Can you protect a LISP routine so no-one can see or modify it?

[pixel8er]

Hi all

Is it possible to lock a LISP routine so no-one can see or modify the contents? Is that standard practise?

Thanks

Paul

[Lee Mac]

Perhaps convert it to a VLX application (an encrypted LISP file). The Visual LISP IDE offers this functionality, type VLIDE at the command-line, then go to:

 

File > Make Application > New Application Wizard

[irneb]

Or just use FAS (e.g. using the vlisp-compile function). The VLX is nice for including things like DCL files as well though.

 

Although I've seen somewhere that someone can actually hack into such files though. There also used to be things like Kelvinator and Protect which simply encrypts the LSP file, there there was also a DeKelvinator and Decrypt. All you can "really" do is to stop the usual guys from just opening your code. Much like a lock on a door, it only makes it more difficult for someone to enter - not impossible.

[BlackBox]

I use .FAS for most of my code delivery, producing a separate .FAS for user settings, production tools , and developer tools.

 

I find it really convenient to do with my separate VLIDE projects... Not that it's difficult to make .VLX, but it would have been an intuitive feature if Autodesk were to include the option to compile to .VLX from said projects.

 

Here's for wishful thinking! LoL

[Lee Mac]

I find it really convenient to do with my separate VLIDE projects... Not that it's difficult to make .VLX, but it would have been an intuitive feature if Autodesk were to include the option to compile to .VLX from said projects.

 

Here's for wishful thinking! LoL

 

Or at least some documentation for the multitude of vlisp-* functions

[BlackBox]

It is a shame that since Autodesk has began pushing .NET development that they have made no improvements to Visual LISP despite the ActiveX COM API continuing to be supported (unlike VBA). Alan and I had discussed that several of the new AEC* objects (like drainage pipes, etc) now available in C3D do not even support the vlax-dump-object interface. Some that still do provide a property object that nothing can be done even if you vlax-get said property object.

 

Given the devout following of Visual LISP, I do find it to be a shame. Not everyone can gain access to Visual Studio (full or express) for .NET development, never mind the learning curve (something I'm trying to overcome myself now)!?!

 

On a side note, anyone interested in knowing how to *modify* a VIsual Studio 2010 Express C#, or VB.NET project to both launch a program and step through breakpoints during debug, let me know. :EvilGrin:

[irneb]

Don't get me started on that! It's possibly the worst decision ADesk's ever made! I've even started making Net files so I can get to some stuff from Lisp - it's not the nicest thing, but the only way of doing this. The ActiveX stuff I find is just as left in the dark as lisp is, though at least through lisp you're able to get to the raw data - though how to work with it is a different matter!

[pixel8er]

Hi again

What methods are available to achieve LISP protection without using Visual LISP? I'm looking to implement on AutoCAD Mac and it has no Visual LISP funtionality

Thanks

Paul

[MSasu]

Search for Protect.exe tool for AutoLISP – this is a very old utility, used long before VisualLISP. But please keep in mind that this doesn’t offer a true compilation, is just an encryption and can be easily decrypted with the appropriate tool. Anyway, will offer you a solution against most curious.

 

Regards,

Mircea

[irneb]

What a lot of people in those days did is use Kelvinator and then Protect. Basically Kelvinator would remove all comments, formatting and unnecessary blank space, then also rename variables (and such) to have some "garbled" name so they cant too easily be "understood". Then Protect uses a very simple encryption to further mix it up a bit. As msasu's explained, you're only going to stop the moderately curious from opening your source code - it's not all that difficult to UnProtect it, and a simple reformat would undo much of what Kelvinator did ... for someone who really wants to they'll very easily be able to get at your code.

 

Do you know if you can run FAS/VLX files on the Mac version? Perhaps you can compile them in VLIDE on a Windows machine and then just load them on the Mac? Those files are the "best" protection you could get for Lisp - as they are more "compiled" than just those protected files. Not impossible, but extremely difficult to break. BTW, this is one of the problems with DotNet: Most DotNet DLL's contain so much info about how they're created that it's not a moon-trip to recreate the source from the "compiled" DLL.

[MSasu]

If decide to use the Kelvinator too, as @irneb suggested, don’t forget to check the list of protected symbols that come with the tool and add all built-in function that aren’t there (if I remember well, the DCL related functions weren’t included by default). If fail to do so, the code will be rendered un-readable for AutoLISP interpreter.

 

Regards,

Mircea

[pixel8er]

Thanks irneb and msasu

I've just downloaded protect and kelvinator. I will have a look tonight if the Mac version can load FAS and VLX files.

Regards

Paul

[MSasu]

a simple reformat would undo much of what Kelvinator did

 

That’s true, but is very annoying to parse code where all variables are named Kelvinator style (i.e. “HK#@H%”). And this will take out of race another bunch of curious.

 

Regards,

Mircea

[BlackBox]

FYI - Admittedly, I chose not to partake in the Retail Copy (RC) version, however, when I Beta tested AutoCAD 2011 for Mac (Code named Sledgehammer) LISP functionality was supported... there was just no VLIDE.

 

This is one of the major complaints I had in the final Beta survey prior to RC.

[BIGAL]

Just a suggestion if you can protect your code bury something in it like serial number check smarter is something of pc bios or registry its no good protecting it, if some one can just copy it and use it. There used to be a subtle difference between mac & pc lisp versions but basicly will run on either I would expect now.

