CN117932648B - Byte code protection method, terminal equipment and storage medium - Google Patents
Byte code protection method, terminal equipment and storage medium Download PDFInfo
- Publication number
- CN117932648B CN117932648B CN202410316835.1A CN202410316835A CN117932648B CN 117932648 B CN117932648 B CN 117932648B CN 202410316835 A CN202410316835 A CN 202410316835A CN 117932648 B CN117932648 B CN 117932648B
- Authority
- CN
- China
- Prior art keywords
- unit
- decryption
- byte code
- encryption
- java
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000012545 processing Methods 0.000 claims abstract description 8
- 230000006870 function Effects 0.000 claims description 23
- 238000004590 computer program Methods 0.000 claims description 19
- 230000008569 process Effects 0.000 claims description 13
- 238000004422 calculation algorithm Methods 0.000 claims description 5
- 230000006837 decompression Effects 0.000 claims description 3
- 230000001419 dependent effect Effects 0.000 description 6
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 239000000470 constituent Substances 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a byte code protection method, terminal equipment and storage medium, wherein the method comprises the following steps: loading an encryption tool mirror image corresponding to the target server environment through a dock container, and then starting an initialization unit; the initialization unit renders and compiles the encryption unit and the decryption unit; the initialization unit compiles and encrypts the decryption auxiliary unit; the encryption unit encrypts the byte code file, modifies the byte code file for processing byte code reading logic in the code frame of the java item, and modifies the logic for reading the byte code into the logic for reading and decrypting the byte code in the calling auxiliary decryption unit; when the target server reads the byte code file encrypted by the java item, the target server calls the decryption unit through the JNI to decrypt the byte code file. The invention realizes the encryption and decryption of the byte code file.
Description
Technical Field
The present invention relates to the field of software development, and in particular, to a byte code protection method, a terminal device, and a storage medium.
Background
The existing encryption and decryption technology for protecting java byte codes generally has the following defects:
(1) Generally, the encryption and decryption scheme based on jvmti cannot be compatible with different operating systems, and the steps are very complicated when the cross-platform encryption and decryption scheme is used.
(2) The password is usually fixed in the source code of the decryption device, which makes it impossible to flexibly modify the password when encrypting the byte code, and the password or the decryption device is easy to cause wider influence after being leaked.
(3) Code frames with functions of autonomously reading and modifying byte codes such as spring and hibernate are often not supported, or related functions must be disabled to be normally used; there are also schemes to replace the logic of the related function by creating a file with the same name as the original bytecode class file, but this scheme is limited by the loading order of the classes, and can only be used for the program main body, and cannot be used for the component library provided to the third party.
(4) The java agent is completely disabled for defense purposes, resulting in an incompatibility OpenTelemetry or other java agent-based tools.
(5) The cracking means such as debug cannot be defended.
(6) Some technologies require that the encryption and decryption target must compress the packet for jar format.
(7) Some code protection techniques implemented by code obfuscation affect the program logic and require modification of the code for adaptation.
Disclosure of Invention
In order to solve the problems, the invention provides a byte code protection method, a terminal device and a storage medium.
The specific scheme is as follows:
a method of protecting bytecodes, comprising the steps of:
s1: after loading an encryption tool image corresponding to a target server environment through a dock container, starting an initialization unit in the encryption tool in the target server environment;
s2: the initialization unit renders and compiles an encryption unit and a decryption unit in the encryption tool based on the input encryption and decryption parameters;
S3: after the initialization unit compiles the decryption auxiliary unit in the encryption tool, encrypting the compiled decryption auxiliary unit through the encryption unit;
s4: encrypting the compiled byte code file of the java item through an encryption unit;
s5: the encryption unit modifies a byte code file for processing byte code reading logic in a code frame of the java item, and modifies the logic for reading the byte code into logic for reading and decrypting the byte code in the calling auxiliary decryption unit;
S6: when the target server reads the byte code file encrypted by the java item, the target server calls the decryption unit through the JNI to decrypt the byte code file.
