由本机库处理的加密加密类文件 [英] Encrypted class files with decryption handled by a native library
问题描述
文章破解Java字节码加密( javaworld.com/javaworld/javaqa/2003-05/01-qa-0509-jcrypt.html )解释了为什么使用自定义类加载器的类文件加密是无意义的,因为在某些时候你总是需要调用defineClass(),它将类文件作为未加密的字节数组传递给JVM。
然而,我看到了使用稍微不同的方法的解决方案;该类由本地库解密,并通过findClass()方法作为java.lang.Class实例移交给JVM。 - defineClass()从未被调用。
<这是否意味着这些解决方案没有这个弱点?当然,您可以随时通过在汇编程序级别处理调试器来提取类文件,而确定的黑客可以破坏任何保护。但是至少这样做使得反编译比修补defineClass()更难以将未加密的.class文件转储到磁盘。或者我忽略了某些东西?
但是至少这样做使得反编译比修补defineClass()将未加密的.class文件转储到磁盘。
只有一点。没有足够的区别。
或者我俯瞰某些东西?
在某些时候,本地库必须解密字节码。在这一点上,修补本地图书馆可能会很困难。二进制库的拆卸和修补不是火箭科学。
The article "Cracking Java byte-code encryption" (javaworld.com/javaworld/javaqa/2003-05/01-qa-0509-jcrypt.html) explains why class file encryption using a custom class loader is pointless, because at some point you always need to call defineClass(), which passes the class file to the JVM as an unencrypted byte array.
However I've seen solutions where a slightly different approach is used; the class is decrypted by a native library and handed over to the JVM as a java.lang.Class instance through the findClass() method -- defineClass() is never called.
Does that mean that these solutions do not have this weakness? Sure, you can always extract class files by working with a debugger on the assembler level, and a determined hacker can break any protection. But at least this makes decompilation a bit more difficult than just patching defineClass() to dump unencrypted .class files to disk. Or am I overlooking something?
But at least this makes decompilation a bit more difficult than just patching defineClass() to dump unencrypted .class files to disk.
Only a bit. Not enough to make much difference.
Or am I overlooking something?
At some point, the native library has to decrypt the bytecodes. It wouldn't be hard to patch the native library to do snarf them at that point. Disassembly and patching binary libraries is not "rocket science".
这篇关于由本机库处理的加密加密类文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
