CN110309630B - Java code encryption method and device - Google Patents
Java code encryption method and device Download PDFInfo
- Publication number
- CN110309630B CN110309630B CN201910575200.2A CN201910575200A CN110309630B CN 110309630 B CN110309630 B CN 110309630B CN 201910575200 A CN201910575200 A CN 201910575200A CN 110309630 B CN110309630 B CN 110309630B
- Authority
- CN
- China
- Prior art keywords
- dynamic link
- link library
- file
- java
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 239000000758 substrate Substances 0.000 claims 2
- 230000006870 function Effects 0.000 description 47
- 238000010586 diagram Methods 0.000 description 9
- 238000003860 storage Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 230000007547 defect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000005336 cracking Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention provides a Java code encryption method and device, wherein the method comprises the following steps: registering a local method in the JVM; generating header files for N C programs by adopting a java command, wherein each header file is used for declaring a C function; compiling each C program into a dynamic link library file to generate M dynamic link libraries; the method comprises the steps of obtaining a dynamic link library encryption mode, encrypting each dynamic link library by using the dynamic link library encryption mode, and obtaining M encrypted dynamic link libraries; and calling a C program matched with the C function to be called in the M dynamic link libraries, and encrypting the Java class file to obtain an encrypted Java file, wherein the encrypted Java file comprises appointed encryption dynamic link library information of an appointed encryption dynamic link library, the appointed encryption dynamic link library is obtained after the appointed dynamic link library is encrypted, and the appointed dynamic link library is a dynamic link library where the C program matched with the C function to be called is located.
Description
Technical Field
The present invention relates to the field of code encryption technologies, and in particular, to a Java code encryption method and apparatus.
Background
Java has various excellent characteristics such as simplicity and cross-platform, and is widely applied to various fields of software development. The flexibility of Java cross-platform is derived from a unique compiling mode, and Java source codes are compiled to generate Java class files which are not processor-oriented binary files but virtual machine-oriented. A class file is an intermediate code with a format. A large portion of the information in the source code is retained. Code comparable to the source code can be easily obtained by decompilation. Therefore, in order to protect the security of Java code, some measure of encryption is required for Java code.
Existing security measures for Java are protected mainly in two aspects, class loader encryption and code obfuscation.
Class loader encryption:
since the Java virtual machine needs to use the object of a class loader each time a class file is loaded, this object is responsible for loading new classes into the Java virtual machine. The Java virtual machine provides a string containing the name of the class to be loaded to the class loader, which is then responsible for finding the class file and converting it into a class object.
The above mechanism can be used to rewrite class loader object, after loading data of original class file, it can be decrypted first, then converted into class object, and since the process of converting original byte code into class object is completely responsible for system, it only needs to obtain original data first, then any conversion including decryption operation can be performed.
This mechanism appears to be secure, however, since class loader classes are written in Java language, if the class loader functions are decompiled, extracting the content of the decrypted part can decrypt all already encrypted class files, since the class loader itself cannot encrypt itself.
Code confusion:
code obfuscation is the conversion of code into a format that is difficult to read, making cracking the code more complex. Typical code obfuscation involves removing debug information from all code, renaming functions and variable tables, making it difficult for third parties to derive the logic of the code from the variable function names. Advanced obfuscators then change the control flow by reconstructing existing logic and inserting non-executing pseudocode. The premise of confusion is that the validity of the bytecode is not destroyed. Nor does it alter the functionality presented. While the difficulty of reading code can be greatly increased by obfuscating the code, the original code is still available through the manipulation of the code logic.
Disclosure of Invention
The present invention aims to provide a Java code encryption method and apparatus that overcomes one of the above problems or at least partially solves any one of the above problems.
In order to achieve the above purpose, the technical scheme of the invention is specifically realized as follows:
one aspect of the present invention provides a Java code encryption method, including: registering a local method in the JVM; generating header files for N C programs by adopting a java command, wherein each header file is used for declaring a C function, each C program realizes the function declared by the respective header file, N is a first preset value, and N is more than or equal to 1 and is a natural number; compiling each C program into a dynamic link library file to generate M dynamic link libraries, wherein M is a second preset value, M is more than or equal to 1 and is a natural number; the method comprises the steps of obtaining a dynamic link library encryption mode, encrypting each dynamic link library by using the dynamic link library encryption mode, and obtaining M encrypted dynamic link libraries; and C programs matched with the C functions to be called in the M dynamic link libraries are called, the Java class file is encrypted to obtain an encrypted Java file, the encrypted Java file comprises appointed encrypted dynamic link library information of an appointed encrypted dynamic link library, the appointed encrypted dynamic link library is obtained after the appointed dynamic link library is encrypted, and the appointed dynamic link library is the dynamic link library where the C programs matched with the C functions to be called are located.