Further, in step S1, after compiling the source code of the java item, the encryption tool is started through a maven plug-in or shell script, and then a corresponding encryption tool image is loaded through a docker container.
Further, the encryption unit and the decryption unit compiled in step S2 are stored as binary dynamic library files.
Further, step S4 further includes: the encryption unit reads and decompresses jar files of other dependency libraries except the java item dependency library under the path of the java item dependency library, encrypts byte code files in the jar files after decompression, and recompresses the jar files after encryption.
Furthermore, the logic for reading and decrypting the byte code in the auxiliary decryption unit is called in step S5, and the logic for calling the decryption unit in the encryption tool through the JNI is added on the basis of inheriting the original logic for reading the byte code in the code frame.
Further, the decryption process in step S6 is as follows: the decryption unit checks the first four bytes in the loaded byte code file to judge whether the byte code file accords with the initial representation of the normal class file, and if so, directly loads the byte code into the memory; otherwise, the decryption is performed based on the key and algorithm at the time of encryption.
Further, before the target server reads the encrypted byte code file of the java item in step S6, the method further includes:
designating a reference decryption unit in parameters of the java virtual machine jvm by setting a proxy library;
registering a decryption function in the decryption unit to ClassFileLoadHook after the decryption unit is loaded;
The decryption unit disables the debug tool Serviceability Agent of java by overriding the global variable gHotSpotVMStructs.
Further, during the process of invoking the decryption function in the decryption unit, the decryption unit checks the JVM startup parameter through a management interface JmmInterface provided by the JVM, and determines whether the DisableAttachMechanism parameter is enabled to disable the debug function; when the decryption unit finds that the debugging function is not disabled, interrupting the decryption flow; triggering checking of the validity of the java agent when the decryption unit retrieves that javaagent or agentpath keywords exist in the starting parameters, comparing the java agent file name with a java agent white list which is recorded in the source code of the decryption unit in advance, if the Java agent file name hits, calculating a hash value of the java agent file, comparing the hash value with the hash value recorded in the white list, and checking if the hash value is consistent; if the miss or hash value is inconsistent, the decryption flow is interrupted.
The byte code protection terminal device comprises a processor, a memory and a computer program stored in the memory and capable of running on the processor, wherein the processor realizes the steps of the method according to the embodiment of the invention when executing the computer program.
A computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the method described above for embodiments of the present invention.
The invention adopts the technical scheme, realizes encryption and decryption of the byte code file, and overcomes the defects in the prior art.
Drawings
FIG. 1 is a flow chart of a method according to an embodiment of the invention.
FIG. 2 is a schematic diagram showing the constituent elements of the encryption tool of this embodiment.
Fig. 3 is a schematic diagram showing the principle of logic modification in the code frame in this embodiment.
Detailed Description
For further illustration of the various embodiments, the invention is provided with the accompanying drawings. The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate embodiments and together with the description, serve to explain the principles of the embodiments. With reference to these matters, one of ordinary skill in the art will understand other possible embodiments and advantages of the present invention.
The invention will now be further described with reference to the drawings and detailed description.
Embodiment one:
the embodiment of the invention provides a byte code protection method, as shown in fig. 1, comprising the following steps:
S1: after loading the encryption tool image corresponding to the target server environment (such as an operating system, a cpu architecture and the like) through the dock container, an initialization unit in the encryption tool is started in the target server environment.
The encryption tool consists of an initialization unit, an encryption unit, a decryption unit and a decryption auxiliary unit, and the corresponding functions are shown in figure 2, wherein the initialization unit is responsible for compiling and generating the encryption unit, the decryption unit and the decryption auxiliary unit; the encryption unit is responsible for encrypting the byte code file and modifying the underlying byte code of the code frame (such as spring and hibernate) of the java item; the decryption unit is responsible for decrypting the byte code file and protecting the decryption process from being decrypted; the decryption auxiliary unit is responsible for assisting the code framework to call the decryption unit for byte code decryption.
