Encrypt/unencrypt Python Scripts In C
Solution 1:
Here's what I would do:
1) Create a C script which produces a key and stores it to a text file
2) Pick up the key and immediately delete the text file upon running Python
3) Use the key to decrypt the really important parts of your Python code (make sure that not having these bits will break your script) then import it all
4) Immediately re-encrypt the important Python bits, and delete the .pyc file
This will be beatable, but you're ok with that.
To encrypt and re-encrypt your python bits, try this code:
from hashlib import md5
from Crypto.Cipher import AES
from Crypto import Random
defencrypt(in_file, out_file, password, key_length=32):
bs = AES.block_size
salt = Random.new().read(bs - len('Salted__'))
key, iv = derive_key_and_iv(password, salt, key_length, bs)
cipher = AES.new(key, AES.MODE_CBC, iv)
out_file.write('Salted__' + salt)
finished = Falsewhilenot finished:
chunk = in_file.read(1024 * bs)
iflen(chunk) == 0orlen(chunk) % bs != 0:
padding_length = (bs - len(chunk) % bs) or bs
chunk += padding_length * chr(padding_length)
finished = True
out_file.write(cipher.encrypt(chunk))
defdecrypt(in_file, out_file, password, key_length=32):
bs = AES.block_size
salt = in_file.read(bs)[len('Salted__'):]
key, iv = derive_key_and_iv(password, salt, key_length, bs)
cipher = AES.new(key, AES.MODE_CBC, iv)
next_chunk = ''
finished = Falsewhilenot finished:
chunk, next_chunk = next_chunk, cipher.decrypt(in_file.read(1024 * bs))
iflen(next_chunk) == 0:
padding_length = ord(chunk[-1])
chunk = chunk[:-padding_length]
finished = True
out_file.write(chunk)
So to summarize, here's some pseudo-code:
defmain():
os.system("C_Executable.exe")
withopen("key.txt",'r') as f:
key = f.read()
os.remove("key.txt")
#Calls to decrpyt files which look like this:withopen("Encrypted file name"), 'rb') as in_file, open("unecrypted file name"), 'wb') as out_file:
decrypt(in_file, out_file, key)
os.remove("encrypted file name")
import fileA, fileB, fileC, etc
global fileA, fileB, fileC, etc
#Calls to re-encrypt files and remove unencrypted versions along with .pyc files using a similar scheme to decryption calls#Whatever else you wantBut just to stress and important point,
Python is not made for this! It is meant to be open and free!
If you find yourself at this juncture with no other alternative, you probably should just use a different language
Solution 2:
The a look at Nuitka project. It's a python compiler that compiles your python scripts to native executable code that uses libpython to run.
Solution 3:
You didn't explain WHY you felt the need to encrypt/decrypt. The answer to which could materially alter any suggestions offered.
For example, let's assume you're trying to protect intellectual property, but like the convenience of coding in python. If this is you motivation, consider cython -- http://cython.org.
But let's say you were more concerned about security (ie: to prevent someone from altering your code without a user's permission). In that case, you could consider some sort of Embedded loader that checksums your python source BEFORE invoking an embedded python interpreter.
I'm sure there are 1/2 dozen other reasons you might want to encrypt.
Post a Comment for "Encrypt/unencrypt Python Scripts In C"