CN113553553A

CN113553553A - Decompilation prevention method and device, computer equipment and storage medium

Info

Publication number: CN113553553A
Application number: CN202110845636.6A
Authority: CN
Inventors: 李一凡
Original assignee: Ping An Consumer Finance Co Ltd
Current assignee: Ping An Consumer Finance Co Ltd
Priority date: 2021-07-26
Filing date: 2021-07-26
Publication date: 2021-10-26

Abstract

The embodiment of the application belongs to the field of information security, and relates to a method for preventing decompilation, which comprises the steps of extracting all files to be encrypted, acquiring an encryption key from a key management center, storing the encryption key into a preset configuration file, traversing all the files to be encrypted, sequentially encrypting the files to be encrypted by using the encryption key through an encryption algorithm, emptying a method body in the encrypted files to obtain a target file, packaging the configuration file into an encrypted encryption package by using a compression tool, decompressing the encryption package to obtain the configuration file, reading the encryption key in the configuration file, obtaining a decryption key according to the encryption key, and finally decrypting the target file by using the decryption key. The application also provides a decompilation prevention device, computer equipment and a storage medium. In addition, the application also relates to a block chain technology, and the files to be encrypted can be stored in the block chain. The method and the device can improve cracking difficulty and improve the effect of preventing decompilation.

Description

Decompilation prevention method and device, computer equipment and storage medium

Technical Field

The present application relates to the field of information security cryptography, and in particular, to a method and an apparatus for preventing decompilation, a computer device, and a storage medium.

Background

Java is a cross-platform and interpreted language, IDEA is a Java integrated development tool, a Java source code is compiled into a Java Class file through IDEA, the Java Class file is packaged into a jar package or a war package, and then a Java virtual machine is responsible for interpreting and executing the Java Class file. Different from local object codes, the method is easier to decompile the Java Class file, can generate high-quality source codes from the Java Class file through various Java decompiling tools, is easy to steal core codes, and particularly relates to industrial software with strong confidentiality, and can cause internal confidentiality to be leaked.

Disclosure of Invention

An object of the embodiments of the present application is to provide a method and an apparatus for preventing decompilation, a computer device, and a storage medium, so as to solve the technical problem in the related art that a source code is easily cracked through decompilation, so that a core code is easily stolen, and thus a secret is leaked.

In order to solve the above technical problem, an embodiment of the present application provides a method for preventing decompilation, which adopts the following technical solutions:

extracting all files to be encrypted which need to be encrypted;

acquiring an encryption key from a key management center, and storing the encryption key in a preset configuration file;

traversing all the files to be encrypted, sequentially encrypting the files to be encrypted by using the encryption key through an encryption algorithm, and emptying a method body in the encrypted files to be encrypted to obtain a target file;

packaging the configuration file into an encrypted encryption package using a compression tool;

decompressing the encrypted packet to obtain the configuration file, reading the encryption key in the configuration file, and obtaining a decryption key according to the encryption key;

and decrypting the target class file by using the decryption key, and loading the decrypted target class file to a virtual machine for running.

Further, the step of extracting all files to be encrypted that need to be encrypted includes:

traversing all the class files to obtain an absolute path of each class file;

obtaining a relative path of each class file according to the absolute path;

and eliminating class files which do not need to be encrypted according to the relative path to obtain the class files to be encrypted.

Further, the step of obtaining the encryption key from the key management center includes:

determining whether a specified encryption password exists;

when a specified encryption password exists, acquiring the specified encryption password from the key management center, and taking the specified encryption password as an encryption key;

when the encryption password is not specified, the encryption key randomly generated by the key management center is acquired.

Further, after the step of obtaining an encryption key from a key management center and saving the encryption key in a preset configuration file, the method further includes:

determining whether a machine code exists;

and when a machine code exists, acquiring the machine code, and storing the machine code in a preset configuration file.

Further, the step of clearing the method body in the encrypted class file to obtain the target class file comprises:

and deleting the method body in the class file to be encrypted by reading the file stream of the class file to be encrypted and rewriting the class file to be encrypted according to the file stream.

Further, the step of reading the encryption key in the configuration file comprises:

reading a specified encryption password field of the configuration file;

when the appointed encryption password field is empty, reading the non-appointed encryption password field of the configuration file, and acquiring the encryption key randomly generated by the key management center;

and when the specified encryption password field is not empty, reading the corresponding specified encryption password.

