP_PROXY="socks4://username:password@hostname"

Here it is assumed that you are running your SOCKS Proxy on port 1080. If you use something like Squid, you can set it up as follows:

$ HTTP_PROXY="http://username:password@hostname:3128"

Obviously that assumes that Squid is using port 3128.

Usage

How do I protect my Python source code?

Let's have a look at an example of the encryption process:

$ cat /home/ubuntu/helloworld.py
print("Hello World!")

This is a very basic example and produces the following output:

$ python3 /home/ubuntu/helloworld.py
Hello World!

We do not want anyone to get at our source code and we also don't want anyone to run this code after 1 day. When we encrypt the file we can enforce an expire time of 1 day from now with the --ttl option as follows:

$ sourcedefender encrypt --ttl=1d /home/ubuntu/helloworld.py
SOURCEdefender v5.0.3

Processing:

/home/ubuntu/helloworld.py

Now the file is encrypted, its contents are as follows:

$ cat /home/ubuntu/helloworld.pye
-----BEGIN SOURCEDEFENDER FILE-----
Version : 5.0.3

PDVEZCZEVENjcUFLSzFCOGI7fjNubG14eGlGaUVANFI/dVU9WkpSeDI9NzA1JUxWJFUyRSpDPUQ5
VWxpVf5xfJFnn0ZMVuXDWSu8xJ+89JTzA4/W+hpgz/t2p90XquT4y+BtXSfDrINLXFe5j6+EYSr0
UVCi9Ad3119XXFgDzdMnjvhWVf8z5iH+BflX3wMDCM4M9qHPmqeB4j1xDDgMPwAW4biytQD8mc75
N7f+l3N4i0ZORa1hA6FhUFNuH2BjauDVKcNVZVlHOWRGOX5vZkt4JEJ7Tm9mc2YyRExRekFWQUhm
N3JzKXkkX199Nn0wSVFDOSNYKk42T2BEV2goZEVvVQ==

------END SOURCEDEFENDER FILE------

Once a file has been encrypted, its extension is changed .py to .pye, this is so the module knows its encrypted and can process it accordingly during import.

Can I still run Python from the command-line?

Yes, you can still run scripts from the command-line, but you need to run the sourcedefender library module, and include your encrypted file name as the first argument:

$ python3 -m sourcedefender /home/ubuntu/helloworld.pye
Hello World!
$

Or access the module via the usual import system:

$ cd /home/ubuntu
$ ls
helloworld.pye
$ python3
>>>
>>> import sourcedefender
>>> import helloworld
Hello World!
>>> exit()
$

Feedback

If you wish to get in touch, please email us at hello@sourcedefender.co.uk, or via Facebook.

Legal

Copyright (c) 2018-2019 SOURCEdefender. All rights reserved.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. REVERSE ENGINEERING IS STRICTLY PROHIBITED.

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for sourcedefender, version 5.0.3
Filename, size & hash File type Python version Upload date
sourcedefender-5.0.3.tar.gz (5.0 MB) View hashes Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page