CN111159661A - Decompilation prevention method and device, electronic equipment and storage medium - Google Patents
Decompilation prevention method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111159661A CN111159661A CN201811328424.5A CN201811328424A CN111159661A CN 111159661 A CN111159661 A CN 111159661A CN 201811328424 A CN201811328424 A CN 201811328424A CN 111159661 A CN111159661 A CN 111159661A
- Authority
- CN
- China
- Prior art keywords
- class file
- file
- encryption
- protection
- class
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000002265 prevention Effects 0.000 title abstract description 12
- 238000004590 computer program Methods 0.000 claims description 6
- 238000005336 cracking Methods 0.000 abstract description 22
- 230000008901 benefit Effects 0.000 abstract description 9
- 238000010586 diagram Methods 0.000 description 8
- 230000000694 effects Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 239000000306 component Substances 0.000 description 2
- 239000008358 core component Substances 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000013024 troubleshooting Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a decompilation prevention method, a decompilation prevention device, an electronic device and a storage medium. The method comprises the following steps: encrypting a product Class file of a software product to be protected, and storing a corresponding first decryption algorithm and a first decryption key in a Class loader Class file; encrypting the Class loader Class file, storing a corresponding second decryption algorithm and a second decryption key in a 1 st protected Java file, and compiling into a 1 st protected Class file; and sequentially taking i from 1 to N, encrypting the ith protection Class file, storing the corresponding (i + 2) th decryption algorithm and the (i + 2) th decryption key in the (i + 1) th protection Java file, and compiling into the (i + 1) th protection Class file. The cracking cost is increased through a layer-by-layer encryption mode, so that the cracking failure cost or the cracking cost is higher than the expected benefit, and the decompiling of the product Class file is prevented.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a decompilation prevention method and device, electronic equipment and a storage medium.
Background
According to the Java virtual machine specification, the Class file generated by Java language compilation is stored by adopting a pseudo structure similar to a C language structure, so that decompilation by reverse engineering is very easy.
In the prior art, code obfuscation and code encryption are commonly adopted to prevent a Class file from being decompiled. However, both the method of code obfuscation and the method of code encryption have certain disadvantages. For example, the readability of the code is greatly reduced by the code confusion mode, the problem cannot be solved essentially, the core component code can still be cracked by enduring reading, and the code confusion can cause program logic errors on a larger probability and increase the difficulty of troubleshooting. In the current mainstream method, an encryption entry is put into a dynamic library by using a jni (Java Native interface) technology, and the dynamic library is developed by using C or C + + language, so that the cross-platform characteristic of the Java language is damaged.
Disclosure of Invention
In view of the above, the present invention provides a method, an apparatus, an electronic device and a storage medium for preventing decompilation, so as to effectively improve the above problems.
The embodiment of the invention is realized by the following steps:
in a first aspect, an embodiment of the present invention provides a method for preventing decompilation, including: encrypting a product Class file of a software product to be protected, and storing a first decryption algorithm and a first decryption key for decrypting the product Class file in a Class loader Class file; encrypting the Class loader Class file, storing a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protection Java file, and compiling the 1 st protection Java file into the 1 st protection Class file; and sequentially taking i from 1 to N, encrypting the ith protection Class file, storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file in the randomly generated (i + 1) th protection Java file, and compiling into the (i + 1) th protection Class file, wherein N is more than or equal to 1. In the embodiment of the application, the cracking cost is increased by a layer-by-layer encryption mode of separating a key from a lock phase, for example, a product Class file is encrypted, and a first decryption algorithm and a first decryption key for decrypting the product Class file are stored in a Class loader Class file; encrypting the Class loader Class file, storing a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protection Java file, and compiling into a 1 st protection Class file; and then encrypting the 1 st protected Class file, storing a third decryption algorithm and a third decryption key for decrypting the 1 st protected Class file in a randomly generated 2 nd protected Java file, and compiling into the 2 nd protected Class file … … so that the cost of cracking or cracking is higher than the expected benefit, thereby preventing the product Class file from being decompiled.