 

A true story !!! got phone call software will not work installing on a new computer a couple of questions later sorted out, was trying to install on a different company computer without paying us for the privilidge he got caught out bad trying to pirate.

 

as a start add this to very lisp

(setq run (getvar "_pkser"))
(if (or (= run "440-123456789")(= run "440-123456780"))
(princ "\nSecurity check passed")
(progn
(princ "\nYou have tried to run my software on a non authorised machine")
(princ "\nPlease contact me  123 456 789")
(/e)
)
)

[Lee Mac]

A good solution BigAl, but that still requires that you know the serials of the computers which will be running the software... the icing on the cake would be to have a standard program which, when loaded and run on a machine, will not then load/run on another.

[irneb]

Yep, One Addon I used since R10 had such feature: You phoned them with your ACad's serial number and they gave you a text string you needed to "activate" it. This got saved into some file on the install. Basically what they did is use a C++ compiled EXP (the stuff before ARX) which would read that file and compare it to some algorithmic hashing of the serial number. Only if the 2 match would the addon work. They placed the hashing into the compiled thing to make it as difficult as possible to break, and then also included several key functions into that same EXP so that even if you "un"-protected their LSP files most of them would still not operate.

 

That's one of the "first" activation systems I've come across. And IMO it's the most "secure" way of making your program only runnable for legit customers. The only "problem" is the EXP/ARX file needed to be compiled for each version of ACad - not impossible though. Anyhow, here's a version in Lisp which could work:

(defun CheckActivated (/ f CalcHash)
 (defun CalcHash (ser / val codes key)
   (setq val   (abs (apply '* (vl-string->list ser)))
         codes "S15YVXLFGPJAMQB23RZEHD867CKN9T4WU0"
         key   ""
   )
   (while (> val 0)
     (setq key (strcat key (substr codes (fix (rem val (strlen codes))) 1))
           val (/ val (strlen codes))
     )
   )
   key
 )
 (if (or *MyProg-Key*
         (and
           (setq f (findfile "MyProg.SER"))
           (setq f (open f "r"))
           (setq *MyProg-Key* (read-line f))
           (null (close f))
         )
     )
   (eq *MyProg-Key* (CalcHash (getvar "_pkser")))
 )
)

(defun c:ActivateMyProg (/ key f)
 (if (and
       (progn
         (alert (strcat "To activate this, call 123456789\n"
                        "and quote your serial number:\n  "
                        (getvar "_pkser")
                        "\n\nWrite down your activation code."
                )
         )
         (setq key (getstring "Enter the activation code: "))
       )
       (or
         (and
           (setq f (findfile "MyProg.SER"))
           (setq f (open f "w"))
         )
         (and
           (setq f (getenv "ACAD"))
           (setq f (substr f 1 (vl-string-search ";" f)))
           (or (wcmatch f "*\\")
               (setq f (strcat f "\\"))
           )
           (setq f (strcat f "MyProg.SER"))
           (setq f (open f "w"))
         )
       )
     )
   (progn
     (write-line (strcase key) f)
     (close f)
   )
 )
 (princ)
)

This of course needs to be in a FAS (at least) otherwise everyone can see what's going on with that CalcHash. Which BTW you'll need to modify for yourself - at least changing the codes to some other randomly generated list. I just used this to generate that list:

(defun Random (seed /)
 (if (not seed)
   (setq seed (if *random:seed*
                *random:seed*
                (setq *random:seed* (getvar "DATE"))
              )
   )
   (setq *random:seed* seed)
 )
 (setq seed          (rem (+ (* 25173 seed) 13849) 65536)
       *random:seed* seed
 )
 (/ seed 65536)
)

(defun randomcode (/ chars codes n c)
 (setq chars "ABCDEFGHJKLMNPQRSTUVWXYZ1234567890"
       codes ""
 )
 (while (> (strlen chars) 0)
   (setq n     (max 1 (fix (* (Random *random:seed*) (strlen chars))))
         c     (substr chars n 1)
         codes (strcat codes c)
         chars (strcat (substr chars 1 (1- n)) (substr chars (1+ n)))
   )
 )
 codes
)

Then simply use this to check if it's activated:

(if (CheckActivated)
 (do your code)
 (alert "MyProg is not activated on this machine.\nPlease type ActivateMyProg")
)

Anyhow, perhaps this is going beyond what the OP was about (maybe not, maybe this is actually what was intended).

[Lee Mac]

Nice example Irné, thanks.

 

It would be nice to avoid the need to call/email for an activation code, but I suppose this is necessary without using self-modifying code (which isn't possible using a VLX/FAS).

[irneb]

Well, you could have some web-page (probably PHP) which returns the calculated activation code. Then you need to read that page (with some arguments for sending the serial number and other) into the lisp (this is the hard part), then it could go and save the activation code as usual. The nice thing here is the user can activate it "automatically" like AutoCAD does, but the PHP (or whatever) can save that info and you can then later bill them. Perhaps even going further by making a 2 tier activation system, the first auto generated code is time limited. After this time it reads the php again which will only return the new code if payment's received or the user's accounted for the new install in some other way.

 

You'd probably need to play around with some ActiveX to get hold of a way to read a calculated webpage though! Most programs use this type of activation system, perhaps not 2-tier, but rather shareware with time-limit and then needing the activation code.

 

I've done something like time-limits shareware on AUGI some while back, though I can't seem to remember the correct search keywords now

[BlackBox]

I've done something like time-limits shareware on AUGI some while back, though I can't seem to remember the correct search keywords now

 

linky