Protection methods 1C:Enterprise code from editing and copying

Publications: Protection methods 1C:Enterprise code from editing and copying Often the developers need to protect somehow their 1C code. There are many methods to solve this task. Some of them are more reliable, other less, some are more time consuming, other less. Of course, the most optimal result is achieved by the combinations of methods. But I think that it is unlikely to get one percent protection. Therefore, as in any business, the happy mean is required, i.e. the balance between time consumption and protection level.

Official position of 1С Company on the protection of 1С software code is as follows:

We believe the open source code of application solutions to be one of the key advantages of 1С:Enterprise system. To protect the application configurations, there are several solutions of partner and third-party companies. We do not have in the immediate plans to develop the protection tools of application solutions integrated in the platform.

The developers note that 1С:Enterprise works with byte code that does not guarantee by itself the complete protection from reverse engineering. In turn, increase of resistance to reverse engineering (for example, obfuscation) inevitably leads to a decrease in the quality diagnosis of problematic situations and, consequently, system quality as a whole.

Consider what the ways to protect the code are possible.

1. Close the code of 1С module using standard tools by setting a password.

This way closes only the object module. The form modules do not have such an option. The method is quite simple, but during development it is required to remember and move immediately the maximum amount of code from the form to the module or do it later, but you will have to re-test the functionality.
The password is set from the object modules in the menu «Text – Set password».

Exclude the texts of 1C object modules from configuration distributive.

This is a standard 1С 8 option. It can be used also for external data processors.
To do this, it is required to insert them into configuration and create distributive without module texts.
The work with distributive is performed in the menu «Configuration – Distribute configuration» of the Designer. Firstly, you need to configure distributive excluding the required modules («Distribution options»). Save configuration. then create a distribution package and distribution file.

Develop external components to which move a part of functionality of 1С products.

To do this, you will have to learn the technique of their development. This way is in some measure similar to the method of excluding the modules from distributive. But the reliability of protection in this option is much higher as well as its complexity, because the development of external components must be performed in other programming languages, for example, C++, VB.NET, C#, Pascal, etc.

Obfuscate 1С code.

Fro the word «obfuscation» - blanking, meshing.
This means - to make the code difficult to read. At least the absence of comments, formatting, meaningless names of variables and functions can lead to an effect when it is easier to write your own code «from scratch» than to copy the blocks of authoring. Instead of examining such code by yourself, it is easier and more reliable to contact with developer who does not want you to edit the code yourself.
This way in terms of removing the formatting and comments from 1С code is simple enough. I can be used in any case.

My resume on the topic:
Of course, first two methods are rather poor protection. But in combination with a part of the fourth one can give an acceptable for simplicity and reliability result. After de-formatting 1С code, if will be much harder for decompilers to reconstruct its unmodified state. And even if this task will be implemented, for the valuable use of the text a «cracker» will have to format it, and this is another task. So, it is possible that a man will abandon an idea to open author’s code and will write it himself :).

[Total: 0    Average: 0/5]

Leave a Reply

Your email address will not be published. Required fields are marked *