Since the java code is compiled into a class and then packaged into a jar to run, there is no problem if there is no problem with the server. Generally, the server data is stolen, and the jar is easily converted and compiled by tools such as jd-gui. At the same time, the company also recently requested to encrypt the jar, so during this period of time, it began to study how to encrypt and decrypt the jar package.
I found a lot of information on the Internet. The tools for encryption and obfuscation are currently free. The mainstream ones are Xjar, classFinal, and JarEncrypt on gitee and github. The first two are basically used in springboot projects. There are also many masters in Code Cloud or github. The improved version shared above, some jars that can support JAVASE projects, but these two tools have a hard requirement, that is, JDK1.7 + is required. During the test, it was found that they cannot be used on jdk1.6 projects at all, so there is I have given a detailed explanation of the third type. I use JarEncrypt, which is based on the JVM level. The simple logic is:
To facilitate the specific class file in the jar, encrypt the class file, the encryption tool is the dll library, When running the encrypted jar later, add the parameter -agentpath to the command line; If it is on the Linux side, it is -agentlib
The examples here are all based on jdk1.6. For encryption, you also need to prepare visual studio to compile the cpp file and generate the corresponding dll library file.
The source code path of the cpp file is: jarEncrypt: bytecode encryption and decryption, where the encrypted and decrypted cpp of the code and the referenced h file are provided.
Encrypted jar java code source code path: Encrypt: java bytecode encryption, here provides jar encrypted java source code.
After downloading the above two files, find the same-level directory of the bin directory in jdk, as shown below:
Click to enter the include directory, find the two files jni.h and jvmti.h, copy them out and find a directory to store them (do not include Chinese in the path), as shown in the figure below:
Then enter the win32 directory, find the jni_md.h file, copy it to a new directory, and put it together with the above two. As shown below:
When you are ready, create an empty c ++ project. I am using the visual studio2022 version here. The creation process is as follows:
Choose to create an empty project, then the next step:
Name the project, select the project path, and click Create.
Then create a cpp in the location of the source file, and then copy the content of the previously downloaded cpp into it. Encryption and decryption each create a project. Here I will explain the decrypted C++ project as a sample. As shown below:
Select the Project4 project, right-click, and click the bottom property to get the property box information, as shown in the figure below:
Click General, select dynamic library in the configuration type, and ensure that the final run generates a dll file.
Then click General under C++, and select Edit in Additional Include Directories. as follows:
The first time you open it, there is a blank line, you need to click the position pointed by the arrow, and then the button will appear, as shown in the figure below:
Click the button to select the directory where the three files copied from jdk were placed before, and then confirm, that’s it.
Next, you need to modify the content of cpp according to your own needs, as shown in the figure below:
At the position of line 23, modify “com/” according to your own needs, and the length 4 behind it should also be modified. For example, if you change it to “com/aa/”, then that 4 must be changed to a new length, that is Change it to 7.
Then right-click the Project4 project and select Regenerate. Finally, the dll file will be generated. The console will also print information.
Encryption and decryption dll library are the same operation. The content of the encryption library does not need to be modified, just generate the dll directly.
Next is the java code, there are 3 places that need to be modified, as shown in the figure below:
The first is to change loadLibrary to load, and refer to the absolute path of the encrypted dll
The second is to modify the path of the original jar package and modify it as needed.
The third place is to modify the package name and modify it as needed.
Run main after modification, and an encrypted jar package will be generated. If an exception occurs during the running process, such as UnsatisfiedLinkError, check whether the dll generation failed, or the package name, location, and content are inconsistent. Normal conditions are all possible.
Then open cmd and run java -agentpath:Project4.dll -jar aa_encrypt.jar. Among them, Project4.dll is the decryption library, and aa_encrypt.jar is the encrypted jar.
Different jdk versions are applicable, but the h file mentioned above needs to be corresponding when generating dll. At present, the test on my windows is successful.
The reference link is as follows:
Java encryption Jar package and Class file – prevent decompilation_jar package encryption to prevent decompilation_Super Big Ant’s Blog-CSDN Blog
JarEncrypt2 encryption tool_yimcarson’s blog-CSDN blog
JVMTI implements encryption of springboot jar package (prevents decompilation) – jvmti springboot_weixin_39747279’s Blog – CSDN Blog
Make java files into jar packages_Make .class files into jar packages_Study Abroad Evaluation Jun’s Blog-CSDN Blog
Thanks to Code Cloud author: jungle1992 (jungle_1992) – Gitee.com
In addition, I did a test on the linux server today and found that I need to generate the .so file to decrypt it. Java encrypts the Jar package and Class file to prevent decompilation_jar package encryption to prevent decompilation_Super Big Ant Blog-CSDN Blog
In the above link, there is the download resource code, JarEncrypt2.zip, or you can download it in my resources (requires 3 credits). After decompression, the directory is as follows:
Modify the content of the Makefile file under the decrypt directory, and change ${JAVA_HOME} to the path of jdk on your own linux (the upper directory of the bin directory) as needed, and then put the top decrypted cpp file with this Makefile file Put it on the linux server (note that it is the top cpp, not the cpp in this directory), ensure that the linux server has a g++ environment, then run make, and finally the liblinux.so file will be generated, and finally run the command to execute the encryption jar. The commands run here also need attention, as follows:
java -agentlib:linux -jar xxxx.jar
xxx.jar is an encrypted jar,
-agentlib: linux, the reason for this is that after running, the program will automatically splice linux into liblinux.so, and the file suffix will be added by itself, so this parameter can be written like this.