Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Encrypting an executable with pp

by Anonymous Monk
on Jun 25, 2013 at 18:51 UTC ( #1040645=perlquestion: print w/replies, xml ) Need Help??
Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

I'm trying to create executables to distribute using pp and creating the executable is no problem, but the program can be changed to a zip archive and the perl script can be extracted. I tried using the -s command and it includes my signature file, but doesn't do anything to encrypt the file against just changing it to a zip. Do I have to do something specific with the -s command or is there another to encrypt an executable with pp?

Replies are listed 'Best First'.
Re: Encrypting an executable with pp
by tobyink (Abbot) on Jun 25, 2013 at 19:18 UTC

    -s signs; it doesn't encrypt. Signing and encryption are different. If I sign a cheque, you can still read it.

    PAR::Packer doesn't offer encryption. There would be practical difficulties with encrypting an executable: Perl would need to decrypt it to run it; this would necessitate packing the decryption key along with the executable, rendering the encryption pretty worthless.

    package Cow { use Moo; has name => (is => 'lazy', default => sub { 'Mooington' }) } say Cow->new->name
      Is there anyway to encrypt it then? Is it possible to have it so that if the executable is turned into a zip then that zip has a password?

        Sure, there are lots of encryption solutions out there, from zip files with passwords over openssl to gnupg. They all have in common that you need to decrypt the files before feeding them perl, so they don't have to do anything with perl at all.

Re: Encrypting an executable with pp
by dasgar (Curate) on Jun 25, 2013 at 19:36 UTC

    To add to tobyink's response, you can check out the FAQs from The 4th question listed there is "Can PAR completely hide my source code?".

Re: Encrypting an executable with pp
by CountZero (Bishop) on Jun 26, 2013 at 06:15 UTC
    And the real question is: "why do you want to encrypt your code"? Are you ashamed someone reads it and see how bad it is?


    A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

    My blog: Imperial Deltronics
Re: Encrypting an executable with pp
by radiantmatrix (Parson) on Jun 30, 2013 at 20:09 UTC

    I'd really like to understand what you're trying to accomplish with encrypting your code. The overwhelming majority of the time, it seems that people wishing to do so either fundamentally misunderstand program execution or fundamentally misunderstand encryption.

    If you're attempting to hide your source code from people who run the program, you're wasting your time. To allow them to run the program, you have to make the executable available at some point. Once you do that, it can be decompiled trivially -- especially with interpreted languages like Perl.

    If you're attempting to prevent unauthorized execution, you have the same problem. Your authorized users will at some point have access to the "raw" executable, and so it only takes one of them to "leak" an unprotected version. DRM (and anti-piracy measures in general) will always fail for this reason.

    In short, you almost certainly don't want to encrypt your package, because you'll create complexity for yourself and your legitimate users while completely failing to cause any trouble for your "undesirable" actors.

    Ramblings and references
    “A positive attitude may not solve all your problems, but it will annoy enough people to make it worth the effort.” Herm Albright
    I haven't found a problem yet that can't be solved by a well-placed trebuchet

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1040645]
Approved by tobyink
and one hand claps...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (3)
As of 2017-04-24 01:38 GMT
Find Nodes?
    Voting Booth?
    I'm a fool:

    Results (433 votes). Check out past polls.