Further, before the step of reading the specified encryption password field of the configuration file, the method further comprises:

determining whether a machine code is in the configuration file;

and when a machine code exists, judging whether the machine code is matched with the machine code of the local machine, if so, acquiring the machine code, and if not, prompting and exiting.

In order to solve the above technical problem, an embodiment of the present application further provides an apparatus for preventing decompilation, which adopts the following technical solutions:

the extraction module is used for extracting all files to be encrypted which need to be encrypted;

the acquisition module is used for acquiring an encryption key from a key management center and storing the encryption key into a preset configuration file;

the encryption module is used for traversing all the files to be encrypted, sequentially encrypting the files to be encrypted by using the encryption key through an encryption algorithm, and emptying a method body in the encrypted files to be encrypted to obtain a target file;

a compression module for packaging the configuration file into an encrypted encryption package using a compression tool;

the decompression module is used for decompressing the encrypted packet to obtain the configuration file, reading the encrypted key in the configuration file and obtaining a decryption key according to the encrypted key;

and the decryption module is used for decrypting the target class file by using the decryption key and loading the decrypted target class file to a virtual machine for running.

In order to solve the above technical problem, an embodiment of the present application further provides a computer device, which adopts the following technical solutions:

the computer device comprises a memory having computer readable instructions stored therein and a processor implementing the steps of the decompilation prevention method as described above when executing the computer readable instructions.

In order to solve the above technical problem, an embodiment of the present application further provides a computer-readable storage medium, which adopts the following technical solutions:

the computer readable storage medium has stored thereon computer readable instructions which, when executed by a processor, implement the steps of the decompilation prevention method as described above.

Compared with the prior art, the embodiment of the application mainly has the following beneficial effects:

extracting all files to be encrypted, acquiring an encryption key from a key management center, storing the encryption key in a preset configuration file, traversing all the files to be encrypted, sequentially encrypting the files to be encrypted by using the encryption key through an encryption algorithm, emptying a method body in the encrypted files to be encrypted to obtain a target file, packaging the configuration file into an encrypted encryption package by using a compression tool, decompressing the encryption package to obtain the configuration file, reading the encryption key in the configuration file, obtaining a decryption key according to the encryption key, finally decrypting the target file by using the decryption key, and loading the decrypted target file into a virtual machine for operation; according to the method and the device, the configuration file is stored through the encryption key, the configuration file is packaged into the encrypted encryption package, the configuration file can be encrypted, meanwhile, the method body in the encrypted class file is emptied, the source file can be prevented from being obtained through decompiling, the cracking difficulty is improved, and the decompiling prevention effect is improved.

Drawings

In order to more clearly illustrate the solution of the present application, the drawings needed for describing the embodiments of the present application will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and that other drawings can be obtained by those skilled in the art without inventive effort.

FIG. 1 is an exemplary system architecture diagram in which the present application may be applied;

FIG. 2 is a flow diagram of one embodiment of a method of preventing decompilation according to the present application;

FIG. 3 is a flowchart of one embodiment of step S201 in FIG. 2;

FIG. 4 is a block diagram of one embodiment of an apparatus for preventing decompilation according to the present application;

FIG. 5 is a schematic block diagram of one embodiment of a computer device according to the present application.

Detailed Description

Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs; the terminology used in the description of the application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "including" and "having," and any variations thereof, in the description and claims of this application and the description of the above figures are intended to cover non-exclusive inclusions. The terms "first," "second," and the like in the description and claims of this application or in the above-described drawings are used for distinguishing between different objects and not for describing a particular order.

Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.

In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings.

In order to solve the problem that secret leakage is caused by easily cracking source code through decompilation in the related art, the application provides a decompilation prevention method, which can be applied to a system architecture 100 shown in fig. 1, where the system architecture 100 can include

terminal devices

101, 102, and 103, a network 104, and a server 105. The network 104 serves as a medium for providing communication links between the

terminal devices

101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.

The user may use the

terminal devices

101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The

terminal devices

101, 102, 103 may have various communication client applications installed thereon, such as a web browser application, a shopping application, a search application, an instant messaging tool, a mailbox client, social platform software, and the like.

