Advanced encryption protecting your python codebase.
SOURCEdefender can protect your plaintext Python source code with AES 256-bit Encryption. There is no impact on the performance of your running application as the decryption process takes place during the import of your module or when loading your script on the command-line. Encrypted code won't run any slower once loaded from a .pye file compared to loading from a .py or .pyc file.
As we hook directly into the import process there are no cross platform or Python version compatibility issues. Encrypted code will run on the ANY target environment we support. Obviously your code needs to be written with the target platform in mind, we can't automagically make sys.getwindowsversion() work on Linux.
- Code encrypted with AES 256-bit encryption.
- Encrypted code will run on ANY supported environment.
- Enforced expire time on encrypted code (optional).
|Architecture||Operating System||Python 3.6||Python 3.7||Python 3.8||Python 3.9|
How do I protect my Python source code?
Let's have a look at an example of the encryption process:
$ cat /home/ubuntu/helloworld.py print("Hello World!")
This is a very basic example and produces the following output:
$ python3 /home/ubuntu/helloworld.py Hello World!
We do not want anyone to get at our source code and we also don't want anyone to run this code after 1 day. When we encrypt the file we can enforce an expire time of 1 day from now with the --ttl option as follows:
$ sourcedefender encrypt --ttl=1d /home/ubuntu/helloworld.py SOURCEdefender v5.0.21 Processing: /home/ubuntu/helloworld.py
Now the file is encrypted, its contents are as follows:
$ cat /home/ubuntu/helloworld.pye -----BEGIN SOURCEDEFENDER FILE ----- Version : 5.0.21 MjB5YllqRTXjP6uuDWAWQDOwsbd+E45xKJWvoIS3MBIQxc3JfE6oQUt2PGxJQyhDCO9gOknv6ZxX Q+I3EnKM16W7zgYmjuWtzBAJ2n7GISKhxaCFW0qyfP2WSiFXc2xiN2N6a9NX8kOjZltDxlPktIV5 HA00ODFKRDJPWA== ------END SOURCEDEFENDER FILE ------
Once a file has been encrypted, its extension is changed .py to .pye, this is so the module knows its encrypted and can process it accordingly during import. All you need to remember is to inlcude sourcedefender as a dependency while packaging your project and import the sourcedefender module before you attempt to use your encrypted code.
Can I still run Python from the command-line?
Yes, you can still run scripts from the command-line, but you need to run the sourcedefender library module, and include your encrypted file name as the first argument:
$ python3 -m sourcedefender /home/ubuntu/helloworld.pye Hello World! $
Or access the module via the usual import system:
$ cd /home/ubuntu $ ls helloworld.pye $ python3 >>> >>> import sourcedefender >>> import helloworld Hello World! >>> exit() $
Integrating encrypted code with PyInstaller
PyInstaller scans your code for import statements so it knows what packages to freeze. This scanning is not possible inside encrypted code so you need to tell PyInstaller to include your encrypted files. For this example, we have the following project structure:
pyexe.py lib ├── fibonacci.pye └── fib.pye
In our executable script "pyexe.py" we have the following code:
$ cat pyexe.py import sourcedefender import fib
To ensure that PyInstaller includes our encrypted files, we need to tell it where they are with the --add-binary option. So, for the above project, we could use this command:
$ pyinstaller --onefile --add-binary lib:. pyexe.py
If you have imports that are not in your lib folder or you are using modules installed via pip and then imported inside your encrypted codebase then the pyinstaller won't be able to detect these. To get round this, you can use the '--hidden-import' option to include them in your final build.
- Added a Changelog to this document :-)
- Moved away from serialized data with pickle and now use msgpack as it's much more reliable.
- Removed the '--keep' option when encrypting, this makes keeping original source files the default.
- Added a '--remove' option to delete the .py file after encrypting it.
- Replaced docopt dependency with docopt-ng.
- Stopped using atomicwrite to save files as macOS doesn't like it.
Copyright (c) 2018-2020 SOURCEdefender. All rights reserved.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. REVERSE ENGINEERING IS STRICTLY PROHIBITED.
Release history Release notifications | RSS feed
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size||File type||Python version||Upload date||Hashes|
|Filename, size sourcedefender-5.0.21.tar.gz (3.1 MB)||File type Source||Python version None||Upload date||Hashes View|