An open-source Python library for code encryption, decryption, and safe evaluation using Python's built-in AST module, complete with allowed functions, variables, built-in imports, timeouts, and blocked access to attributes.
OTHER License
An open-source Python library for code encryption, decryption, and safe evaluation using Python's built-in AST module, complete with allowed functions, variables, built-in imports, timeouts, and blocked access to attributes.
CodeSafe is an experimental library, and we're still running some tests on it. If you encounter any issues, or have an edge use case, please let us know.
[!NOTE] CodeSafe is intended to quickly encrypt/decrypt code files, and run them (only for Python script files) while in their encrypted form, but not as a means for powerful encryption, just code obfuscation. We have also included a
safe_eval
function, that can safely evaluate expressions within a safe environment.
You can install CodeSafe using pip:
pip install codesafe
CodeSafe supports the following Python versions:
Please ensure that you have one of these Python versions installed before using CodeSafe. CodeSafe may not work as expected on lower versions of Python than the supported.
eval()
expressions to run, while maintaining complete control over the entire evaluation process.[!NOTE] Running encrypted files at runtime using
run()
are only available in formats that can be understood by Python.
[!IMPORTANT] When running
safe_eval
, make sure to wait for the Python file to finish its bootstrapping phase. This can be done by simple waiting for:if __name__ == '__main__': # Run eval, etc.
If you're planning on including
safe_eval
in executables:import multiprocessing if __name__ == '__main__': multiprocessing.freeze_support() # Call safe_eval afterwards
You can read more about why this needs to be done here: https://pytorch.org/docs/stable/notes/windows.html#multiprocessing-error-without-if-clause-protection
from codesafe import safe_eval
if __name__ == '__main__':
# Run a normal, safe expression
expression = "1 + 1"
disallowed_expression = "os.getcwd()"
result1 = safe_eval(expression, timeout=10, immediate_termination=True)
result2 = safe_eval(disallowed_expression, timeout=10, immediate_termination=True)
[!NOTE] Attribute inspection is disabled when using
safe_eval
. You can read more about how to usesafe_eval
from here.
from codesafe import encrypt_to_file, decrypt_to_file, run
code = """
greetJohnny = "Hello Johnny!"
def greet_someone(greeting):
print(greeting)
greet_someone(greetJohnny)
"""
# Encrypt the code
encrypted_file_path = "encrypted_code.encrypt"
encrypt_to_file(code, encrypted_file_path)
# Run the encrypted code
run(encrypted_file_path) # Hello Johnny!
# Decrypt code to another file
output_file = "decrypted_code.py"
decrypt_to_file(encrypted_file_path, output_file)
Contributions are welcome! If you encounter any issues, have suggestions, or want to contribute to CodeSafe, please open an issue or submit a pull request on GitHub.
CodeSafe is released under the terms of the MIT License (Modified). Please see the LICENSE file for the full text.
Modified License Clause
The modified license clause grants users the permission to make derivative works based on the CodeSafe software. However, it requires any substantial changes to the software to be clearly distinguished from the original work and distributed under a different name.