The

terminal devices

101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, e-book readers, MP3 players (Moving Picture Experts Group Audio Layer III, mpeg compression standard Audio Layer 3), MP4 players (Moving Picture Experts Group Audio Layer IV, mpeg compression standard Audio Layer 4), laptop portable computers, desktop computers, and the like.

The server 105 may be a server providing various services, such as a background server providing support for pages displayed on the

terminal devices

101, 102, 103.

It should be noted that the decompilation prevention method provided in the embodiments of the present application is generally executed by a terminal device, and accordingly, the decompilation prevention apparatus is generally disposed in the terminal device.

It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.

With continuing reference to FIG. 2, a flow diagram of one embodiment of a method of preventing decompilation according to the present application is shown, including the steps of:

in step S201, all files to be encrypted that need to be encrypted are extracted.

The Class file is a Class file, which is called a Java Class file, and the Class file can be analyzed after a Java program is compiled in a design and development stage or before an application including the Class file is published, that is, when the Class file is obtained, the Class file needs to be encrypted, that is, the Class file needs to be protected is a Java program which is obtained after a Java compiling tool compiles a Java source code, and a Java virtual machine is responsible for interpreting and executing the Java Class file. A Class file is a set of binary streams in units of 8-bit bytes, with individual data items arranged compactly in strict order within the Class file, without any separator added in between. According to the specification of the Java virtual machine, the Class file structure adopts a pseudo structure similar to a C language structure to store data.

In this embodiment, before the class file to be encrypted is extracted, the initial encryption parameters are preconfigured through the user operation interface, where the initial encryption parameters include a local file path of the encryption packet, whether machine code encryption needs to be selected, whether an encryption password needs to be specified, and a relative path of the class file not to be encrypted. Wherein the machine code and the encryption key are used for encryption.

When the user operation interface is used for configuring whether the encryption password needs to be specified, if yes, a bullet frame prompt is given, the encryption password is input in the bullet frame, and the encryption password is the specified encryption password.

It should be understood that the relative path refers to the boot path of the relative JVM (Java Virtual Machine). For example: assuming that a java source File, example, java, enters the D-packing directory through a command line window under the D-packing directory, then compiles the File with "java example. java", and after compiling is error-free, automatically generates an "example. class" File under the D-packing directory, and calls "java example" to run the program, at this time, jvm has been started, and this jvm is started under the D-packing directory, so that the relative path of the File class in the loaded program of jvm is relative to this path, namely D-packing directory D: \.

It should be emphasized that, in order to further ensure the privacy and security of the class file to be encrypted, the class file to be encrypted may also be stored in a node of a block chain.

The block chain referred by the application is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.

In this embodiment, the method for extracting all files to be encrypted that need to be encrypted is shown in fig. 3, which specifically includes the following steps:

step S301, traversing all class files to obtain an absolute path of each class file.

An absolute path is a real path of a file or directory on a home page on a hard disk, and is a path directly reaching a target location, usually starting from a drive letter.

The class files are generally packaged into a jar file of the packaged file, the package names of the class files are obtained according to the class names of the class files, the absolute paths of the packages corresponding to the package names are obtained through a class loader according to the package names, and the absolute paths of the class files are obtained by searching in the current packages through getResource.

Step S302, obtaining the relative path of each class file according to the absolute path.

The relative path is a path relative to the current file, and the corresponding relative path can be obtained according to the absolute path of the class file.

And step S303, eliminating the class files which do not need to be encrypted according to the relative path to obtain the class files to be encrypted.

In this embodiment, a relative path for specifying class files that do not need to be encrypted is configured in advance, and the class files that do not need to be encrypted are excluded according to the relative path, so that the target class files that need to be encrypted can be obtained.

According to the method and the device, the relative path of the class file is obtained through the absolute path of the class file, the class file which does not need to be encrypted is eliminated according to the relative path, and the obtaining efficiency of the class file to be encrypted can be improved.

Step S202, obtaining the encryption key from the key management center, and saving the encryption key in a preset configuration file.

The key management center is an important component of a public key infrastructure and is responsible for providing key services such as key generation, storage, backup, update, recovery, query and the like for the information security system so as to solve the key management problem brought by large-scale cryptographic technology application in a distributed enterprise application environment. In this embodiment, the key management center is used to store the encryption key specified by the user, and when the user does not specify the encryption key, the key management center can be used to generate the encryption key.

