一种利用编译型语言保护Python源码方法
在使用Python 开发一段时间发现Python有不少优势,可是Python是解释型语言,Python项目的部署时源码是裸露的,针对这个问题如今也有几种解决方案。在使用以上几种解决方案保护Python源码时不太方便和安全。因此提出一种利用编译型语言保护Python源码方法。python
思考过程:git
- 计划使用纯Python代码利密码学保护源码,随着代码的编写发现不管如何利用对称加密、非对称加密和Hash算法都须要一个入口代码,别人能够利用入口代码一步步的进行破解。(论证没法解决问题)
- 由于以前写过C/C++,考虑编译型语言为何不须要保护源码,编译型语言的可执行文件是二进制文件,很难进行反编译。随着这个思路能不能利用编译型语言的保密性对Python源码进行保护。
- 因为Python代码在运行时会被加载到内存,当程序运行成功是磁盘上的Python源码能够不存在。
- 利用Go将Python源码加密,使用时执行Go的二进制执行文件进行解密,Python代码启动成功后删除解密后的Python源码,只保留加密后的Python源码。
源码在Github上:(https://github.com/wugsh/simple_tools/blob/main/Python_code_protection.go)。
package main /* * Using Go binary file and encryption method to prevent Python code leakage. * Encrypting Python files --> Decrypting Python files --> Runing Python files --> Delete Decrypted Python files * Only Go binary and Encrypted Python files are left at run time and stop time. */ import ( "fmt" "io/ioutil" "os" "os/exec" "crypto/cipher" "crypto/des" "crypto/sha256" "encoding/base64" "syscall" "time" ) //File encryption func EncryptFile(fileName string, writfileName string, key []byte) (int, error) { file, err:=os.Open(fileName) writfile, err1:=os.Create(writfileName) if err!=nil { fmt.Println("File not found") os.Exit(0) } if err1!=nil { fmt.Println("File not found") os.Exit(0) } defer file.Close() defer writfile.Close() //Read file contents plain,_:=ioutil.ReadAll(file) //Create block block,_:=des.NewTripleDESCipher(key) EncryptMode:=cipher.NewCBCEncrypter(block,key[:8]) //Plaintext complement plain=PKCS5append(plain) EncryptMode.CryptBlocks(plain,plain) err2:= ioutil.WriteFile(writfileName, []byte(base64.StdEncoding.EncodeToString(plain)), 0777) if err2!=nil{ fmt.Println("Failed to save encrypted file") return -1, nil }else{ fmt.Println("The file is encrypted. Remember to encrypt the key") return 0, nil } } //Decrypt files func DecryptFile(fileName string, writfileName string, key []byte) (int, error) { file,err:=os.Open(fileName) writfile, err1:=os.Create(writfileName) if err!=nil { fmt.Println("File not found") os.Exit(0) } if err1!=nil { os.Exit(0) } defer file.Close() defer writfile.Close() //Read file contents plain,_:=ioutil.ReadAll(file) //Create block block,_:=des.NewTripleDESCipher(key) DecryptMode:=cipher.NewCBCDecrypter(block,key[:8]) plain,_=base64.StdEncoding.DecodeString(string(plain)) DecryptMode.CryptBlocks(plain,plain) plain=PKCS5remove(plain) err2 := ioutil.WriteFile(writfileName,plain,0777) if err2!=nil{ fmt.Println("Failed to save decrypted file") return -1, err2 }else{ fmt.Println("File decrypted") return 0, nil } } func PKCS5append(plaintext []byte) []byte { num := 8 - len(plaintext)%8 for i:=0;i<num;i++{ plaintext=append(plaintext,byte(num)) } return plaintext } func PKCS5remove(plaintext []byte) []byte { length := len(plaintext) num := int(plaintext[length-1]) return plaintext[:(length - num)] } func main() { fmt.Println(syscall.Getpid()) var PassKey string = "***********************" //Generate key PassKeyByte :=sha256.Sum224([]byte(PassKey)) key :=PassKeyByte[:24] num1, _:= EncryptFile("PrimaryFile.py", "EncryptFile.py", key) num2, _ := DecryptFile("EncryptFile.py", "DecryptFile.py", key) //Using a goroutine for task processing go RunPython() //Wait for the task to finish processing time.Sleep(time.Second * 5) fmt.Println(num1, num2) } //Execute Python program func RunPython() { cmd := exec.Command("python3", "DecryptFile.py") lines,_ := cmd.Output() err2 := cmd.Start() if err2!=nil{ fmt.Println(err2) os.Exit(1) } else { fmt.Println(string(lines)) } err3 := cmd.Wait() if err3 !=nil { fmt.Println(err3) } else { fmt.Println("succeeded") } err := os.Remove("DecryptFile.py") if err != nil { fmt.Println("Deletion failed") } else { fmt.Println("Deletion succeeded") } }