With reference to one possible implementation manner of the first aspect, the storing an i +2 th decryption algorithm and an i +2 th decryption key for decrypting the ith protected Class file in an i +1 th randomly generated protected Java file includes: randomly selecting a code template from a preset code template pool to generate an i +1 th protected Java file; and storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protected Class file in the (i + 1) th protected Java file. In the embodiment of the application, an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file are stored in an i +1 protection Java file generated by a code template randomly selected from a preset code template pool, and the i +1 protection Java file is compiled to generate the i +1 protection Class file, wherein the protection Class files are randomly generated and have no similarity with each other, and the code method and the variable naming have poor readability.
With reference to still another possible implementation manner of the first aspect, the encrypting the product Class file of the software product to be protected includes: encrypting a product Class file of a software product to be protected based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or encrypting the product Class file of the software product to be protected based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys. In the embodiment of the application, when the product Class file is encrypted, the product Class file is encrypted based on the randomly selected encryption algorithm and the randomly selected encryption key or the randomly generated encryption key, so that the cracking cost is further increased, and the effect of preventing the product Class file from being decompiled is improved.
With reference to yet another possible implementation manner of the first aspect, the encrypting the Class loader Class file includes: encrypting the Class loader Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or encrypting the Class loader Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys. In the embodiment of the application, when the Class loader Class file is encrypted, the Class loader Class file is encrypted based on a randomly selected encryption algorithm and a randomly selected encryption key or a randomly generated encryption key, so that the cracking cost is further increased, and the effect of preventing the Class loader Class file from being decompiled is improved.
With reference to still another possible implementation manner of the first aspect, the encrypting the ith protection Class file includes: encrypting the ith protection Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or encrypting the ith protection Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys. In the embodiment of the application, when the ith protection Class file is encrypted, the ith protection Class file is encrypted based on a randomly selected encryption algorithm and a randomly selected encryption key or a randomly generated encryption key, so that the cracking cost is further increased, and the effect of preventing the decompiling of the product Class file is improved.
With reference to still another possible implementation manner of the first aspect, the value of N increases as the protection level of the software product to be protected increases. In the embodiment of the application, the value of N is increased along with the increase of the protection level of the software product to be protected, namely, the higher the protection level of the software product to be protected is, the larger the value of N is, the more the corresponding encryption layers are, the larger the cracking difficulty is, and the better the decompiling prevention effect is.
Protection level of the software product to be protected
In a second aspect, an embodiment of the present invention further provides an apparatus for preventing decompilation, including: the device comprises a first encryption storage module, a second encryption storage module and a third encryption storage module; the first encryption storage module is used for encrypting a product Class file of a software product to be protected and storing a first decryption algorithm and a first decryption key for decrypting the product Class file in a Class loader Class file; the second encryption storage module is used for encrypting the Class loader Class file, storing a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protection Java file, and compiling the 1 st protection Java file into the 1 st protection Class file; and the third encryption storage module is used for sequentially taking i from 1 to N, encrypting the ith protection Class file, storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file in the randomly generated i +1 th protection Java file, and compiling the i +1 th protection Class file into the i +1 th protection Class file, wherein N is more than or equal to 1.
With reference to a possible implementation manner of the second aspect, the third encryption storage module is further configured to randomly select a code template from a preset code template pool to generate an i +1 th protected Java file; and the i +2 decryption algorithm and the i +2 decryption key for decrypting the ith protected Class file are also stored in the (i + 1) th protected Java file.
In combination with another possible implementation manner of the second aspect, the first encryption storage module is further configured to encrypt the product Class file of the software product to be protected based on an encryption algorithm randomly selected from the preset encryption algorithm pool and an encryption key randomly generated; or encrypting the product Class file of the software product to be protected based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys.
In combination with another possible implementation manner of the second aspect, the second encryption storage module is further configured to encrypt the Class loader Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key generated randomly; or encrypting the Class loader Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys.
With reference to still another possible implementation manner of the second aspect, the third encryption storage module is further configured to encrypt the ith protection Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and a randomly generated encryption key; or encrypting the ith protection Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys.
In a third aspect, an embodiment of the present invention further provides an electronic device, including: a memory and a processor, the memory and the processor connected; the memory is used for storing programs; the processor is configured to invoke a program stored in the memory to perform the first aspect and/or the method provided in connection with any of the alternative embodiments of the first aspect.
