Encrypted perl code 1

[WebSpiderr]

Hi!

I'm looking for a way to protect my perl scripts with a password, before executing, and since I know those perlscripts can be read, I'd like to do this twostep:

1) Have a small perlscript which just prompts for the password and then
2) Using this password, decode a variable, and run the code that comes from it.

For instance, I have this small program here:

print "hello, world!\n";

Which encoded would be (instance):

jdkjahsduuiiqqerkhfSDFSDAFjfioasiausdf

so, my program would have
$actual_code="jdkjahsduuiiqqerkhfSDFSDAFjfioasiausdf";

.. some code to ask for the password ..

.. some code to decrypt the $actual_code and run it ..

.. end of program, and the code stored in $actual_code is run ..

Can anyone give me a hint or example on how to do this ?

 

[greadey]

Why don't you byte compile your perl scripts?

 

[zephan]

Well, I know to byte compile a perl code you may need a specific package and a lot of dependent others. Can you give some step by step procedure to install and to byte compile a perl script ?

 

[svar]

I guess what you are looking for is another perl script
for instance:

Usage: &endecrypt::decrypt($passwd,$file) to decrypt $file
with password $passwd
&endecrypt::encrypt($passwd,$file) to encrypt

#####################
Securitywise these scripts are not secure, as passwords
and encryption hashes are in the open, but I think you are looking for a quick and dirt solution. You can use more sophisticated features
#### here is a code outline

package endecrypt;

use strict;

sub decrypt{
my $passwd=shift;#password
my $file=shift; #the file to decrypt
my %hash=('a'=>"'",'A'=>'l',.... (here you give a unique hash representing the translation, make sure to include newline etc) );#make sure it is 1-1
my $trupass='truepassword';
die "invalid password\n" unless $passwd eq $trupass;
my %rhash=reverse %hash;
open(IN,"$file&quot or die "cannot open $file\n";
open(OUT,">parsed$file&quot or die "cannot open parsed$file\n";
my $str='';
while(<IN>){
my @tmp=split//;
foreach my $i(@tmp){$str .=$rhash{$i};}
}
print OUT &quot;$str&quot;;
close(OUT); close(IN);
#I write this to anew file and then run the new file. You can also run it on the fly, for instance with eval
system(&quot;perl parsed$file&quot; #I assume $file has a .pl #extension
unlink (&quot;parsed$file&quot;#get rid of parsed file

}#end of S/R decrypt

sub encrypt{my $passwd=shift; my $file=shift;
my %hash=('a'=>&quot;'&quot;,'A'=>'l',.... (here you give a unique hash representing the translation, make sure to include newline etc) );#Must be the SAME hash as above
my $trupass='truepassword';
die &quot;invalid password\n&quot; unless $passwd eq $trupass;
open(IN,&quot;$file&quot or die &quot;cannot open $file\n&quot;;
open(OUT,&quot;>encrypted$file&quot or die &quot;cannot open encryptedfile\n&quot;;
my $str='';
while(<IN>){
my @tmp=split//;
foreach my $i(@tmp){$str .=$hash{$i};}
}
print OUT &quot;$str&quot;;
close(OUT);
close(IN);

}

1;#end of package

 

[frankus]

I often see this comment on several forums.

If you need to encrypt the code itself, perhaps you'd better look at abstracting the data that is sensitive and store that in an encrypted format.

Encrypting your Perl Script is contrary to common sense and the Perl Open Source Ethos. By compiling the code, you merely reduce the people who can read it.

By encrypting the code, you'll render revision control useless and ensure that your code is rewritten from scratch the next time the owner of the software needs to alter it. --
Frankus

 

[MikeLacey]

WebSpiderr,

Have a look at the perl2exe utility. Mike
________________________________________________________________

&quot;Experience is the comb that Nature gives us, after we are bald.&quot;

Is that a haiku?
I never could get the hang
of writing those things.