[TIMOB-7138] MobileWeb: Support for encrypted/obfuscated Ti+ modules

GitHub Issue	n/a
Type	New Feature
Priority	Low
Status	Closed
Resolution	Won't Fix
Resolution Date	2016-09-28T16:02:20.000+0000
Affected Version/s	Release 2.0.0
Fix Version/s	n/a
Components	MobileWeb
Labels	n/a
Reporter	Chris Barber
Assignee	Chris Barber
Created	2012-01-12T14:50:12.000+0000
Updated	2017-03-23T22:32:20.000+0000

Description

It would be a good idea to support encrypted/obfuscated Ti+ modules. A small command line Python script would "compile" a module which would minify and then encrypt/obfuscate. If we choose to encrypt, a production build would yield both a key file and the module (encrypted and minified) JavaScript file. The encryption method is a two-way cipher.

F0LeAo2c!8fzpQ52m7YCx

define("mymodule", ["Ti/_/Decrypt!mymodule"], function(decryptor) {
    return decryptor("ENCRYPTED CODE GOES HERE");
});

When a project is compiled that uses mymodule, then all module names/keys will be "registered" with the decryptor by appending the following to the titanium.js:

require("Ti/_/Decrypt", function(decyrpt) {
    decrypt.set({
        "mymodule": "F0LeAo2c!8fzpQ52m7YCx"
    });
});

The decryptor will look up the key for the module being decrypted, then decrypt and evaluate it. Ti/_/Decrypt is an AMD module as well as a AMD plugin. When invoked as a module (when the keys are defined), the set() method is simply invoked.

define(function() {
    var keys = {};

    return {
        set: function(k) {
            require.mix(keys, k);
        },

        load: function(name) {
            return (function(k) {
                return function(s) {
                    // TODO: decrypt "s" with keys[k]
                    var obj = require.eval(s);
                    return obj;
                };
            }(name.split("!").pop()));
        }
    };
});

Comments

Lee Morris 2017-03-23

Closing ticket as Won't Fix.

JSON Source