Wherein the method further comprises: acquiring an encrypted Java file, determining information of a designated encrypted dynamic link library, and loading the designated encrypted dynamic link library; obtaining a dynamic link library decryption mode, decrypting the appointed encryption dynamic link library by using the dynamic link library decryption mode, and obtaining the appointed dynamic link library; c programs matched with C functions to be called in a designated dynamic link library are obtained, and the encrypted Java file is decrypted to obtain a Java class file; and running Java class files.
The method for obtaining the encryption mode of the dynamic link library comprises the following steps: determining the encryption mode of each dynamic link library according to the offset and the file length of the Section file through the Section file of each dynamic link library; the method for obtaining the decryption mode of the dynamic link library comprises the following steps: and determining decryption modes of each dynamic link library according to the offset and the file length of the Section file through the Section file of each dynamic link library.
Another aspect of the present invention provides a Java code encrypting apparatus, including: a registration module for registering a local method in the JVM; the generating module is used for generating head files for N C programs by adopting a java command, wherein each head file is used for declaring a C function, each C program realizes the function declared by the respective head file, N is a first preset value, and N is more than or equal to 1 and is a natural number; the first compiling module is used for compiling each C program into a dynamic link library file to generate M dynamic link libraries, wherein M is a second preset value, M is more than or equal to 1 and is a natural number; the first encryption module is used for obtaining the encryption mode of the dynamic link library, and encrypting each dynamic link library by utilizing the encryption mode of the dynamic link library to obtain M encrypted dynamic link libraries; and the second encryption module is used for calling a C program matched with the C function to be called in the M dynamic link libraries and encrypting the Java class file to obtain an encrypted Java file, wherein the encrypted Java file comprises appointed encrypted dynamic link library information of an appointed encrypted dynamic link library, the appointed encrypted dynamic link library is obtained after the appointed dynamic link library is encrypted, and the appointed dynamic link library is a dynamic link library where the C program matched with the C function to be called is located.
The loading module is used for acquiring the encrypted Java file, determining the information of the appointed encrypted dynamic link library and loading the appointed encrypted dynamic link library; the first decryption module is used for obtaining a dynamic link library decryption mode, and decrypting the appointed encrypted dynamic link library by using the dynamic link library decryption mode to obtain the appointed dynamic link library; the second decryption module is used for obtaining a C program matched with the C function to be called in the appointed dynamic link library, decrypting the encrypted Java file and obtaining a Java class file; and the operation module is used for operating the Java class file.
The first encryption module acquires the encryption mode of the dynamic link library by the following modes: the first encryption module is specifically used for determining the encryption mode of each dynamic link library according to the offset and the file length of the Section file through the Section file of each dynamic link library; the first decryption module obtains a dynamic link library decryption mode by the following steps: the first decryption module is specifically configured to determine, according to the offset and the file length of the Section file, a decryption manner of each dynamic link library through the Section file of each dynamic link library.
Therefore, the Java code encryption method and device provided by the embodiment of the invention can call the program directly running on the operating system through the JNI call compiled dynamic link library, directly interact with the operating system without interacting with the bottom layer through the Java virtual machine, and solve the defect that the encryption of the JVM platform cannot completely protect the encryption method of the Java code encryption device. In addition, the dynamic link library is encrypted, so that the calling safety of the dynamic link library is ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of a Java code encryption method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of Java language and C language interaction provided by an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a Java code encryption device according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Fig. 1 shows a flowchart of a Java code encryption method provided by an embodiment of the present invention, referring to fig. 1, the Java code encryption method provided by the embodiment of the present invention includes:
s1, registering a local method in a JVM;
specifically, the invention needs to register a local method on a JVM (Java Virtual Machine ) platform in advance, and the encryption method is just inside the local method, so that the encryption method inside the ByteCode encrypter dynamic library is realized. Therefore, the compiled dynamic link library can be called through JNI (Java Native Interface), and the Java code encryption method provided by the embodiment of the invention is realized. Among them, starting from JDK1.1, the JNI standard becomes part of the Java platform, which allows Java code to interact with code written in other languages. The interactions of Java with other languages are shown in fig. 2.