In some optional implementations of this embodiment, the method for obtaining the encryption key from the key management center specifically includes:

determining whether a specified encryption password exists;

when a specified encryption password exists, obtaining the specified encryption password from the key management center, and taking the specified encryption password as an encryption key;

when the encryption password is not specified, an encryption key randomly generated by the key management center is acquired.

Before a file to be encrypted is extracted, whether an appointed encryption password is required or not is appointed through participation and appointing in advance, a regular expression can be adopted to obtain an initial encryption parameter which is arranged in advance, whether the appointed encryption password is required or not is determined based on the initial encryption parameter, if the encryption password is appointed, a client sends a request for obtaining the appointed encryption password to a key management center, and the key management center returns the appointed encryption password to the client; if no encryption password is specified, the encryption key is randomly generated by a key management center, and a 32-bit encryption key can be randomly scrambled according to 26 English letters, 10 numbers and special symbols.

According to the embodiment, the encryption key is obtained by referring to the initial encryption parameter which is specified to be configured in advance, so that the encryption key is more convenient and faster to obtain.

In some optional implementations of this embodiment, after the step of obtaining the encryption key from the key management center, the following steps may be further performed:

determining whether a machine code exists;

and when the machine code exists, the machine code is obtained and is stored in a preset configuration file.

Specifically, the machine code refers to a machine instruction code, which is a set of binary numbers used to direct operations and operand addresses that the computer should perform.

In this embodiment, the initial encryption parameter is obtained by referring to and specifying the preconfigured initial encryption parameter including whether machine code encryption needs to be selected, determining whether machine code encryption needs to be selected, if machine code encryption needs to be selected, obtaining a CPU (Central Processing Unit) serial number, a mac Address (Media Access Control Address) and a hard disk serial number, and obtaining the machine code according to three codes of the CPU serial number, the mac Address and the hard disk serial number.

It should be noted that, the encryption key and the machine code may be encrypted by using an encryption algorithm, so that the encryption key and the machine code are prevented from being acquired, and the security of the data is further ensured.

Common encryption algorithms include:

AES (Advanced Encryption Standard) Encryption algorithm: the AES encryption algorithm is an advanced encryption standard in cryptography, the encryption algorithm adopts a symmetric block cipher system, the minimum support of the key length is 128, 192 and 256, the block length is 128 bits, and the algorithm is easy to realize by various hardware and software.

RSA encryption algorithm: the RSA encryption algorithm is currently the most influential public key encryption algorithm. The RSA encryption algorithm is a public key cryptosystem, and uses different encryption keys and decryption keys, where the encryption key is public information, i.e. the encryption key is a public key, and the decryption key needs to be kept secret, and both the encryption algorithm and the decryption algorithm are public, and although the decryption key is determined by the public key, the decryption key cannot be calculated according to the public key.

MD5(message-digest algorithm 5) encryption algorithm: the MD5 encryption algorithm is a hash algorithm, which is a widely used hash function in the field of computer security to provide integrity protection for messages. A brief description of the MD5 encryption algorithm may be: MD5 processes incoming information in 512-bit packets, each of which is divided into 16 32-bit sub-packets, and after a series of processing, the output of the algorithm consists of four 32-bit packets, which are concatenated to produce a 128-bit hash value.

In this embodiment, the MD5 encryption algorithm may be used to encrypt the encryption key and the machine code to obtain an encrypted encryption key and an encrypted machine code.

Step S203, traversing all the files to be encrypted, sequentially encrypting the files to be encrypted by using the encryption key through the encryption algorithm, and clearing the method body in the encrypted files to be encrypted to obtain the target files.

Specifically, all files to be encrypted are traversed, one encryption algorithm is randomly selected from a preset encryption algorithm pool, and the selected encryption algorithm is used for sequentially encrypting the files to be encrypted by using the encryption key.

The preset encryption algorithm pool comprises a plurality of different encryption algorithms, and when the Class file is encrypted, the Class file is encrypted based on the randomly selected encryption algorithm, so that the cracking cost is further increased, and the effect of preventing the Class file from being decompiled is improved.

In some optional implementation manners, when machine code encryption is configured in advance, the machine code is used through an encryption algorithm to perform secondary encryption on the to-be-encrypted file encrypted by using the encryption key.

Similarly, the encryption algorithm is randomly selected from a preset encryption algorithm pool.