In a fourth aspect, an embodiment of the present invention further provides a storage medium, on which a computer program is stored, where the computer program is executed by a processor to perform the method of the first aspect and/or the method provided in connection with any one of the optional implementations of the first aspect.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the embodiments of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts. The above and other objects, features and advantages of the present invention will become more apparent from the accompanying drawings. Like reference numerals refer to like parts throughout the drawings. The drawings are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the invention.
Fig. 1 is a flowchart illustrating a method for preventing decompilation according to an embodiment of the present invention.
Fig. 2 shows a schematic flowchart of step S103 in fig. 2 according to an embodiment of the present invention.
Fig. 3 is a schematic diagram illustrating an application of a method for preventing decompilation according to an embodiment of the present invention.
Fig. 4 is a schematic diagram illustrating functional modules of a decompilation prevention apparatus according to an embodiment of the present invention.
Fig. 5 shows a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
In the description of the present invention, it should be noted that the terms "first", "second", "third", and the like are used only for distinguishing the description, and are not intended to indicate or imply relative importance. Further, the term "and/or" in the present application is only one kind of association relationship describing the associated object, and means that three kinds of relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist simultaneously, and B exists alone.
Referring to fig. 1, steps included in a method for preventing decompilation according to an embodiment of the present invention will be described with reference to fig. 1.
Step S101: encrypting a product Class file of a software product to be protected, and storing a first decryption algorithm and a first decryption key for decrypting the product Class file in a Class loader Class file.
For commercial products, developers do not want the code to be reverse decompiled and stolen, especially for core components such as License authorized code. Through reverse engineering decompilation and code replacement, the sales volume is reduced and the profit is lost, so that the enthusiasm of software product developers is greatly struck, and the development of the software industry is greatly hindered. Therefore, in the embodiment of the application, a product Class file of a software product to be protected is encrypted, and a first decryption algorithm and a first decryption key for decrypting the product Class file are stored in a Class loader Class file. That is, the product Class file can be decrypted by the first decryption algorithm and the first decryption key in the Class loader Class file.
When encrypting the product Class file, encrypting the product Class file of the software product to be protected based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or encrypting the product Class file of the software product to be protected based on an encryption algorithm randomly selected from the preset encryption algorithm pool and an encryption key randomly selected from the preset encryption key pool. The preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys.
Wherein, the encryption key used in encryption can be randomly generated, such as a true random number generator or a pseudo random number generator; or may be randomly selected from a pool of preset encryption keys.
The preset encryption algorithm pool is manually configured in advance and comprises a plurality of different encryption algorithms such as AES, DES and the like; similarly, the preset encryption key pool is manually configured in advance and comprises a plurality of different encryption keys.
Step S102: and encrypting the Class loader Class file, storing a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protection Java file, and compiling into the 1 st protection Class file.
The method comprises the steps of encrypting a Class loader Class file stored with a first decryption algorithm and a first decryption key for decrypting a product Class file, storing a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protected Java file, and compiling the 1 st protected Class file. That is, the Class loader Class file can be decrypted by the second decryption algorithm and the second decryption key in the 1 st protected Class file.
When encrypting the Class loader Class file, encrypting the Class loader Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or encrypting the Class loader Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool.
Step S103: and sequentially taking i from 1 to N, encrypting the ith protection Class file, storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file in the randomly generated (i + 1) th protection Java file, and compiling the i +1 th protection Class file into the (i + 1) th protection Class file, wherein N is more than or equal to 1.
Sequentially taking i from 1 to N, encrypting the ith protection Class file, storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file in the randomly generated (i + 1) th protection Java file, and compiling the i +1 th protection Class file into the (i + 1) th protection Class file, wherein N is more than or equal to 1; namely, the 1 st protected Class file is encrypted, the corresponding 3 rd decryption algorithm and 3 rd decryption key are stored in the 2 nd protected Java file which is randomly generated and compiled into the 2 nd protected Class file, encrypt the 2 nd protected Class file, store the corresponding 4 th decryption algorithm and 4 th decryption key in the randomly generated 3 rd protected Java file, and compile into the 3 rd protected Class file, … …, encrypting the (N-1) th protection Class file, storing the corresponding (N + 1) th decryption algorithm and (N + 1) th decryption key in the randomly generated (N + 1) th protection Java file, and compiling into the (N) th protection Class file, and encrypting the Nth protection Class file, storing the corresponding N +2 decryption algorithm and the corresponding N +2 decryption key in the randomly generated N +1 th protection Java file, and compiling into the N +1 th protection Class file.