After the source code compiling of the java item is completed, the encryption tool is started through a maven plug-in or shell script, and then a corresponding encryption tool image is loaded through a dock container.
S2: the initialization unit renders and compiles the encryption unit and the decryption unit in the encryption tool based on the input encryption and decryption parameters.
The encryption and decryption parameters may include keys, etc. In step S2, the initializing unit dynamically replaces the corresponding variables in the source code templates of the encrypting unit and decrypting unit with the input parameters based on the parameters input to the docker container, thereby generating compilable c++ code, and compiles into a binary dynamic library file (· so).
S3: after the initialization unit compiles the decryption auxiliary unit in the encryption tool, the compiled decryption auxiliary unit is encrypted by the encryption unit.
In this embodiment, the encryption mode of the encryption unit adopts AES symmetric encryption, and the key is the key input in step S2. After encryption, the encrypted byte code file corresponding to the decryption auxiliary unit is compressed into a jar format.
S4: and encrypting the compiled byte code file of the java item through an encryption unit.
The embodiment further comprises: the encryption unit reads and decompresses jar files of other dependent libraries except the java item dependent library under a java item dependent library path (for example, BOOT-INF/lib), encrypts byte code files in the jar files after decompression, and recompresses the jar files after encryption.
Further, the embodiment further includes moving the encrypted decryption auxiliary unit and the jar files of other dependent libraries to the java item dependent library path, and covering the jar files of the original other dependent libraries.
If the encrypted byte code file is compressed into the jar format, the encryption unit decompresses the byte code file in the jar format, and then recompresses the decompressed byte code file and the dependency library file into the jar format file.
S5: the encryption unit modifies a byte code file for processing byte code reading logic in a code frame of the java item, and modifies the logic for reading the byte code into the logic for reading and decrypting the byte code in the calling auxiliary decryption unit.
As shown in fig. 3, in this embodiment, a byte code reading and decrypting unit is set in the decrypting auxiliary unit, and the byte code reading and decrypting unit not only inherits the original logic for reading the byte code in the code frame, namely, the byte code reading unit, but also adds the logic for calling the decrypting unit in the encrypting tool through the JNI.
The encryption tool modifies the part of the original byte code processing unit in the code frame referring to the byte code reading unit through the byte code modification tool, and changes the part into the byte code reading decryption unit referring to the decryption auxiliary unit. In this way, the read bytecode-related logic of the bytecode processing unit in the code frame becomes a function calling the bytecode read decryption unit, and the function reads the bytecode and decrypts the bytecode by calling the decryption unit through the JNI.
S6: when the target server reads the byte code file encrypted by the java item, the target server calls the decryption unit through the JNI to decrypt the byte code file.
And (5) uploading the java project file processed in the steps S1-S5 to a target server by an operation and maintenance personnel by means of other third party tools. The java project file comprises an encrypted byte code file, a dependency library file, a decryption unit and an auxiliary decryption unit.
The java item may be started in different ways.
In a startup mode, a reference decryption unit is specified in parameters of the java virtual machine jvm through a proxy library (agentlib), for example, agentlib: byteCodeDecryptor, and at this time jvm reads/Lib directory dynamic link library file libByteCode decryptor. So, and loads the decryption unit.
After the decryption unit is loaded, registering the decryption function to ClassFileLoadHook, and triggering the decryption function of the decryption unit by ClassFileLoadHook in the class loading process of the java item jvm; meanwhile, the decryption unit disables the java debug tool Serviceability Agent by covering the global variable gHotSpotVMStructs to prevent the decrypted bytecode file from being obtained by directly reading the memory, wherein one implementation way is to set the variable to 0.
When the decryption function is triggered, the decryption unit checks each loaded byte code file, and when the first four bytes of the loaded byte code file do not accord with the initial identification 0xCAFEBABE of the normal class file, the decryption unit decrypts according to the secret key and algorithm agreed during encryption, otherwise, the byte code is directly loaded into the memory; when decryption fails, the decryption unit directly throws out exception, interrupts the class (java class) loading process of jvm, and at this time, the java process reports errors and exits because of class loading failure.
