如何保护Java/Javafx代码不被最终用户看到? [英] How can I protect Java/Javafx code from being seen by final user?
问题描述
我为一家公司从事一个项目已经超过两年了.该项目是一个非常大的项目,使用rxtx与硬件设备进行通信.我将Java 8和JAVAFX用于UI.现在已经快完成了,我开始研究如何交付公司将在其客户中分发的最终用户应用程序.
I have been working on a project alone for more than two years for a company. The project is a really big one using rxtx to communicate with a hardware device. I used Java 8 and JAVAFX for the UI. Now it is almost finished and I am starting to search how to deliver the end user application that the company will distribute over its clients.
问题是与我合作的公司希望在软件介于最终客户之间时无法访问该代码,因为Java代码包含一些极其敏感的信息,如果最终客户发生,该信息可能会对公司造成非常严重的后果认识他们.客户可以从字面上执行他们无权执行的操作.
The problem is that the company I am working with wants the code to be non reachable when the software is between final clients hands because the Java code contains some extremely sensitive information that could have very bad consequences for the company if final clients happened to know them. The clients can literally perform actions they don’t have the right to perform.
因此,经过大量研究并针对我的情况进行思考后,我了解到混淆了JAR并不是解决方案.然后,我尝试生成JAR,然后将其转换为EXE,但我成功完成的工作就是将JAR包装到EXE中,这不会阻止提取JAR,然后轻松查看所有代码.最后,我发现我应该使用AoT编译(如GCJ编译器)从Java代码生成本地二进制exe,但是在这里我被困住了,因为在观看视频和阅读文章等之后,我没有设法找到一种清晰的方法来生成本地二进制文件可执行程序.
So after searching (a lot) and thinking relatively to my case, I understood that giving a JAR obfuscated isn’t the solution. I then tried to generate a JAR and then transform it to an EXE but all I succeeded on was wrapping the JAR into EXE which does not prevent extracting the JAR and then seeing all the code easily. Finally, I found that I should use AoT compilation like GCJ compiler to produce native binary exe from my Java code but here I am stuck because after watching videos and reading articles etc I didn’t manage to find a clear way to produce the native binary exe.
我现在很困惑,因为我不知道自己是在正确的道路上,还是在正确的方向上,或者我是完全错误的,还有另一种保护代码的方法(至少对于非专业的黑客来说,我知道这是可以理解的)无法使其100%安全,但我只是在寻找一种合理且好的方法).我应该如何管理工作的最后一步?
I am now confused since I don’t know if I am on the right path and good direction or if I am totally wrong and there is another way of protecting the code (at least from non professional hackers, I understand that it is not possible to make it 100% safe but I am just searching for a reasonable and good way). How should I manage this final step of my work?
推荐答案
我目前在一家公司工作,该公司的代码我们不希望任何人获得客户的安全,并且(不重要的是)出于法律原因. ;-)
I currently work for a company that has code that we don't want anyone to have access to for the security of our clients and-- less important-- for legal reasons. ;-)
您可能要考虑的一种解决方案是将您认为最敏感的代码重写到C/C ++库中.对于各个操作系统,可以将其编译成.so/.dll/.dylib文件,这将使它变得困难,并非完全不可能,但也难以反编译.
One possible solution you could look into would be to rewrite the code you deem most sensitive into a C/C++ library. It would be possible to compile this into a .so/.dll/.dylib file for the respective OSs and it would make it difficult, not entirely impossible, but difficult to decompile.
麻烦来自学习如何从Java访问本机代码,因为许多文档没有帮助或只是根本不存在.这将利用Java本机接口(JNI),它允许Java与本机(编译的C/C ++)代码进行接口.这样就可以创建一个Jar文件,该文件可以有效地成为Java库,供您在项目的其余部分中访问.但是,仍然需要在运行时加载本机代码,但这是学习JNI如何工作的一部分.我发现的有关JNI的有用链接是 http://jnicookbook.owsiak.org/(只要仍然是一个功能性链接).
The trouble would come from learning how to access native code from Java as much of the documentation is not helpful or just simply nonexistent. This would utilize the Java Native Interface (JNI) which allows Java to, well, interface with the native (compiled C/C++) code. This would make it possible to create a Jar file that would effectively become a Java library for you to access throughout the rest of your project. The native code, however will still need to be loaded at runtime, but that's apart of learning how JNI works. A helpful link I found for JNI is http://jnicookbook.owsiak.org/ (for as long as it's still a functional link).
我在这里工作的一位客户有一个用Java编写的项目,并且需要实现我们的代码,不幸的是,这些代码都是用C编写的.因此,我们需要一种从Java访问此C/C ++代码的方法.这是我们解决此问题的方法,而无需用Java重写代码.但是,我们已经用C编写了代码,这是我们的好处(?)
One of our clients here where I work has a project written in Java and needed to implement our code that is unfortunately all written in C. So we needed a way to access this C/C++ code from Java. This is the way we went about solving this issue without rewriting our code in Java. But we had the benefit (?) of having already written our code in C.
这种在最后一分钟用另一种我可能不熟悉的语言编写额外代码的解决方案听起来并不有趣.
This solution to write a bunch of extra code last minute in another language that I may or may not be familiar with doesn't sound like particularly fun time.
我很想知道其他人使用此解决方案可能遇到的问题.
I would be curious to learn what possible problems others might see with this solution.
这篇关于如何保护Java/Javafx代码不被最终用户看到?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