S2, generating head files for N C programs by adopting a java command, wherein each head file is used for declaring a C function, each C program realizes the function declared by the respective head file, N is a first preset value, and N is more than or equal to 1 and is a natural number.
Specifically, a header file is generated for the C program using the java command. The C-function to be implemented will be declared in the automatically generated header file. The C function to be called may be declared in Java in advance so that the C function to be called may be loaded into a local dynamic link library file. Of course, in the embodiment of the present invention, the C functions to be called may include one or more C functions, so that a header file may be generated for only one C program, and only a function implemented by the C program may be called each time of calling, or header files may be generated for multiple C programs, so that different C programs may be distinguished according to the header files, and different functions may be called under different conditions to implement different functions.
In practical application, java-jni com. And then writing a source file to realize the function of the header file declaration.
S3, compiling each C program into a dynamic link library file to generate M dynamic link libraries, wherein M is a second preset value, M is more than or equal to 1 and is a natural number.
Specifically, when there is one C program, only one dynamic link library is generated, and when there is a plurality of C programs, only one dynamic link library may be generated, or a plurality of dynamic link libraries may be generated as needed, which may be set as needed in practical applications.
In practical application, cl can be used for compiling to generate a dynamic link library, and some header files required for compiling are not specified by the dynamic link library. The dynamic link library in the Windows environment is dll file, the dynamic link library in the Linux environment is so file, and the Java is usually operated in the Linux environment, so the actual application of the following steps can be illustrated by taking the so file as an example.
S4, obtaining a dynamic link library encryption mode, and encrypting each dynamic link library by using the dynamic link library encryption mode to obtain M encrypted dynamic link libraries;
s5, calling a C program matched with a C function to be called in the M dynamic link libraries, and encrypting the Java class file to obtain an encrypted Java file, wherein the encrypted Java file comprises appointed encryption dynamic link library information of an appointed encryption dynamic link library, the appointed encryption dynamic link library is obtained after the appointed dynamic link library is encrypted, and the appointed dynamic link library is a dynamic link library where the C program matched with the C function to be called is located.
Specifically, java is used to encrypt the jar packet to be published, and the jar packet after encryption is obtained. Thus completing the encryption of the Java class file.
As an alternative implementation of the embodiment of the present invention, before step S5 is performed, java class files may be compiled using Java commands. It is also possible to determine the C-function to be called first, and then compile the Java class file using the Java command. This can be set according to the actual need in the present invention.
As an optional implementation manner of the embodiment of the present invention, the Java code encryption method provided by the embodiment of the present invention further includes: acquiring an encrypted Java file, determining information of a designated encrypted dynamic link library, and loading the designated encrypted dynamic link library; obtaining a dynamic link library decryption mode, decrypting the appointed encryption dynamic link library by using the dynamic link library decryption mode, and obtaining the appointed dynamic link library; c programs matched with C functions to be called in a designated dynamic link library are obtained, and the encrypted Java file is decrypted to obtain a Java class file; and running Java class files.
Specifically, when running Java class files, it is necessary to decrypt the encrypted Java files. In practical application, running jar package needs to specify the dependent dynamic library, and the entry (class where the main method is) of jar package can be used in an Agent mode, namely, the local library of the Agent is specified through-agentlib and-agentpath, and then the dynamic library is loaded when Java is started. This time can be seen as the time of the JVM start-up instead of the Java layer program start-up time.
After opening the encrypted jar packet by a decompilation tool, the source code in the class file cannot be displayed normally.
When running, java calls an external ByteCode encrypter decryption function through the JNI. All encryption and decryption functions are placed in the so file. The So file is a binary file that can be seen by the UltraEdit open as a binary file with a header field of ELF. The so file can be seen by disassembling the assembled code through IDAPro, and the risk of being broken exists. Therefore, the invention strengthens the Section encryption in the so file aiming at the structure of the so file.
As an optional implementation manner of the embodiment of the present invention, the obtaining the encryption manner of the dynamic link library includes: determining the encryption mode of each dynamic link library according to the offset and the file length of the Section file through the Section file of each dynamic link library; the method for obtaining the decryption mode of the dynamic link library comprises the following steps: and determining decryption modes of each dynamic link library according to the offset and the file length of the Section file through the Section file of each dynamic link library. In this way, the security of encryption and decryption can be improved.
