From df88b47cdafcc2e04452456942ea572a7b72e2f2 Mon Sep 17 00:00:00 2001
From: Lars G Thorsen
Reconstructing source code
-Here is an example of how to reconstruct source code from
- the debug information in a BEAM file
+
+ Reconstructing source code
+ Here is an example of how to reconstruct source code from
+ the debug information in a BEAM file Beam :
+
{ok,{_,[{abstract_code,{_,AC}}]}} = beam_lib:chunks(Beam,[abstract_code]).
io:fwrite("~s~n", [erl_prettypr:format(erl_syntax:form_list(AC))]).
- Encrypted debug information
- The debug information can be encrypted in order to keep
- the source code secret, but still being able to use tools such as
- Xref or Debugger.
- To use encrypted debug information, a key must be provided to
- the compiler and beam_lib . The key is given as a string and
- it is recommended that it contains at least 32 characters and
- that both upper and lower case letters as well as digits and
- special characters are used.
-
- The default type -- and currently the only type -- of crypto
- algorithm is des3_cbc , three rounds of DES. The key string
- will be scrambled using erlang:md5/1 to generate
- the actual keys used for des3_cbc .
-
- As far as we know by the time of writing, it is
- infeasible to break des3_cbc encryption without any
- knowledge of the key. Therefore, as long as the key is kept
- safe and is unguessable, the encrypted debug information
- should be safe from intruders.
-
- There are two ways to provide the key:
-
- -
-
Use the compiler option {debug_info,Key} , see
- compile(3) ,
- and the function
- crypto_key_fun/1
- to register a fun which returns the key whenever
- beam_lib needs to decrypt the debug information.
- If no such fun is registered, beam_lib will instead
- search for a .erlang.crypt file, see below.
-
- -
-
Store the key in a text file named .erlang.crypt .
- In this case, the compiler option encrypt_debug_info
- can be used, see
- compile(3) .
-
-
- .erlang.crypt
- beam_lib searches for .erlang.crypt in the current
- directory and then the home directory for the current user. If
- the file is found and contains a key, beam_lib will
- implicitly create a crypto key fun and register it.
- The .erlang.crypt file should contain a single list of
- tuples:
-
+
+
+ Encrypted debug information
+ The debug information can be encrypted in order to keep
+ the source code secret, but still being able to use tools such as
+ Xref or Debugger.
+ To use encrypted debug information, a key must be provided to
+ the compiler and beam_lib . The key is given as a string and
+ it is recommended that it contains at least 32 characters and
+ that both upper and lower case letters as well as digits and
+ special characters are used.
+
+ The default type -- and currently the only type -- of crypto
+ algorithm is des3_cbc , three rounds of DES. The key string
+ will be scrambled using erlang:md5/1 to generate
+ the actual keys used for des3_cbc .
+
+ As far as we know by the time of writing, it is
+ infeasible to break des3_cbc encryption without any
+ knowledge of the key. Therefore, as long as the key is kept
+ safe and is unguessable, the encrypted debug information
+ should be safe from intruders.
+
+ There are two ways to provide the key:
+
+ -
+
Use the compiler option {debug_info,Key} , see
+ compile(3) ,
+ and the function
+ crypto_key_fun/1
+ to register a fun which returns the key whenever
+ beam_lib needs to decrypt the debug information.
+ If no such fun is registered, beam_lib will instead
+ search for a .erlang.crypt file, see below.
+
+ -
+
Store the key in a text file named .erlang.crypt .
+ In this case, the compiler option encrypt_debug_info
+ can be used, see
+ compile(3) .
+
+
+
+
+ .erlang.crypt
+ beam_lib searches for .erlang.crypt in the current
+ directory and then the home directory for the current user. If
+ the file is found and contains a key, beam_lib will
+ implicitly create a crypto key fun and register it.
+ The .erlang.crypt file should contain a single list of
+ tuples:
+
{debug_info, Mode, Module, Key}
- Mode is the type of crypto algorithm; currently, the only
- allowed value thus is des3_cbc . Module is either an
- atom, in which case Key will only be used for the module
- Module , or [] , in which case Key will be
- used for all modules. Key is the non-empty key string.
- The Key in the first tuple where both Mode and
- Module matches will be used.
- Here is an example of an .erlang.crypt file that returns
- the same key for all modules:
- Mode is the type of crypto algorithm; currently, the only
+ allowed value thus is des3_cbc . Module is either an
+ atom, in which case Key will only be used for the module
+ Module , or [] , in which case Key will be
+ used for all modules. Key is the non-empty key string.
+ The Key in the first tuple where both Mode and
+ Module matches will be used.
+ Here is an example of an .erlang.crypt file that returns
+ the same key for all modules:
+ 7}|pc/DM6Cga*68$Mw]L#&_Gejr]G^"}].]]>
- And here is a slightly more complicated example of an
- .erlang.crypt which provides one key for the module
- t , and another key for all other modules:
- And here is a slightly more complicated example of an
+ .erlang.crypt which provides one key for the module
+ t , and another key for all other modules:
+ 7}|pc/DM6Cga*68$Mw]L#&_Gejr]G^"}].]]>
-
- Do not use any of the keys in these examples. Use your own
- keys.
-
+
+ Do not use any of the keys in these examples. Use your own
+ keys.
+
+
--
cgit v1.2.3