In this embodiment, the method for obtaining the target class file by clearing the method body in the encrypted class file is specifically as follows:

The encrypted source file is not needed, and the encrypted file can be operated only, specifically, a file stream is read, each file to be encrypted is traversed through the file stream, the file to be encrypted is rewritten, and codes corresponding to the method body in the file to be encrypted are deleted when the file to be encrypted is rewritten.

In this embodiment, the purpose of the emptying method is to prevent the source file corresponding to the encrypted class file from being acquired again, so as to further improve the difficulty of decompiling.

Step S204, packing the configuration file into an encrypted encryption package by using a compression tool.

The configuration file is used for reading in the decryption process, and the content configured in the configuration file corresponds to the initial encryption parameters and comprises a generated machine code md5 hash value, a specified encryption password hash value, an md5 hash value of an encryption key automatically generated by a key management center when no specified encryption password exists, a relative path of class files which need not to be excluded from encryption and the like.

And compressing and packaging the configuration file into an encryption package, wherein the compression tool can be a 7-Zip compression tool, and an LZMA (Lempel-Ziv-Markov chain-Algorithm) Algorithm is applied to the 7-Zip compression tool and is a compression Algorithm improved and optimized by a Deflate Algorithm and an LZ77 Algorithm.

It should be noted that the encrypted package may be an encrypted jar package, and the jar package is a package folder.

And step S205, decompressing the encryption package to obtain a configuration file, reading the encryption key in the configuration file, and obtaining a decryption key according to the encryption key.

For a target Class file obtained after encryption, JVM Tool Interface (native programming Interface provided by a Java virtual machine, which is a native code Interface) or JVM for short, determines that the target Class file has a format error and cannot be loaded, and therefore, the target Class file must be loaded after being decrypted. That is, in the process of loading the target class file, the target class file needs to be decrypted, so that the JVM can load the target class file.

In the decryption process, a corresponding encryption key needs to be obtained from the configuration file, when machine codes are used for encryption, machine codes during encryption need to be obtained, and the target class files are decrypted through the encryption key or the encryption key and the machine codes.

The decompression can be realized by decompressing the encrypted packet through a corresponding compression tool during compression, obtaining a configuration file from the encrypted packet after decompression, and obtaining an encryption key and a machine code during encryption from the configuration file.

In this embodiment, the method for reading the encryption key in the configuration file specifically includes the following steps:

reading a specified encryption password field of the configuration file;

when the appointed encryption password field is empty, reading the non-appointed encryption password field of the configuration file, and acquiring an encryption key randomly generated by a key management center;

and when the field of the specified encryption password is not empty, reading the corresponding specified encryption password.

It should be understood that in saving the specified encrypted password or machine code to the configuration file, the specified password hash value is saved to the specified encrypted password field of the configuration file, the randomly generated encryption key md5 hash value by the key management center is saved to the unspecified encrypted password field of the configuration file, and the md5 hash value of the machine code is saved to the machine code field of the configuration file.

In this embodiment, a symmetric encryption algorithm is adopted, so that the encryption key is a decryption key, and can be used for decrypting the target file.

According to the embodiment, whether the field of the specified encryption password of the configuration file is empty is read, whether the specified encryption password is used as the encryption key during encryption is further judged, and the corresponding encryption key is obtained through the corresponding field, so that the method is simple and convenient.

In a specific implementation manner of this embodiment, before reading the specified encrypted password field of the configuration file, the following steps may be performed:

determining whether a machine code exists in the configuration file;

Specifically, the machine code in the configuration file is stored in the form of a hash value of the machine code md5, and when no machine code exists, the specified encryption password field of the configuration file is directly read; when a machine code exists, judging whether the generated machine code is consistent with the machine code of the local machine or not according to the hash value, and if so, using the machine code for decryption; and if the configuration files are inconsistent, prompting mismatching and exiting without continuously reading the specified encryption password field of the configuration file. Therefore, the efficiency of the decryption process can be improved, and unnecessary operation is avoided.

And step S206, decrypting the target class file by using the decryption key, and loading the decrypted target class file to the virtual machine for running.

The algorithm used for decryption and the encryption algorithm used for encryption are matched, and are not described herein again. The decrypted target class file can be loaded into the JVM virtual machine for running.