That is to say, the 1 st protected Class file can be decrypted through the 3 rd decryption algorithm and the 3 rd decryption key in the 2 nd protected Class file, the 2 nd protected Class file can be decrypted through the 4 th decryption algorithm and the 4 th decryption key in the 3 rd protected Class file, and so on, and the nth protected Class file can be decrypted through the N +2 th decryption algorithm and the N +2 th decryption key in the N +1 th protected Class file. The cracking cost is increased through a layer-by-layer encryption mode of separating a key and a lock phase, so that the cracking failure cost or the cracking cost is higher than the expected benefit, and the Class file of the product is prevented from being decompiled.
When encrypting the ith protection Class file, encrypting the ith protection Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or the ith protection Class file can be encrypted based on an encryption algorithm randomly selected from the preset encryption algorithm pool and an encryption key randomly selected from the preset encryption key pool.
The value of N is increased along with the increase of the protection level of the software product to be protected, namely the higher the protection level of the software product to be protected is, the larger the value of N is, the more the corresponding encryption layers are, the larger the cracking difficulty is, and the better the decompiling prevention effect is.
As an alternative embodiment, a specific process of storing the i +2 th decryption algorithm and the i +2 th decryption key for decrypting the ith protected Class file in the randomly generated i +1 th protected Class file may be described with reference to the steps shown in fig. 2.
Step S201: and randomly selecting a code template from the preset code template pool to generate an i +1 th protected Java file.
Randomly selecting a code template from a plurality of code templates in a preset code template pool to generate an i +1 th protected Java file.
Step S202: and storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protected Class file in the (i + 1) th protected Java file.
And writing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file into the (i + 1) th protection Java file in a hard coding mode.
It should be noted that, each of the above protected Java files (e.g., the 1 st protected Java file, the 2 nd protected Java file, … …, the nth protected Java file, and the N +1 th protected Java file) is generated based on a randomly selected code template in a preset code template pool, and a class, a method, and a variable naming mode of a generated code have a characteristic of poor readability, a large amount of invalid code logic is mixed up in the code template, and the code logic does not have generality. The preset code template pool is manually configured in advance and comprises a large number of different code templates, wherein the number of the code templates is increased along with the increase of the protection level of the software product to be protected.
Because the protection Class files are randomly generated and have no similarity with each other, and the code method and the variable naming have poor readability, a cracker is prevented from cracking the protection Class files through a tool in the mode, and then the Class loader Class files are decrypted, so that the cracker is forced to crack through a manual mode, the cracking cost is higher than the expected benefit, and the cracker gives up cracking the codes.
To facilitate understanding of the above process, it can be understood in conjunction with the schematic diagram shown in fig. 3. Encrypting a product Class file, and storing a first decryption algorithm and a first decryption key for decrypting the product Class file in a Class loader Class file; encrypting the Class loader Class file, storing a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protection Java file, and compiling into a 1 st protection Class file; and then encrypting the 1 st protection Class file, storing a corresponding third decryption algorithm and a third decryption key in a randomly generated 2 nd protection Java file, and compiling into … … nd protection Class file till the N +1 th protection Class file. Wherein, the last protection Class file is not encrypted, so that the Java virtual machine can load the (N + 1) th protection Class file. And the (N + 1) th protected Class file can be decompiled, and the decompilation can see the decryption key and decryption algorithm of the Nth protected Class file. A cracker can crack the Class loader Class file in a way of cracking the Class loader Class file one by one in a reverse way, so that a decryption secret key and a decryption algorithm of the product Class file are obtained, and a product code is cracked. Therefore, the cracking cost is set by the value N, and the product code is protected if the cracking cost of a cracker is greater than the expected benefit due to the fact that the value N is larger. For example: the reading time of each protected Class file is 0.5 hour at a higher speed (because the readability of the code is poor and a large amount of invalid logic is confused, reading and understanding the code after decompilation has certain difficulty), 1 thousand files take 500 hours, and the cracking needs to be completed in about 62 days after the reading time is calculated according to 8 hours of a working day. This almost forces the cracker to give up the cracking immediately.