During the invocation of the decryption function, the decryption unit checks the JVM startup parameters via the management interface JmmInterface provided by the JVM to determine whether the parameters DisableAttachMechanism are enabled to disable the debug function. When the decryption unit finds that the program does not disable the debugging function, the decryption flow is directly interrupted, and the java process exits due to class loading failure. In addition, once the decryption unit retrieves that the key words javaagent or agentpath exist in the startup parameters, the verification of the validity of the java agent is triggered, the verification compares the java agent file name with a java agent white list which is previously recorded in the source code of the decryption unit, if the java agent white list hits, a hash value (such as md 5) of the java agent file is calculated, the hash value is compared with the hash value recorded in the white list, and if the hash value is consistent, the verification is passed. Once a miss or hash value inconsistency is found, the decryption flow is interrupted.
In another starting mode, the byte code file is directly read through frames such as spring and hibernate, and then decryption is carried out by calling a decryption function of the decryption unit through the JNI through the decryption auxiliary unit, and the decryption process of the first starting mode of the decryption process is consistent.
The embodiment of the invention has the following beneficial effects:
(1) Parameters can be set before encryption, a target server is modified, and a corresponding executable device is generated according to a target operating system;
(2) The password and the encryption algorithm can be dynamically set before encryption, and even if the password and the algorithm of a certain version are leaked, the influence on all product series is avoided;
(3) The method can be compatible with various code frameworks;
(4) Other java agents can be compatible, and meanwhile, cracking means such as java agents and debug can be defended;
(5) Byte code decryption capability can be provided in two stages of process starting and running processes, unencrypted codes can be normally loaded, and the method is completely non-invasive to code logic;
(6) And the encryption and decryption of all byte code files under the catalog are supported, and the compression files in jar format can be compatible.
Embodiment two:
The invention also provides a byte code protection terminal device, which comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the steps in the method embodiment of the first embodiment of the invention are realized when the processor executes the computer program.
Further, as an executable scheme, the bytecode protection terminal device may be a computing device such as a desktop computer, a notebook computer, a palm computer, and a cloud server. The byte code protection terminal device may include, but is not limited to, a processor, a memory. It will be appreciated by those skilled in the art that the above-described constituent structure of the bytecode protection terminal device is merely an example of the bytecode protection terminal device, and does not constitute limitation of the bytecode protection terminal device, and may include more or less components than those described above, or may combine some components, or different components, for example, the bytecode protection terminal device may further include an input/output device, a network access device, a bus, and the like, which is not limited by the embodiment of the present invention.
Further, as an executable scheme, the Processor may be a central processing unit (Central Processing Unit, CPU), other general purpose Processor, digital signal Processor (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA), or other Programmable logic device. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like, which is a control center of the bytecode protection terminal device, and the various interfaces and lines are used to connect the various parts of the whole bytecode protection terminal device.
The memory may be used to store the computer program and/or module, and the processor may implement various functions of the bytecode protection terminal device by running or executing the computer program and/or module stored in the memory and calling data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, at least one application program required for a function; the storage data area may store data created according to the use of the cellular phone, etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as a hard disk, memory, plug-in hard disk, smart memory card (SMART MEDIA CARD, SMC), secure Digital (SD) card, flash memory card (FLASH CARD), at least one disk storage device, flash memory device, or other volatile solid-state storage device.
The present invention also provides a computer readable storage medium storing a computer program which when executed by a processor implements the steps of the above-described method of an embodiment of the present invention.
The module/unit of the byte code protection terminal device integration may be stored in a computer readable storage medium if implemented in the form of a software functional unit and sold or used as a separate product. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a software distribution medium, and so forth.