The whole decryption operation is executed in the memory, the decrypted data is dynamically loaded into the JVM virtual machine in the memory through the hot loading technology of the JVM, and the decrypted class files cannot be directly obtained by a user because the decrypted class files are operated in the pure memory, so that the privacy is ensured, and the source codes of the class files are prevented from being obtained through decompiling.

According to the method and the device, the configuration file is stored through the encryption key, the configuration file is packaged into the encrypted encryption package, the configuration file can be encrypted, meanwhile, the method body in the encrypted class file is emptied, the source file can be prevented from being obtained through decompiling, the cracking difficulty is improved, and the decompiling prevention effect is improved.

The application is operational with numerous general purpose or special purpose computing system environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet-type devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like. The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware associated with computer readable instructions, which can be stored in a computer readable storage medium, and when executed, the processes of the embodiments of the methods described above can be included. The storage medium may be a non-volatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a Random Access Memory (RAM).

It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.

With further reference to fig. 4, as an implementation of the method shown in fig. 2, the present application provides an embodiment of a decompilation prevention apparatus, which corresponds to the embodiment of the method shown in fig. 2, and which can be applied in various electronic devices.

As shown in fig. 4, the decompilation prevention apparatus 400 according to this embodiment includes: an extraction module 401, an acquisition module 402, an encryption module 403, a compression module 404, a decompression module 405, and a decryption module 406.

Wherein:

the extraction module 401 is configured to extract all files to be encrypted that need to be encrypted;

the obtaining module 402 is configured to obtain an encryption key from a key management center, and store the encryption key in a preset configuration file;

the encryption module 403 is configured to traverse all the class files to be encrypted, sequentially encrypt the class files to be encrypted by using the encryption key through an encryption algorithm, and clear a method body in the encrypted class files to obtain a target class file;

the compression module 404 is configured to package the configuration file into an encrypted package using a compression tool;

the decompression module 405 is configured to decompress the encrypted packet to obtain the configuration file, read the encryption key in the configuration file, and obtain a decryption key according to the encryption key;

the decryption module 406 is configured to decrypt the target class file using the decryption key, and load the decrypted target class file into a virtual machine for running.

According to the device for preventing decompilation, the encryption key is stored in the configuration file, the configuration file is packaged into the encrypted encryption package, the configuration file can be encrypted, meanwhile, the method body in the encrypted class file is emptied, the source file can be prevented from being obtained through decompilation, the cracking difficulty is improved, and the effect of preventing decompilation is improved.

In this embodiment, the extraction module 401 is further configured to:

traversing all the class files to obtain an absolute path of each class file;

obtaining a relative path of each class file according to the absolute path;

In this embodiment, the obtaining module 402 is further configured to:

determining whether a specified encryption password exists;

In some optional implementations of this embodiment, the obtaining module 402 is further configured to:

determining whether a machine code exists;

In this embodiment, the encryption module 403 includes an emptying sub-module, and the emptying sub-module is configured to, by reading the file stream of the class file to be encrypted, rewrite the class file to be encrypted according to the file stream, and delete the method body in the class file to be encrypted.

In this embodiment, through the emptying method, the purpose is to prevent the source file corresponding to the encrypted class file from being obtained again, and further improve the difficulty of decompilation.

In this embodiment, the decompression module 405 includes a read sub-module, which is configured to:

In some optional implementations of this embodiment, the decompression module 405 is further configured to:

determining whether a machine code is in the configuration file;

In this embodiment, whether the generated machine code is consistent with the machine code of the local machine is judged according to the hash value, if so, the machine code can be used for decryption, if not, the prompt is not matched, and the operation is exited without continuously reading the specified encryption password field of the configuration file, so that the efficiency of the decryption process can be improved, and unnecessary operation can be avoided.

In order to solve the technical problem, an embodiment of the present application further provides a computer device. Referring to fig. 5, fig. 5 is a block diagram of a basic structure of a computer device according to the present embodiment.

The computer device 5 comprises a memory 51, a processor 52, a network interface 53 communicatively connected to each other via a system bus. It is noted that only a computer device 5 having components 51-53 is shown, but it is understood that not all of the shown components are required to be implemented, and that more or fewer components may be implemented instead. As will be understood by those skilled in the art, the computer device is a device capable of automatically performing numerical calculation and/or information processing according to a preset or stored instruction, and the hardware includes, but is not limited to, a microprocessor, an Application Specific Integrated Circuit (ASIC), a Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), an embedded device, and the like.

