How can I encrypt or remove readability of source code before publishing it?
-
06-10-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am working on a collaborative project, for which I have to submit source code, which will be used/embedded in the main repository for re-compilation. Is there any way, I can encrypt the source code or may apply some other technique so that I can remove the readability of my code completely, but it still compiles well after applying decryption or anti-pattern.
Nature of my Project is an enterprise level distributed application, having different clients being written for cloud,desktop,web,mobile etc.
So, is there any general purpose technique/design pattern or some concept, by applying which I can publish my source and still not exposing it.
Solution
This is called obfuscation.
What it does is that it performs a series of operations which don't affect the execution of the source code, but make it more difficult to read of a human.
For example, here are some commonly used obfuscation techniques:
Remove whitespace.
Remove comments.
Replace meaningful names of variables and members by names such as
a,b,c.
With only those three basic techniques, this code:
public string GenerateFileName()
{
var basePath = this.FindBasePath();
do
{
var counter = this.CounterExists ? this.GetCounter() : 0;
var name = this.GenerateName(counter);
// If the file limit was exceeded, it indicates that something went wrong.
// Possible causes include two services running side by side on the same machine
// or two machines running the service using a share. Remember that the service
// should be bound to a directory which is not used by any other application.
if (counter > MaximumAllowedFiles)
{
throw new StorageThresholdException();
}
}
while (File.Exists(Path.Combine(basePath, name)));
}
becomes:
public string c(){var a=this.h();do{var b=this.k?this.b():0;var c=this.d(b);if(b>i){throw
new af();}}while(File.Exists(Path.Combine(a,c)));}
Less frequently used obfuscation techniques include but not limited to:
Encryption of strings,
Inlining (i.e. moving the body of a method in the method which was calling the first one),
Encryption of source code (the effectiveness of this technique is highly disputed, since if the machine running the application can decrypt the source code in order to run it, the user of this machine can do it as well).
Of course, you shouldn't do the obfuscation yourself, but rather search for a tool which makes this for the language of your choice.
Note that some tools don't have obfuscation as their primary goal, but still can be used for that. Google Closure Compiler, for example, is intended to (1) perform static checking of the code and to (2) reduce the size of JavaScript files, but has a side effect of making source code quite unreadable.