While the invention has been particularly shown and described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (9)
1. A method for protecting byte codes, comprising the steps of:
s1: after loading an encryption tool image corresponding to a target server environment through a dock container, starting an initialization unit in the encryption tool in the target server environment;
s2: the initialization unit renders and compiles an encryption unit and a decryption unit in the encryption tool based on the input encryption and decryption parameters;
S3: after the initialization unit compiles the decryption auxiliary unit in the encryption tool, encrypting the compiled decryption auxiliary unit through the encryption unit;
s4: encrypting the compiled byte code file of the java item through an encryption unit;
s5: the encryption unit modifies a byte code file for processing byte code reading logic in a code frame of the java item, and modifies the logic for reading the byte code into logic for reading and decrypting the byte code in the calling auxiliary decryption unit;
S6: when the target server reads the byte code file encrypted by the java item, the target server calls a decryption unit through a JNI to decrypt the byte code file; in the process of calling the decryption function in the decryption unit, the decryption unit checks the JVM starting parameter through a management interface JmmInterface provided by the JVM to judge whether DisableAttachMechanism parameters are enabled to disable the debugging function; when the decryption unit finds that the debugging function is not disabled, interrupting the decryption flow; triggering checking of the validity of the java agent when the decryption unit retrieves that javaagent or agentpath keywords exist in the starting parameters, comparing the java agent file name with a java agent white list which is recorded in the source code of the decryption unit in advance, if the Java agent file name hits, calculating a hash value of the java agent file, comparing the hash value with the hash value recorded in the white list, and checking if the hash value is consistent; if the miss or hash value is inconsistent, the decryption flow is interrupted.
2. The method of claim 1, wherein: and S1, after compiling the source code of the java item, starting the encryption tool through a maven plug-in or shell script, and loading a corresponding encryption tool image through a docker container.
3. The method of claim 1, wherein: the encryption unit and the decryption unit compiled in step S2 are saved as binary dynamic library files.
4. The method of claim 1, wherein: the step S4 further includes: the encryption unit reads and decompresses jar files of other dependency libraries except the java item dependency library under the path of the java item dependency library, encrypts byte code files in the jar files after decompression, and recompresses the jar files after encryption.
5. The method of claim 1, wherein: the logic for reading and decrypting the byte code in the auxiliary decryption unit is called in the step S5, and the logic for calling the decryption unit in the encryption tool through the JNI is added on the basis of inheriting the original logic for reading the byte code in the code frame.
6. The method of claim 1, wherein: the decryption process in step S6 is: the decryption unit checks the first four bytes in the loaded byte code file to judge whether the byte code file accords with the initial representation of the normal class file, and if so, directly loads the byte code into the memory; otherwise, the decryption is performed based on the key and algorithm at the time of encryption.
7. The method of claim 1, wherein: before the target server reads the encrypted byte code file of the java item in step S6, the method further includes:
designating a reference decryption unit in parameters of the java virtual machine jvm by setting a proxy library;
registering a decryption function in the decryption unit to ClassFileLoadHook after the decryption unit is loaded;
The decryption unit disables the debug tool Serviceability Agent of java by overriding the global variable gHotSpotVMStructs.
8. A byte code protection terminal device, characterized by: comprising a processor, a memory and a computer program stored in the memory and running on the processor, the processor implementing the steps of the method according to any one of claims 1 to 7 when the computer program is executed.
