Aegis code protection

Aegis is a code protection tool that helps you protect node.js applications
from reverse engineering and tampering. It is designed to be easy to use and
integrate into your existing projects.

Features

- Code Encryption: Aegis encrypts your code to make it difficult to
reverse engineer.
- Code Obfuscation: Aegis obfuscates your code by compiling it to
bytecode.
- License Management: Aegis allows you to manage licenses for your
applications.

Usage

Aegis currently supports the following node.js versions:

- 16.20.2, also likely other 16.x versions

To use Aegis, you need to install the package from npm:

``bash npm @feasibleone/aegis`

`$3`

Aegis works by requiring the package at the files you want to protect.

- Protecting files

Aegis will generate protected versions of the files upon process exit when theAEGIS_BUILDenvironment variable is set. The encryption parameters for protecting the files can be set via the following environment variables: -AEGIS_CIPHER- The encryption algorithm to use. The default isaes-256-cbc. -AEGIS_KEY- The encryption key to use. If not set, a built-in key is used. -AEGIS_IV - The initialization vector to use. If not set, a built-in IV is used.

- Naming of output files

By default Aegis does not overwrite the original files, instead it creates new files by adding.cjsextension to the original file name. This is done to prevent accidental loss of source code files at developer machines.

Usually Aegis will run in a CI job, where it can be configured to overwrite the original source code file by setting theAEGIS_OVERWRITEenvironment variable.

> [!WARNING] > Aegis will overwrite any existing files without a warning. > Even if you have not setAEGIS_OVERWRITE, be careful if you have >.js.cjs files that match names of .js files.

`$3`

To obfuscate your code, require aegis at the top of each file you want to obfuscate, as shown below:

`javascript require('@feasibleone/aegis')(module);`

Obfuscating code has some side effects, such as loosing line numbers from call stack for the files that were obfuscated. This is because the code is compiled to bytecode and the original source code is not available.

`$3`

If you only want to encrypt your code, without obfuscating it, you can pass an additional parameter, as shown below:

`javascript require('@feasibleone/aegis')(module, 'js');`

`$3`

Aegis returns an object, which can be used to check licenses. This object has a property namedactivewhich is a function. This function returns an object, that gives information about the licensed features. This object always has a property namedexpireswhich holds the timestamp of the license expiration date. If the license has expired this function will throw an error with codeAEGIS_EXPIREDand typeaegis.expired. In addition to the expiresproperty, the returned object can have other properties, depending on the license.

Example usage:

`javascript const license = require('@feasibleone/aegis')(module);

// log the license information for the feature 'test' console.log(license.active('test'));`

In addition to checking the license information, you can also write logic, which depends on the license data:

`javascript const license = require('@feasibleone/aegis')(module);

console.log(You have a license for ${license.active('test').users} users)`

`$3`

Aegis allows you to generate licenses for your applications. The license contains the license terms and the cryptographic parameters needed to load the protected files. Be sure to set the same values (or defaults) forAEGIS_CIPHER,AEGIS_KEY and AEGIS_IV as you used to protect the files.

To generate a license, you can use the aegiscommand line tool. The tool is installed with the package and can be used as shown below:

`bash AEGIS='{ "terms":{ "expires":2208988800000 }, "features":{ "test":{ "aegis":true } } }' aegis`

Generating is also possible via the API:

`javascript console.log(require('@feasibleone/aegis')({ terms: { expires: 2208988800000 }, features: { test: { users: 10 } } }));`

The license is a string, which can be saved to a file or a database.

`$3`

Loading the license should happen early in the application, before loading any of the protected files. The license is loaded as shown below:

`javascript require('@feasibleone/aegis')('license string');`

`$3`

`javascript require('@feasibleone/aegis').info('license string');``

Aegis code protection

Aegis is a code protection tool that helps you protect node.js applications
from reverse engineering and tampering. It is designed to be easy to use and
integrate into your existing projects.

Features

Usage

Aegis currently supports the following node.js versions:

- 16.20.2, also likely other 16.x versions

To use Aegis, you need to install the package from npm:

``bash npm @feasibleone/aegis`

`$3`

Aegis works by requiring the package at the files you want to protect.

- Protecting files

- Naming of output files

Usually Aegis will run in a CI job, where it can be configured to overwrite the original source code file by setting theAEGIS_OVERWRITEenvironment variable.

> [!WARNING] > Aegis will overwrite any existing files without a warning. > Even if you have not setAEGIS_OVERWRITE, be careful if you have >.js.cjs files that match names of .js files.

`$3`

To obfuscate your code, require aegis at the top of each file you want to obfuscate, as shown below:

`javascript require('@feasibleone/aegis')(module);`

`$3`

If you only want to encrypt your code, without obfuscating it, you can pass an additional parameter, as shown below:

`javascript require('@feasibleone/aegis')(module, 'js');`

`$3`

Example usage:

`javascript const license = require('@feasibleone/aegis')(module);

// log the license information for the feature 'test' console.log(license.active('test'));`

In addition to checking the license information, you can also write logic, which depends on the license data:

`javascript const license = require('@feasibleone/aegis')(module);

console.log(You have a license for ${license.active('test').users} users)`

`$3`

To generate a license, you can use the aegiscommand line tool. The tool is installed with the package and can be used as shown below:

`bash AEGIS='{ "terms":{ "expires":2208988800000 }, "features":{ "test":{ "aegis":true } } }' aegis`

Generating is also possible via the API:

`javascript console.log(require('@feasibleone/aegis')({ terms: { expires: 2208988800000 }, features: { test: { users: 10 } } }));`

The license is a string, which can be saved to a file or a database.

`$3`

Loading the license should happen early in the application, before loading any of the protected files. The license is loaded as shown below:

`javascript require('@feasibleone/aegis')('license string');`

`$3`

`javascript require('@feasibleone/aegis').info('license string');``