The practical application scheme is as follows:
the Section is header information of the ELF file, and the modification of the Section information can play a role in protecting the so file. Only the base and size of a Section need be found to encrypt the Section.
Wherein __ attribute __ (limiter); it is a method that is executed prior to main method, similar to the constructor in Java, so it is sufficient to define a decrypted function as a key point of the decrypted function and then declare with this attribute.
First, a simple native code is written, and the decrypted function is placed in the code:
1. defining the native function of the core in a section, including the attribute: __ attribute __ (section (". Mytext")); wherein mytext is defined section.
2. Writing a decryption function, and using the attribute: __ attribute __; statement.
Whereby native programs can contain two important functions.
3. And compiling into a so file by using ndk.
Second, writing an encryption program: the starting address and size of the mytext segment are found by parsing the so file:
finding all sections, then obtaining the name field, then combining with the String Section, traversing to find a mytext field, and after finding the mytext Section, encrypting and finally writing into a file.
Thirdly, acquiring a start address of so, and acquiring an offset value and a size of a specified Section. The code can be specifically referred to as the following code, whereby the offset value and the size of the Section can be obtained. The text_addr is a start address+offset value, that is, an absolute address of a section in the memory, and nsize is the number of pages occupied by the section.
The start address of the// get so
base=getLibAddr();
Obtaining/obtaining offset value and size of specified section
ehdr=(Elf32_Ehdr*)base;
text_addr=ehdr->e_shoff+base;
nblock=ehdr->e_entry>>16;
nsize=ehdr->e_entry&0xffff;
Fourth, the memory operation authority of the Section is modified, the Section content in the memory is read, then decryption is carried out, and the memory authority is modified back, so that the encryption process of the Section is completed.
Therefore, the Java code encryption method provided by the embodiment of the invention utilizes the characteristics of the JVM platform, utilizes C++ to write an encryption and decryption Java algorithm to form a dynamic link library, and invokes the compiled dynamic link library through the JNI, so that a Java program can invoke the program directly running on an operating system to interact with the operating system directly without interacting with a bottom layer through a Java virtual machine, and the defect that the encryption of the JVM platform cannot completely protect the encryption method of the Java code encryption method is overcome. In addition, the dynamic link library is encrypted, so that the calling safety of the dynamic link library is ensured.
Meanwhile, the JNI is used as a hook, and a hook function (dynamic link library) is operated before the main function is started to decode the program correspondingly.
In addition, the layer of the dynamic link library is encrypted, and the offset and the file length of the Section are found through the Section file of the dynamic link library (so file) to carry out corresponding encryption and decryption measures.
Fig. 3 is a schematic structural diagram of a Java code encryption device according to an embodiment of the present invention, and the structure of the Java code encryption device is briefly described below for application to the above-mentioned Java code encryption method, and other details are not repeated herein, referring to the related description of the above-mentioned Java code encryption method. Referring to fig. 3, a Java code encrypting apparatus provided by an embodiment of the present invention includes:
a registration module for registering a local method in the JVM;
the generating module is used for generating head files for N C programs by adopting a java command, wherein each head file is used for declaring a C function, each C program realizes the function declared by the respective head file, N is a first preset value, and N is more than or equal to 1 and is a natural number;
the compiling module is used for compiling each C program into a dynamic link library file to generate M dynamic link libraries, wherein M is a second preset value, M is more than or equal to 1 and is a natural number;
the first encryption module is used for obtaining the encryption mode of the dynamic link library, and encrypting each dynamic link library by utilizing the encryption mode of the dynamic link library to obtain M encrypted dynamic link libraries;
and the second encryption module is used for calling a C program matched with the C function to be called in the M dynamic link libraries and encrypting the Java class file to obtain an encrypted Java file, wherein the encrypted Java file comprises appointed encrypted dynamic link library information of an appointed encrypted dynamic link library, the appointed encrypted dynamic link library is obtained after the appointed dynamic link library is encrypted, and the appointed dynamic link library is a dynamic link library where the C program matched with the C function to be called is located.
As an optional implementation manner of the embodiment of the present invention, the Java code encrypting apparatus provided by the embodiment of the present invention further includes: the loading module is used for acquiring the encrypted Java file, determining the information of the appointed encrypted dynamic link library and loading the appointed encrypted dynamic link library; the first decryption module is used for obtaining a dynamic link library decryption mode, and decrypting the appointed encrypted dynamic link library by using the dynamic link library decryption mode to obtain the appointed dynamic link library; the second decryption module is used for obtaining a C program matched with the C function to be called in the appointed dynamic link library, decrypting the encrypted Java file and obtaining a Java class file; and the operation module is used for operating the Java class file.
As an optional implementation manner of the embodiment of the present invention, the first encryption module obtains the encryption manner of the dynamic link library by: the first encryption module is specifically used for determining the encryption mode of each dynamic link library according to the offset and the file length of the Section file through the Section file of each dynamic link library; the first decryption module obtains a dynamic link library decryption mode by the following steps: the first decryption module is specifically configured to determine, according to the offset and the file length of the Section file, a decryption manner of each dynamic link library through the Section file of each dynamic link library.
Therefore, the Java code encryption device provided by the embodiment of the invention utilizes the characteristics of the JVM platform, utilizes C++ to write an encryption and decryption Java algorithm to form a dynamic link library, and invokes the compiled dynamic link library through the JNI, so that a Java program can invoke the program directly running on an operating system to interact with the operating system directly without interacting with a bottom layer through a Java virtual machine, and the defect that the encryption of the JVM platform cannot completely protect an encryption method of the Java code encryption device is overcome. In addition, the dynamic link library is encrypted, so that the calling safety of the dynamic link library is ensured.
Meanwhile, the JNI is used as a hook, and a hook function (dynamic link library) is operated before the main function is started to decode the program correspondingly.
In addition, the layer of the dynamic link library is encrypted, and the offset and the file length of the Section are found through the Section file of the dynamic link library (so file) to carry out corresponding encryption and decryption measures.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, etc., such as Read Only Memory (ROM) or flash memory (flashRAM). Memory is an example of a computer-readable medium.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.
Claims (6)
1. A Java code encryption method, comprising:
registering a local method in the JVM;
generating header files for N C programs by adopting a java command, wherein each header file is used for declaring a C function, each C program realizes the function declared by the respective header file, N is a first preset value, N is more than or equal to 1 and is a natural number;
compiling each C program into a dynamic link library file to generate M dynamic link libraries, wherein M is a second preset value, M is more than or equal to 1 and is a natural number;
obtaining a dynamic link library encryption mode, and encrypting each dynamic link library by using the dynamic link library encryption mode to obtain M encrypted dynamic link libraries;
and calling a C program matched with a C function to be called in the M dynamic link libraries, and encrypting the Java class file to obtain an encrypted Java file, wherein the encrypted Java file comprises appointed encryption dynamic link library information of an appointed encryption dynamic link library, the appointed encryption dynamic link library is obtained after the appointed dynamic link library is encrypted, and the appointed dynamic link library is a dynamic link library where the C program matched with the C function to be called is located.
2. The method of claim 1, wherein the step of determining the position of the substrate comprises,
acquiring the encrypted Java file, determining the information of the appointed encrypted dynamic link library, and loading the appointed encrypted dynamic link library;
obtaining a dynamic link library decryption mode, and decrypting the appointed encrypted dynamic link library by using the dynamic link library decryption mode to obtain an appointed dynamic link library;
acquiring a C program matched with the C function to be called in the appointed dynamic link library, decrypting the encrypted Java file to obtain the Java class file;
and running the Java class file.
3. The method of claim 2, wherein the step of determining the position of the substrate comprises,
the method for obtaining the dynamic link library encryption mode comprises the following steps: determining the encryption mode of each dynamic link library according to the offset and the file length of the Section file through the Section file of each dynamic link library;
the method for obtaining the dynamic link library decryption mode comprises the following steps: and determining decryption modes of the dynamic link libraries according to the offset and the file length of the Section files through the Section files of the dynamic link libraries.
4. A Java code encryption apparatus, comprising:
a registration module for registering a local method in the JVM;
the generating module is used for generating head files for N C programs by adopting a java command, wherein each head file is used for declaring a C function, each C program realizes the function declared by the respective head file, N is a first preset value, N is more than or equal to 1 and is a natural number;
the compiling module is used for compiling each C program into a dynamic link library file to generate M dynamic link libraries, wherein M is a second preset value, M is more than or equal to 1 and is a natural number;
the first encryption module is used for obtaining the encryption mode of the dynamic link library, and encrypting each dynamic link library by utilizing the encryption mode of the dynamic link library to obtain M encrypted dynamic link libraries;
and the second encryption module is used for calling a C program matched with a C function to be called in the M dynamic link libraries and encrypting the Java class file to obtain an encrypted Java file, wherein the encrypted Java file comprises appointed encryption dynamic link library information of an appointed encryption dynamic link library, the appointed encryption dynamic link library is obtained after the appointed dynamic link library is encrypted, and the appointed dynamic link library is a dynamic link library where the C program matched with the C function to be called is located.
5. The apparatus of claim 4, wherein the device comprises a plurality of sensors,
the loading module is used for acquiring the encrypted Java file, determining the information of the appointed encrypted dynamic link library and loading the appointed encrypted dynamic link library;
the first decryption module is used for obtaining a dynamic link library decryption mode, and decrypting the appointed encrypted dynamic link library by using the dynamic link library decryption mode to obtain an appointed dynamic link library;
the second decryption module is used for obtaining a C program matched with the C function to be called in the appointed dynamic link library, decrypting the encrypted Java file and obtaining the Java file;
and the operation module is used for operating the Java class file.
6. The apparatus of claim 5, wherein the device comprises a plurality of sensors,
the first encryption module acquires the encryption mode of the dynamic link library by the following modes: the first encryption module is specifically configured to determine, according to a Section file of each dynamic link library, an encryption manner of each dynamic link library according to an offset and a file length of the Section file;
the first decryption module obtains a dynamic link library decryption mode by the following steps: the first decryption module is specifically configured to determine, according to the offset and the file length of the Section file, a decryption manner of each dynamic link library through the Section file of each dynamic link library.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910575200.2A CN110309630B (en) | 2019-06-28 | 2019-06-28 | Java code encryption method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910575200.2A CN110309630B (en) | 2019-06-28 | 2019-06-28 | Java code encryption method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110309630A CN110309630A (en) | 2019-10-08 |
| CN110309630B true CN110309630B (en) | 2023-05-30 |
Family
ID=68077973
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910575200.2A Active CN110309630B (en) | 2019-06-28 | 2019-06-28 | Java code encryption method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110309630B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111078224A (en) * | 2019-10-12 | 2020-04-28 | 中国平安人寿保险股份有限公司 | Software package file data processing method and device, computer equipment and storage medium |
| CN111078323A (en) * | 2019-10-12 | 2020-04-28 | 平安科技(深圳)有限公司 | Coroutine-based data processing method and device, computer equipment and storage medium |
| CN111966427B (en) * | 2020-08-17 | 2022-06-21 | 四川长虹电器股份有限公司 | Implementation method for calling Java API (Java application program interface) by Android native |
| CN112395564A (en) * | 2020-11-17 | 2021-02-23 | 平安普惠企业管理有限公司 | Protection and operation method, device, equipment and storage medium of class file |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20010110992A (en) * | 2000-06-08 | 2001-12-15 | 포만 제프리 엘 | Method and graphical user interface for allowing independent devices to work together as a single token interface |
| KR20040048246A (en) * | 2002-12-02 | 2004-06-07 | 삼성전자주식회사 | A java execution device and a java execution method |
| CN103413075A (en) * | 2013-07-10 | 2013-11-27 | 北京深思数盾科技有限公司 | Method and device for protecting JAVA executable program through virtual machine |
| WO2015058620A1 (en) * | 2013-10-25 | 2015-04-30 | Tencent Technology (Shenzhen) Company Limited | Method and apparatus for generating installation package corresponding to an application and executing application |
| CN106650341A (en) * | 2016-11-18 | 2017-05-10 | 湖南鼎源蓝剑信息科技有限公司 | Android application reinforcement method based on the process confusion technology |
| CN109460640A (en) * | 2018-11-13 | 2019-03-12 | 杭州涂鸦信息技术有限公司 | A kind of java applet guard method, device, equipment and readable storage medium storing program for executing |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103218549B (en) * | 2012-01-19 | 2015-11-25 | 阿里巴巴集团控股有限公司 | A kind of method of Java source code encryption and decryption and device |
| CN102708322B (en) * | 2012-05-12 | 2016-02-24 | 北京深思数盾科技有限公司 | The guard method of JAVA application program in Android system |
| KR101471589B1 (en) * | 2013-08-22 | 2014-12-10 | (주)잉카엔트웍스 | Method for Providing Security for Common Intermediate Language Program |