9. A computer-readable storage medium storing a computer program, characterized in that: the computer program implementing the steps of the method according to any of claims 1 to 7 when executed by a processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410316835.1A CN117932648B (en) | 2024-03-20 | 2024-03-20 | Byte code protection method, terminal equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410316835.1A CN117932648B (en) | 2024-03-20 | 2024-03-20 | Byte code protection method, terminal equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117932648A CN117932648A (en) | 2024-04-26 |
| CN117932648B true CN117932648B (en) | 2024-06-04 |
Family
ID=90757900
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410316835.1A Active CN117932648B (en) | 2024-03-20 | 2024-03-20 | Byte code protection method, terminal equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117932648B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102043932A (en) * | 2010-12-31 | 2011-05-04 | 中国航空工业集团公司第六三一研究所 | Method for preventing Java program from being decompiled |
| CN102346834A (en) * | 2011-11-25 | 2012-02-08 | 武汉钢铁(集团)公司 | Method for encrypting and protecting Java application software |
| CN111680272A (en) * | 2020-06-05 | 2020-09-18 | 深圳前海微众银行股份有限公司 | Byte code encryption and decryption method and device |
| CN112115429A (en) * | 2020-08-25 | 2020-12-22 | 北京基调网络股份有限公司 | Java class encryption and decryption method and computer readable storage medium |
| CN117313046A (en) * | 2023-09-18 | 2023-12-29 | 浙江大华技术股份有限公司 | Code reinforcement method, code loading method, device and medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102598017B (en) * | 2009-11-13 | 2016-03-09 | 爱迪德技术有限公司 | Improve the system and method for its tamper-proof capabilities of Java bytecode |
-
2024
- 2024-03-20 CN CN202410316835.1A patent/CN117932648B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102043932A (en) * | 2010-12-31 | 2011-05-04 | 中国航空工业集团公司第六三一研究所 | Method for preventing Java program from being decompiled |
| CN102346834A (en) * | 2011-11-25 | 2012-02-08 | 武汉钢铁(集团)公司 | Method for encrypting and protecting Java application software |
| CN111680272A (en) * | 2020-06-05 | 2020-09-18 | 深圳前海微众银行股份有限公司 | Byte code encryption and decryption method and device |
| CN112115429A (en) * | 2020-08-25 | 2020-12-22 | 北京基调网络股份有限公司 | Java class encryption and decryption method and computer readable storage medium |
| CN117313046A (en) * | 2023-09-18 | 2023-12-29 | 浙江大华技术股份有限公司 | Code reinforcement method, code loading method, device and medium |
Non-Patent Citations (1)
| Title |
|---|
| 基于JVMTI和JNI的字节码加密技术的研究及实现;宋勇;;湖南理工学院学报(自然科学版);20081215(第04期) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117932648A (en) | 2024-04-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2831790B1 (en) | Secured execution of a web application | |
| CN109784007B (en) | Byte code encryption method, byte code decryption method and terminal | |
| CN106203006A (en) | Android application reinforcement means based on dex Yu so file Dynamic Execution | |
| US20160203087A1 (en) | Method for providing security for common intermediate language-based program | |
| US20050198645A1 (en) | Run-time call stack verification | |
| KR100917370B1 (en) | Information processing apparatus that executes program, computer readable medium in witch program is stored, and program control method for executing program | |
| US20020138748A1 (en) | Code checksums for relocatable code | |
| KR102275827B1 (en) | Method and apparatus for data encryption | |
| CN109598107B (en) | Code conversion method and device based on application installation package file | |
| EP1869606A1 (en) | Software protection | |
| CN112035803B (en) | Protection method and device based on Windows platform software | |
| CN117932648B (en) | Byte code protection method, terminal equipment and storage medium | |
| US7380269B2 (en) | Changing code execution path using kernel mode redirection | |
| US11061998B2 (en) | Apparatus and method for providing security and apparatus and method for executing security to protect code of shared object | |
| US11574055B2 (en) | Validation and installation of a file system | |
| EP4058910A1 (en) | Apparatus and method for protecting shared objects | |
| JP3654165B2 (en) | Library linking method applied to a computer system and recording medium recording the program | |
| CN113221077B (en) | Class file encryption method and equipment based on spring container | |
| CN111522555A (en) | apk file reinforcing method, apk file decrypting method and related devices | |
| WO2024207844A1 (en) | Jar package decompilation prevention method | |
| US20230334149A1 (en) | Program processing device and program processing method | |
| CN109460640A (en) | A kind of java applet guard method, device, equipment and readable storage medium storing program for executing | |
| CN113849819B (en) | Method, device, computer equipment and storage medium for processing command line instruction | |
| CN113760293A (en) | Method and device for processing source code | |
| CN117763539A (en) | Application running method, device, electronic equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |