JAVA安全
JAVA是解释执行的语言,对于不同的操作平台都有相应的JVM对字节码文件进行解释执行。而这个字节码文件,也就是我们平时所看到的每一个.class文件。
这是我们大家都知道的常识,也就是由.java文件,经过编译器编译,变成JVM所能解释的.class文件。
而这个过程,在现在公开的网络技术中,利用一个反编译器,任何人都可以很容易的获取它的源文件。这对于很多人来说是不希望看到的。
对于加密解密技术,我懂的不多,有些可以利用某种技术“模糊”JAVA类文件。这样能够使反编译的难度增加。但估计反编译器的技术水平也在不断提升,导致 这种方法层层受阻。另外还有很多其他的技术也可以实现对JAVA文件的加密解密。我现在所想要研究的,就是其中的一种。
JAVA的灵活性使反编译变得容易,同时,也让我们的加密解密的方法变得灵活。
利用自定义的CLASSLOADER
参照:http://www.blogjava.net/realsmy/archive/2007/04/18/111582.html
JAVA中的每一个类都是通过类加载器加载到内存中的。对于类加载器的工作流程如下表示:
1.searchfile()
找到我所要加载的类文件。(抛除JAR包的概念,现在只是要加载一个.class文件)
2.loadDataClass()
读取这个类文件的字节码。
3.difineClass()
加载类文件。(加载的过程其实很复杂,我们现在先不研究它。)
从这个过程中我们能很清楚的发现,自定义的类加载能够很轻松的控制每个类文件的加载过程。这样在第二步(loadDataClass)和第三步(difineClass)之间,我们将会有自己的空间灵活的控制这个过程。
我们加密解密的技术就应用到这里。
加密解密
JAVA加密解密的技术有很多。JAVA自己提供了良好的类库对各种算法进行支持。对于采用哪种算法,网络上说法不一,自己去GOOGLE一下吧。
下面用DES对称加密算法(设定一个密钥,然后对所有的数据进行加密)来简单举个例子。
首先,生成一个密钥KEY。
我把它保存到key.txt中。这个文件就象是一把钥匙。谁拥有它,谁就能解开我们的类文件。代码参考如下:
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911592.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911220.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911240.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911220.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911240.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911220.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911220.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911220.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911240.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911240.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911397.gif)
第二步,对我们所要进行加密的类文件进行加密。
比如我有一个DigestPass类,已经被正常编译好生成DigestPass.class文件。此时,这个类文件是任何人都可以用的。因为系统的类加 载器可以自动的加载它。那么下一步,我们要做的就是把这个类文件加密。使系统的类加载器无法读取到正确的字节码文件。参考代码如下:![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911592.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911220.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911240.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911397.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
第三步,用自定义的CLASSLOADER进行加载。参考代码如下:
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911361.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911592.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911220.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911518.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911240.gif)
![](http://java.chinaitlab.com/UploadFiles_8734/200704/20070425095911397.gif)
这样,我们就完成了类的加密解密。这个过程留给我们修改的空间还很多。我也在理解过程中。
总结
自定义的类加载器能够灵活的控制类的加载过程。从而可以实现一些我们所要的功能。
但是,即使是这样的加密技术,对于某些高手来说,依然是脆弱的。我们所需要做的就是,理解这其中的过程,掌握这样的技术,最终能够应用到我们自己的实际项目中来。