Script Encryption¶

In this chapter, you will learn how to encrypt the FIRERPA modules or scripts you have developed. This chapter does not cover script encryption on the PC side, but rather scripts or modules that run in FIRERPA's built-in Python environment. For example, modules in /data/usr/module/task and /data/usr/module/extension, or scripts executed using the built-in Python command. We provide relevant tools to help you do this quickly. Through this chapter, you will learn how to protect the scripts you have developed.

Script encryption is performed by converting Python code to C using Cython and then compiling it into a .so file. This process will not significantly impact your performance. However, we recommend that you only encrypt your core logic, not all script files. Additionally, do not use this method to encrypt third-party library files, as this is futile. You should always follow the principle of "only encrypt your own logic."

Building the Tool Image¶

We heavily rely on Docker, so please ensure Docker is ready before you proceed. Now, please clone https://github.com/firerpa/compiler and build the image according to the documentation or by using the following command.

docker build -t compiler .

Encrypting Script Code¶

Use the following command to map the source code into the image and compile it. Supported architectures include arm, arm64, x86, and x86_64, corresponding to different architectures of the FIRERPA server. Different architectures are not compatible with each other.

docker run -it --rm -v /source/dir:/data compiler:latest compile.sh --arch arm64 /data/my_important_script.py

Normally, after running the command, you will get a my_important_script.cpython-39.so file in the same directory as your script. Do not rename this file. If you need to use a different name, you should rename the original script file directly. Now, in your published script package, you can delete the corresponding .py source file and include the .so file instead.