如何加密.jar文件 [英] How to encrypt a .jar file
问题描述
我在一个项目中,我们需要加密.jar文件,所以没有人可以访问到的.class文件该JAR文件中....没有任何Java代码,可以帮助我来加密工作.jar文件?
I'm working in a project where we need to encrypt the .jar file so no one can access to the .class files which inside the jar file.... is there any java coding which can help me to encrypt the .jar file ?
推荐答案
即使你加密的jar文件,它必须被解密之前,JVM能够运行它,所以你需要一个包含解密类另一个jar文件和负载在JVM。
Even if you encrypt the jar file, it must be decrypted before the JVM is able to run it, so you'll need another jar file containing classes that decrypt and loads in the JVM.
由于第二jar文件不能本身提供了加密,恶意用户想要见你的类文件,可以简单地看一下班在第二个jar文件,然后解密您的超级秘密的jar文件,并有机会获得它。
Since this second jar file cannot be itself encrypted, a malicious user wanting to see you class files, can simply look at classes in this second jar file, and then decrypt your super-secret jar file and have access to it.
也许你可以使用混淆从反编译增加code的安全性,但它最终将保护(使它更难,但不是不可能的),您的类文件,不能被使用。
Maybe you can increase security of your code using an obfuscator, but it will eventually protect (make it harder but not impossible) your class files from decompilation, not from being used.
如果混淆是不够的,你可以考虑编译JAR文件为Windows DLL或SO的Unix / Linux操作系统,这将使它更难反编译,但它并不总是能够正确地做到这一点,它通常是皮塔饼。 GCJ是能够以某种方式做到这一点,并且有将实际编译的.class其他商业产品/的.jar直接将机器code。
If obfuscation is not enough, you could consider compiling your jar file to a DLL for windows or a SO for unix/linux, that will make it much harder to decompile, but it's not always possible to do that correctly and it's generally a PITA. GCJ is able to do this somehow, and there are other commercial products that will actually compile .class/.jar directly to machine code.
但请考虑,这不要紧,你把多少安全性在里面,因为客户机必须能够执行它,它必须能够读取它,所以不管你是什么code就会暴露,你只能使它更难。
However please consider that it does not matter how much security you put in it, since the client computer MUST be able to execute it, it must be able to read it, so no matter what your code will be exposed, you can only make it harder.
如果你真的有一个算法,以便秘密你不想透露不管是什么,可以考虑将其转换为Web服务,它的托管服务器上,这样你就不必发送实际的code将客户机并能应用程序通过检查获得它的重要组成部分,也能更好prevent未经授权的拷贝。
If you really have an algorithm so secret you don't want to disclose no matter what, consider converting it to a web service, hosting it on your server, so that you don't have to send the actual code to the client machines and can also better prevent unauthorized copies of your application by checking access to that vital part of it.
这篇关于如何加密.jar文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