The computer device can be a desktop computer, a notebook, a palm computer, a cloud server and other computing devices. The computer equipment can carry out man-machine interaction with a user through a keyboard, a mouse, a remote controller, a touch panel or voice control equipment and the like.

The memory 51 includes at least one type of readable storage medium including a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, etc. In some embodiments, the memory 51 may be an internal storage unit of the computer device 5, such as a hard disk or a memory of the computer device 5. In other embodiments, the memory 51 may also be an external storage device of the computer device 5, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the computer device 5. Of course, the memory 51 may also comprise both an internal storage unit of the computer device 5 and an external storage device thereof. In this embodiment, the memory 51 is generally used for storing an operating system and various types of application software installed on the computer device 5, such as computer readable instructions for preventing a decompilation method. Further, the memory 51 may also be used to temporarily store various types of data that have been output or are to be output.

The processor 52 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 52 is typically used to control the overall operation of the computer device 5. In this embodiment, the processor 52 is configured to execute computer readable instructions stored in the memory 51 or process data, for example, execute computer readable instructions of the decompilation prevention method.

The network interface 53 may comprise a wireless network interface or a wired network interface, and the network interface 53 is generally used for establishing communication connections between the computer device 5 and other electronic devices.

In this embodiment, the steps of the decompilation prevention method in the above embodiments are implemented when the processor executes the computer readable instructions stored in the memory, and the encryption key is stored in the configuration file, and the configuration file is packaged into the encrypted encryption packet, so that the configuration file can be encrypted.

The present application further provides another embodiment, that is, a computer-readable storage medium is provided, where computer-readable instructions are stored, and the computer-readable instructions can be executed by at least one processor, so that the at least one processor performs the steps of the decompilation prevention method, and the configuration file is packaged into an encrypted encryption package by storing an encryption key in the configuration file, so as to implement encryption of the configuration file, and meanwhile, a method body in the encrypted class file is emptied, so that a source file obtained through decompilation can be avoided, the difficulty in cracking is improved, and the decompilation prevention effect is improved.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present application.

It is to be understood that the above-described embodiments are merely illustrative of some, but not restrictive, of the broad invention, and that the appended drawings illustrate preferred embodiments of the invention and do not limit the scope of the invention. This application is capable of embodiments in many different forms and is provided for the purpose of enabling a thorough understanding of the disclosure of the application. Although the present application has been described in detail with reference to the foregoing embodiments, it will be apparent to one skilled in the art that the present application may be practiced without modification or with equivalents of some of the features described in the foregoing embodiments. All equivalent structures made by using the contents of the specification and the drawings of the present application are directly or indirectly applied to other related technical fields and are within the protection scope of the present application.

Claims

1. A method for preventing decompilation, comprising the steps of:

extracting all files to be encrypted which need to be encrypted;

2. The decompilation prevention method of claim 1, wherein the step of extracting all files to be encrypted that need to be encrypted comprises:

traversing all the class files to obtain an absolute path of each class file;

obtaining a relative path of each class file according to the absolute path;

3. The decompilation prevention method of claim 1, wherein the step of obtaining the encryption key from the key management center comprises:

determining whether a specified encryption password exists;

4. The decompilation prevention method of claim 3, further comprising, after the step of obtaining an encryption key from a key management center and saving the encryption key to a preset configuration file:

determining whether a machine code exists;

5. The decompilation prevention method of any one of claims 1 to 4, wherein the step of clearing the encrypted method body in the class file to be encrypted to obtain the target class file comprises:

6. The decompilation prevention method of claim 5, wherein the step of reading the encryption key in the configuration file comprises:

reading a specified encryption password field of the configuration file;

7. The decompilation prevention method of claim 6, further comprising, prior to the step of reading the specified encrypted password field of the configuration file:

determining whether a machine code is in the configuration file;

8. An apparatus for preventing decompilation, comprising:

9. A computer device comprising a memory having computer readable instructions stored therein and a processor which when executed implements the steps of the method of preventing decompilation of any of claims 1 to 7.

10. A computer-readable storage medium having computer-readable instructions stored thereon which, when executed by a processor, implement the steps of the decompilation prevention method of any of claims 1 to 7.