The embodiment of the present application further provides an apparatus 100 for preventing decompilation, as shown in fig. 4. The decompilation prevention apparatus 100 includes: a first encryption storage module 110, a second encryption storage module 120, and a third encryption storage module 130.
The first encryption storage module 110 is configured to encrypt a product Class file of a software product to be protected, and store a first decryption algorithm and a first decryption key for decrypting the product Class file in a Class loader Class file.
The second encryption storage module 120 is configured to encrypt the Class loader Class file, store a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protected Java file, and compile the 1 st protected Class file.
The third encryption storage module 130 is configured to sequentially fetch i from 1 to N, encrypt the ith protection Class file, store an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file in the randomly generated i +1 th protection Java file, and compile the i +1 th protection Class file into the i +1 th protection Class file, where N is greater than or equal to 1.
The implementation principle and the resulting technical effect of the decompilation prevention apparatus 100 provided by the embodiment of the present invention are the same as those of the foregoing method embodiments, and for the sake of brief description, no mention of the apparatus embodiment may be made to refer to the corresponding contents in the foregoing method embodiments.
The embodiment of the present application further provides an electronic device 200, as shown in fig. 5. The electronic device 200 may include: at least one transceiver 210, at least one processor 220, e.g., a CPU, at least one memory 230, and at least one communication bus 240. Wherein the communication bus 240 is used for realizing direct connection communication of these components. The transceiver 210 is used to receive and transmit data. The memory 230 may be a high-speed RAM memory or a non-volatile memory (e.g., at least one disk memory). The memory 230 stores therein computer readable instructions, such as the software functional modules shown in fig. 3, that is, the decompilation prevention apparatus 100. The decompilation prevention apparatus 100 includes at least one software function module, which may be stored in the memory 230 in the form of software or firmware (firmware) or solidified in an Operating System (OS) of the electronic device 200.
In the embodiment of the present invention, the electronic device 200 may be, but is not limited to, a web server, a database server, a cloud server, and the like.
Embodiments of the present application further provide a readable storage medium, on which a computer program is stored, where the computer program runs the steps shown in the above method embodiments when executed by a processor.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a notebook computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A method for preventing decompilation, comprising:
encrypting a product Class file of a software product to be protected, and storing a first decryption algorithm and a first decryption key for decrypting the product Class file in a Class loader Class file;
encrypting the Class loader Class file, storing a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protection Java file, and compiling the 1 st protection Java file into the 1 st protection Class file;
and sequentially taking i from 1 to N, encrypting the ith protection Class file, storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file in the randomly generated (i + 1) th protection Java file, and compiling into the (i + 1) th protection Class file, wherein N is more than or equal to 1.
2. The method according to claim 1, wherein storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the i protected Class file in a randomly generated i +1 protected Java file comprises:
randomly selecting a code template from a preset code template pool to generate an i +1 th protected Java file;
and storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protected Class file in the (i + 1) th protected Java file.
3. The method of claim 1, wherein encrypting the product Class file of the software product to be protected comprises:
encrypting a product Class file of a software product to be protected based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or encrypting the product Class file of the software product to be protected based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys.
4. The method of claim 1, wherein encrypting the Class loader Class file comprises:
encrypting the Class loader Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or encrypting the Class loader Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys.
5. The method according to claim 1, wherein said encrypting the ith protection Class file comprises:
encrypting the ith protection Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly generated; or encrypting the ith protection Class file based on an encryption algorithm randomly selected from a preset encryption algorithm pool and an encryption key randomly selected from a preset encryption key pool, wherein the preset encryption algorithm pool comprises a plurality of different encryption algorithms, and the preset encryption key pool comprises a plurality of different encryption keys.
6. The method according to any one of claims 1-5, wherein:
the value of N increases with the increase of the protection level of the software product to be protected.
7. An apparatus for preventing decompilation, comprising:
the first encryption storage module is used for encrypting a product Class file of a software product to be protected and storing a first decryption algorithm and a first decryption key for decrypting the product Class file in a Class loader Class file;
the second encryption storage module is used for encrypting the Class loader Class file, storing a second decryption algorithm and a second decryption key for decrypting the Class loader Class file in a randomly generated 1 st protection Java file, and compiling the 1 st protection Java file into the 1 st protection Class file;
and the third encryption storage module is used for sequentially taking i from 1 to N, encrypting the ith protection Class file, storing an i +2 decryption algorithm and an i +2 decryption key for decrypting the ith protection Class file in the randomly generated i +1 th protection Java file, and compiling the i +1 th protection Class file into the i +1 th protection Class file, wherein N is more than or equal to 1.
