** Python代码应该是公开的**, 但是由于各种原因(主要是公司利益考虑)需要对代码进行混淆, 以防止他人获取源代码, 窃取成果.
参考资料:
[1]. Protecting a Python codebase - part1
[2]. Protecting a Python codebase - part2
[3]. Protecting a Python codebase - part3
[4]. Building an obfuscated Python interpreter: we need more opcodes
To protect a python codebase, just need to:
- customize python interpreter
- compile the sourcecode
- distribute the bytecode
To customize python interpreter, just need to:
git clone git@github.com:citrusbyte/python-obfuscation.git
python python-obfuscation/custom_interpreter/opcodes/scramble-opcodes.py --python-source PYTHON_SRC_DIR
cd PYTHON_SRC_DIR
./configure --enable-shared --prefix=/opt/python LDFLAGS=-Wl,-rpath=/opt/python/lib
make && make install
To create more opcode, just need to(copy from [4]):
- add line in
Include/opcode.h
, such as#define LOAD_FAST_ZERO_LOAD_CONST 148
- update the big switch in
Python/ceval.c
case LOAD_FAST_ZERO_LOAD_CONST:
x = GETLOCAL(0);
if (x != NULL) {
Py_INCREF(x);
PUSH(x);
x = GETITEM(consts, oparg);
Py_INCREF(x);
PUSH(x);
goto fast_next_opcode;
}
format_exc_check_arg(PyExc_UnboundLocalError,
UNBOUNDLOCAL_ERROR_MSG,
PyTuple_GetItem(co->co_varnames, oparg));
break;