| CN103902859A (en) * | 2013-12-25 | 2014-07-02 | 武汉安天信息技术有限责任公司 | Code protecting method and system based on hook technology in JAVA |
| US10073972B2 (en) * | 2014-10-25 | 2018-09-11 | Mcafee, Llc | Computing platform security methods and apparatus |
| CN105426777B (en) * | 2015-11-17 | 2018-09-21 | 中科创达软件股份有限公司 | A kind of dynamic link library file encryption and decryption method and device |
| CN107291485B (en) * | 2016-04-11 | 2021-01-26 | 北京京东尚科信息技术有限公司 | Dynamic link library reinforcing method, operation method, reinforcing device and safety system |
| CN107992723A (en) * | 2017-11-29 | 2018-05-04 | 南京莱斯信息技术股份有限公司 | A kind of Java protection of source codes methods based on dynamic link library |
| CN108133147B (en) * | 2017-12-20 | 2023-12-22 | 中兴通讯股份有限公司 | Method and device for protecting executable code and readable storage medium |
-
2019
- 2019-06-28 CN CN201910575200.2A patent/CN110309630B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20010110992A (en) * | 2000-06-08 | 2001-12-15 | 포만 제프리 엘 | Method and graphical user interface for allowing independent devices to work together as a single token interface |
| KR20040048246A (en) * | 2002-12-02 | 2004-06-07 | 삼성전자주식회사 | A java execution device and a java execution method |
| CN103413075A (en) * | 2013-07-10 | 2013-11-27 | 北京深思数盾科技有限公司 | Method and device for protecting JAVA executable program through virtual machine |
| WO2015058620A1 (en) * | 2013-10-25 | 2015-04-30 | Tencent Technology (Shenzhen) Company Limited | Method and apparatus for generating installation package corresponding to an application and executing application |
| CN106650341A (en) * | 2016-11-18 | 2017-05-10 | 湖南鼎源蓝剑信息科技有限公司 | Android application reinforcement method based on the process confusion technology |
| CN109460640A (en) * | 2018-11-13 | 2019-03-12 | 杭州涂鸦信息技术有限公司 | A kind of java applet guard method, device, equipment and readable storage medium storing program for executing |
Non-Patent Citations (1)
| Title |
|---|
| 于庆.基于动态解密技术的Java_Web源代码保护研究.《中国博士硕士论文全文数据库》.2018,全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110309630A (en) | 2019-10-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110309630B (en) | Java code encryption method and device | |
| CN108229112B (en) | Protection application program, and running method and device of application program | |
| TWI530874B (en) | Method and apparatus for generating application installation packages and running applications | |
| CN102043932B (en) | Method for preventing Java program from being decompiled | |
| JP4688805B2 (en) | Processor control with code obfuscation and emulation | |
| CN100419626C (en) | Execution device | |
| US20160203087A1 (en) | Method for providing security for common intermediate language-based program | |
| CN109062582B (en) | Encryption method and device for application installation package | |
| WO2021217980A1 (en) | Java code packing method and system | |
| EP1376310A2 (en) | Secure and opaque type library providing secure data protection of variables | |
| CN106203006A (en) | Android application reinforcement means based on dex Yu so file Dynamic Execution | |
| CN109784007B (en) | Byte code encryption method, byte code decryption method and terminal | |
| US20020138748A1 (en) | Code checksums for relocatable code | |
| KR20080005493A (en) | Software protection | |
| CN109598107B (en) | Code conversion method and device based on application installation package file | |
| CN105022936A (en) | Class file encryption and decryption method and class file encryption and decryption device | |
| CN106663025A (en) | Method, apparatus, and computer-readable medium for obfuscating execution of application on virtual machine | |
| WO2011134207A1 (en) | Method for protecting software | |
| CN107871066B (en) | Code compiling method and device based on android system | |
| CN114692134A (en) | System and method for protecting codes and data based on linux kernel process monitoring | |
| CN110597496B (en) | Method and device for acquiring bytecode file of application program | |
| KR101749209B1 (en) | Method and apparatus for hiding information of application, and method and apparatus for executing application | |
| KR101863325B1 (en) | Method and apparatus for preventing reverse engineering | |
| CN115525902A (en) | Method and device for protecting source code of resource package | |
| CN113220314B (en) | APP resource loading and APK generation method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |