Jump to content
Developer Wiki and Function Reference Links Read more... ×
matt71

Problems Encrypting a Python Script

Recommended Posts

Hello,

After using VectorScript for a while, I have recently (with much assistance) been playing around with the new Python scripting.

I now have a python script that uses a mixture of python and vs.things and it is great and working perfectly. I now want to Encrypt it for distribution so the code can not be read - but I get errors, or sometimes nothing, every time.

I then decided to reduce my more complex script to this:

def execute():

[TAB, forum formatting is removing it] vs.AlrtDialog("this script is great")

execute()

and saved it as 'alertBox.py'.

Tools> Plug-ins> Run Script...

-->Works fine.

Tools> Plug-ins> Encrypt Script...

Choose 'alertBox.py' and click Open

-->File dialog closes, nothing else happens :-(

Does anyone know what am I doing wrong?

Thank you,

Matt

vw2014sp3, mac os 10.9

Edited by matt71

Share this post


Link to post

Is all of your code in the vso/vsm/vst file? Encrypting a plugin doesn't automatically include your .py files like .px files are. So you will need to make it one file and put all that into your vso/vsm/vst file in order to encrypt all. I know this sucks, but I have never got an answer from anyone on how to encrypt this in a good way. I personally think .py files should behave like.px files while encrypting.

Share this post


Link to post

Hi Dieter,

I have tried including all the code inside a plugin, but unfortunately it is not actually encrypted.

I was testing what I thought was the final shipping 'locked' version, locked using this method:

http://techboard.vectorworks.net/ubbthreads.php?ubb=showflat&Number=169223

which makes you confirm twice that you will never be able to see your code again.

But... Whilst demonstrating it to someone I discovered a bug which caused an error; when I clicked through the errors to the 'Edit Script...' button, my entire code was readable :-(

I am looking for any method, even if it is not very convenient, to distribute a python script that cannot be readable.

Matt

Share this post


Link to post
But... Whilst demonstrating it to someone I discovered a bug which caused an error; when I clicked through the errors to the 'Edit Script...' button, my entire code was readable :-(

Ohw, I didn't know about that. If the code was inside the vsm/vso/vst file and not through an include, then this is a serious bug and it should be reported. You are sure that the code was inside the plug-in file and not through an include function?

Share this post


Link to post

Yes, I think I'm sure. I did this as a test:

Tools> Plug-ins> Plug-in Manager

Custom Plug-ins Tab

New?

Command radio button; name ?great plugin?

Edit Script

Language pulldown: ?Python Script?

In the body, simply type ?an amazing script? (which is guaranteed to produce an error when run).

Ok

CapsLock & Shift & Alt & Command then hit ?Edit Script?'

Confirm all the warnings that you will never have access to your script ever again.

Assign your plugin to a menu item in your workspace

Run the plugin from the menu

?>"A script error has occurred? Popup

View Error Output?

Edit Script?

EXPECTED RESULT: Popup: ?You are not allowed to edit a 3rd party script?.

ACTUAL RESULT: The script that you spent 3 months creating that happens to have a small bug in a specific circumstance is readable by everyone who gets an error :-(

I emailed tech support, and they directed me here because "all scripting inquires need to go through the VectorScript and SDK channels".

I then directly emailed a contact at VW because this sounded like strange behaviour. They suggested to put the code in a py file and just ?import? and call from the script, then the code would not be possible to be shown.

This is where I got confused and posted here for assistance.

Matt

Share this post


Link to post

I then directly emailed a contact at VW because this sounded like strange behaviour. They suggested to put the code in a py file and just ?import? and call from the script, then the code would not be possible to be shown.

lol, as far as I know, those .py files can be read by the user, so your script won't be encrypted. Or am I missing something?

It would be very helpful if someone from NVW could tell us best practices on encrypting and protecting plug-ins.

Edited by Dieter @ DWorks

Share this post


Link to post

Hi all,

now I see this feature was never documented properly by Vectorworks.

The encryption (obfuscation) of Python scripts is similar to the VectorScript process. I'll make sure we make an article on developer.vectorworks.net site about that.

Until then, here is explanation of how python encryption (obfuscation) works.

A user develops his python vso/vst/vsm plug-in. Typically, as the samples demonstrate, the code of the plug-in just includes an external py file. This way it is much easier to develop as it allows external IDE.

At the end of the development, the python script is a collection of py files. The encryption (obfuscation) process (run from the Plugin manager or from EncryptVSPluginFilePath call) will compile and pack up all the external pyo or pyc files (those are compiled py files) into the vso/vst/vsm file. This means that the vso/vst/vsm files can be distributed without providing any of the source files.

More on python files here:

http://stackoverflow.com/questions/8822335/what-does-python-file-extensions-pyc-pyd-pyo-stand-for

And here is the trick. For VectorScript the app follows the {$include} directive when doing this, but for Python, there is no way to follow the includes and figure out what is to be included.

So, Vectorworks would expect an xml file next to your vso/vst/vsm that is being encrypted. This file will define what files must be included.

Note, Vectorworks 2014 has a problem where the main script text inside the vso/vst/vsm will not be modified by the process. This means that even though the plug-in is packed up, the script text is still untouched and can be seen if there is an error reported. The issue will be fixed for VW2015.

Here is an example xml file that defines several files to be packed up when encrypting (obfuscating) the plug-in:

Note, the name of the XML file should be the same as the VSO/VST/VSM file.

Common/__init__.py

Common/Vector.py

Common/Utilities.py

Common/ObjsType.py

MyDialog.py

MainProgram.py

Share this post


Link to post

Hello,

The python interpreter of Vectorworks automatically generates .pyc files in a __pycache__ folder. It does it if the plugin is encrypted (obfuscated) or if it's not.

On the other hand, it seems quite easy to uncompile .pyc files :

http://stackoverflow.com/questions/5287253/is-it-possible-to-decompile-a-compiled-pyc-file-into-a-py-file)

Does that mean that it is not possible to properly protect our source code?

Wouldn't that be easier to simply distribute the .pyc instead of the encrypted vso/vst/vsm file ?

Common .py files would not need to be packed up in each plugin file and the plugins would therefore be lighter...

Share this post


Link to post

Hi all.

I have always used the method mentioned by matt71:

http://techboard.vectorworks.net/ubbthreads.php?ubb=showflat&Number=169223

this has always worked well for VS scripts but since I have started implementing python in some of my VS, I encounter the same problems discussed in this thread.

I have followed Vladislav steps using the xml file, however when I use the command 'Encrypt Script' I get an .xxt file.

Changing the extension in the encryption dialog does not work, and the xxt file is not read as a plug-in by Plug-in Manager.

..How do I get my script to be encrypted as a vsm/vso/vst??

this is pretty crucial problem,

thanks in advance for any help

G

Share this post


Link to post

There is only one proper way to encrypt your plugin, without others to reverse the process: Copy your imports into the plugin inside Vectorworks, then encrypt it, with the xml file present.

That's why I only use one py file for the plugin. All the other things comes from libraries.

Share this post


Link to post

Hi Dieter,

If I understand correctly, I can leave the $INCLUDE .px files in my main VS script and move all my python code in one single .py file (this is then called by PythonExecute by the main VS script).

Then I write the xml to package the vsm file and the py, what about the .px that are called with $include? should they also be added in the xml?

Can I then encrypt the .vsm file using the cmd+opt+shift+CAPS method on from within Plug-in Manager?

Many thanks

G

Share this post


Link to post

Ow, you are mixing vs with python? Never done that. I use pure python. I really can't answer that question.

Why are you mixing the two? Is there any reason behind this? I think it's better to go with one of the two.

Share this post


Link to post

Yes, I am mixing the two languages and it's working very well if don't encrypt anything, but i understand it's not ideal.

My intention is to re-write my entire code in Python in near future, but this will take me a while as the algorithm is quite elaborate (and I am still working on my Python skills)

So, before I jump entirely in Python, I am mixing the two languages for an important step-release of my plug-in that requires Python functions, while I leave most of the code in VS.

Share this post


Link to post

If you are encrypting a plug-in, (vsm/vast/vso) you need to do it in the plug-in manager as you describe. A safer way would be with the batch encryption commands that you can install from the SDK. I believe you can find another thread on the subject.

The success of including Python in your encrypted vs depends a little on the complexity of your script. If you are dependent only on native Python and vs libraries, you should be fine. If you import your own Python classes, you may have issues encrypting the two together in a single package.

Try to avoid using any custom import commands. If you can copy and paste your Python script in a document script and run, you should be fine. VS includes are fairly un-intelligent; they just take the contents of the include file and insert it on compile, like a paste. So if your Python script file works as a standalone script, just change the extension to .px and include it in your execute block, encapsulated in single quotes.

The xml include directives only work if you are encrypting a Python based plug-in. I don't think it will package the Python files if they are within a vs.

-Josh

Share this post


Link to post

Thanks Josh,

I will follow your indication and see if I can solve it like that, if not, I will re-code in Python entirely and avoid the problem all together.

Either way I will post my results here for future reference.

G

Share this post


Link to post
if not, I will re-code in Python entirely and avoid the problem all together.

Always there to help with all your questions regarding python!

Share this post


Link to post
On April 28, 2014 at 11:55 AM, Vladislav Stanev said:

The encryption (obfuscation) process (run from the Plugin manager or from EncryptVSPluginFilePath call)...

 

So, Vectorworks would expect an xml file next to your vso/vst/vsm that is being encrypted. This file will define what files must be included...

 

 

 

I have two questions.  Once I make the xml file where do i save it?  the same plugin folder that the vso file is in?  also  I've never encrypted a plugin using the EncryptVSPluginFilePath is there any documentation which explains this process?  I wonder why there isn't just a button in the Plugin Manager that simply says "ENCRYPT PLUGIN"?

... I had to switch my workspace but found a pulldown for Encrypt Scripts but, it doesn't allow me to select a .vso file.  I'm very confused on how to accomplish this encryption.

Edited by MaxStudio

Share this post


Link to post

Hi, sorry for the late response. I didn't get notification for this for some reason.

 

Anyway, the configuration XML file should be placed next to the vso/vst/vsm file, and it should have the same name. Below, i'll give you a sample xml.

 

The Tools -> Plug-ins-> Encrypt Sript menu you found will only encrypt a single text file. You need to work with the plugins, and thus you need to run the Plugin Manager.

 

You can encrypt a one plugin from the Plugin Manager (as an alternative to EncryptVSPluginFilePath  call) holding Ctrl+Shirt+Alt on win or Ctrl+Option+Cmd+Shift+CapsLock on mac and double click on a plugin. It's rather obscure way, and we have plants to make it more stream lined. Maybe this would be easier for your case. (I though this was documented in F1 help, but i couldn't find it)

 

 

 

A sample XML file:

 

<?xml version="1.0" encoding="UTF-8" standalone="no"?><!-- This file defines how the corresponding script plug-in should be packaged--><Plugin>
    <Package>
        <File>Common/__init__.py</File>
        <File>Common/Includes/__init__.py</File>
        <File>Common/Includes/vsoEventsConstants.py</File>
        <File>Common/Includes/Vector.py</File>
        <File>Common/Includes/Utilities_Setup.py</File>
        <File>Common/Includes/ObjsType.py</File>
        <File>Common/Includes/Utilities_General.py</File>
        <File>Common/Includes/CheckDashedLineStyle.py</File>
        <File>Common/Includes/Roadway_Curved.py</File>
    </Package>
</Plugin>

Share this post


Link to post

Hi there. 

 

Why is it that after I run this, Vectorworks says the plugin is encrypted. But if I open the plugin in a text editor, I can see all the source code. Is that normal?

 

What would the steps be to compile the code into a .vwlibrary? 

 

Thanks,

Joe

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

 

7150 Riverwood Drive, Columbia, Maryland 21046, USA   |   Contact Us:   410-290-5114

 

© 2018 Vectorworks, Inc. All Rights Reserved. Vectorworks, Inc. is part of the Nemetschek Group.

×