8. The apparatus according to claim 7, wherein the third encrypted storage module is further configured to randomly select a code template from a preset code template pool to generate an i +1 th protected Java file; and the i +2 decryption algorithm and the i +2 decryption key for decrypting the ith protected Class file are also stored in the (i + 1) th protected Java file.
9. An electronic device, comprising: a memory and a processor, the memory and the processor connected;
the memory is used for storing programs;
the processor is configured to invoke a program stored in the memory to perform the method of any of claims 1-6.
10. A storage medium, having stored thereon a computer program which, when executed by a processor, performs the method of any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811328424.5A CN111159661B (en) | 2018-11-08 | 2018-11-08 | Decompilation prevention method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811328424.5A CN111159661B (en) | 2018-11-08 | 2018-11-08 | Decompilation prevention method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111159661A true CN111159661A (en) | 2020-05-15 |
| CN111159661B CN111159661B (en) | 2022-07-12 |
Family
ID=70555196
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811328424.5A Active CN111159661B (en) | 2018-11-08 | 2018-11-08 | Decompilation prevention method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111159661B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112152802A (en) * | 2020-09-09 | 2020-12-29 | 深圳市欢太科技有限公司 | Data encryption method, electronic device and computer storage medium |
| CN113553553A (en) * | 2021-07-26 | 2021-10-26 | 平安消费金融有限公司 | Decompilation prevention method and device, computer equipment and storage medium |
| CN114547653A (en) * | 2022-02-24 | 2022-05-27 | 科东(广州)软件科技有限公司 | Encryption method, decryption method, device, equipment and medium for development environment |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100205459A1 (en) * | 2007-09-25 | 2010-08-12 | Konrad Schwarz | Method and system for protecting against access to a machine code of a device |
| CN101814124A (en) * | 2010-04-20 | 2010-08-25 | 浪潮电子信息产业股份有限公司 | Java-based method for enhancing software security |
| CN102360412A (en) * | 2011-09-26 | 2012-02-22 | 飞天诚信科技股份有限公司 | Method and system for protecting Java source code |
| CN103995992A (en) * | 2014-05-28 | 2014-08-20 | 全联斯泰克科技有限公司 | Method and device for protecting software |
| CN104268444A (en) * | 2014-08-25 | 2015-01-07 | 浪潮电子信息产业股份有限公司 | Cloud OS Java source code protection method |
| CN104268480A (en) * | 2014-10-10 | 2015-01-07 | 重庆邮电大学 | XML (extensive markup language) configuration file security protection processing method and system |
| CN105022936A (en) * | 2014-04-30 | 2015-11-04 | 北京畅游天下网络技术有限公司 | Class file encryption and decryption method and class file encryption and decryption device |
| CN106650342A (en) * | 2016-11-29 | 2017-05-10 | 北京握奇智能科技有限公司 | Jar packet strengthening method and system |
| CN108011879A (en) * | 2017-11-30 | 2018-05-08 | 广州酷狗计算机科技有限公司 | File encryption, method, apparatus, equipment and the storage medium of decryption |
| CN108664773A (en) * | 2018-04-26 | 2018-10-16 | 北京三快在线科技有限公司 | The guard method of Java source code and device |
-
2018
- 2018-11-08 CN CN201811328424.5A patent/CN111159661B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100205459A1 (en) * | 2007-09-25 | 2010-08-12 | Konrad Schwarz | Method and system for protecting against access to a machine code of a device |
| CN101814124A (en) * | 2010-04-20 | 2010-08-25 | 浪潮电子信息产业股份有限公司 | Java-based method for enhancing software security |
| CN102360412A (en) * | 2011-09-26 | 2012-02-22 | 飞天诚信科技股份有限公司 | Method and system for protecting Java source code |
| CN105022936A (en) * | 2014-04-30 | 2015-11-04 | 北京畅游天下网络技术有限公司 | Class file encryption and decryption method and class file encryption and decryption device |
| CN103995992A (en) * | 2014-05-28 | 2014-08-20 | 全联斯泰克科技有限公司 | Method and device for protecting software |
| CN104268444A (en) * | 2014-08-25 | 2015-01-07 | 浪潮电子信息产业股份有限公司 | Cloud OS Java source code protection method |
| CN104268480A (en) * | 2014-10-10 | 2015-01-07 | 重庆邮电大学 | XML (extensive markup language) configuration file security protection processing method and system |
| CN106650342A (en) * | 2016-11-29 | 2017-05-10 | 北京握奇智能科技有限公司 | Jar packet strengthening method and system |
| CN108011879A (en) * | 2017-11-30 | 2018-05-08 | 广州酷狗计算机科技有限公司 | File encryption, method, apparatus, equipment and the storage medium of decryption |
| CN108664773A (en) * | 2018-04-26 | 2018-10-16 | 北京三快在线科技有限公司 | The guard method of Java source code and device |
Non-Patent Citations (4)
| Title |
|---|
| Z.HONG 等: ""Java Source Code Protection Based on JNI and AES Algorithm,"", 《2017 IEEE INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ENGINEERING (CSE) AND IEEE INTERNATIONAL CONFERENCE ON EMBEDDED AND UBIQUITOUS COMPUTING (EUC)》 * |
| 陈芝荣等: ""Java类加载器机制与模型"", 《软件导刊》 * |
| 鲍福良等: ""改进的Java类文件保护方法"", 《计算机工程》 * |
| 黄勤龙等: "《云计算数据安全》", 31 March 2018, 北京邮电大学出版社 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112152802A (en) * | 2020-09-09 | 2020-12-29 | 深圳市欢太科技有限公司 | Data encryption method, electronic device and computer storage medium |
| CN112152802B (en) * | 2020-09-09 | 2023-06-20 | 深圳市欢太科技有限公司 | Data encryption method, electronic device and computer storage medium |
| CN113553553A (en) * | 2021-07-26 | 2021-10-26 | 平安消费金融有限公司 | Decompilation prevention method and device, computer equipment and storage medium |
| CN114547653A (en) * | 2022-02-24 | 2022-05-27 | 科东(广州)软件科技有限公司 | Encryption method, decryption method, device, equipment and medium for development environment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111159661B (en) | 2022-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210294879A1 (en) | Securing executable code integrity using auto-derivative key | |
| CN103268455B (en) | The access method of data and device | |
| US8555059B2 (en) | Secure local update of content management software | |
| US20140223580A1 (en) | Method of and apparatus for processing software using hash function to secure software, and computer-readable medium storing executable instructions for performing the method | |
| KR102433011B1 (en) | Method of apk file protection, apk file protection system performing the same, and storage medium storing the same | |
| CN111159661B (en) | Decompilation prevention method and device, electronic equipment and storage medium | |
| CN102073826A (en) | System and method for digital copyright management using lightweight digital watermark adding component | |
| CN102163266A (en) | Securely move virtual machines between host servers | |
| AU2004200682A1 (en) | Verbose hardware identification for binding a software package to a computer system having tolerance for hardware changes | |
| CN107077540B (en) | Method and system for providing cloud-based application security services | |
| US8392723B2 (en) | Information processing apparatus and computer readable medium for preventing unauthorized operation of a program | |
| CN112966227A (en) | Code encryption and decryption method and device and storage medium | |
| CN110188555A (en) | A kind of hard disk data protection method, system and associated component | |
| CN104067286A (en) | Detection of invalid escrow keys | |
| CN103971034A (en) | Method and device for protecting Java software | |
| US10536276B2 (en) | Associating identical fields encrypted with different keys | |
| CN114547558B (en) | Authorization method, authorization control device, equipment and medium | |
| Elrom et al. | Eos. io wallets and smart contracts | |
| KR101405915B1 (en) | Method for writing data by encryption and reading the data thereof | |
| CN110855429A (en) | Software key protection method based on TPM | |
| CN113868691B (en) | Authorized operation method and device of block chain based on cloud-native technology | |
| CN102081717A (en) | Method for protecting authorized software by using metadata | |
| CN113761483A (en) | Software product protection method, device and medium based on soft encryption application program | |
| EP3876119A1 (en) | Method for protecting a data in a software application | |
| US20120239714A1 (en) | Document management system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |