Java .class文件保护原理

首先将编译出来的.class文件进行加密，加密算法自选。

然后使用jvm进行解密，并且执行。

加密例子没有采用加密算法，只在.class文件后面追加了几个字节的标志。

BYTE EncryptFlag[10] = { 0x73, 0x75, 0x70, 0x65, 0x72, 0x5F, 0x6D, 0x69, 0x6D, 0x69 };

#include <stdio.h>#include <windows.h>BYTE EncryptFlag[10] = { 0x73, 0x75, 0x70, 0x65, 0x72, 0x5F, 0x6D, 0x69, 0x6D, 0x69 };int main(){HANDLE hFile = CreateFile("C:\\Users\\CHM\\workspace\\jvmtiTest\\bin\\Jvmti.class", GENERIC_WRITE, FILE_SHARE_WRITE, NULL, OPEN_EXISTING,NULL,NULL);if (hFile == NULL){CloseHandle(hFile);return 0;}SetFilePointer(hFile, 0, 0, FILE_END);DWORD dwnum = 0;BOOL is_Write = WriteFile(hFile, EncryptFlag, 10, &dwnum, NULL);if (!is_Write){printf("写入失败!\n");CloseHandle(hFile);return 0;}printf("写入成功!\n");getchar();return 0;}

解密：

// JvmtiTest.cpp : 定义 DLL 应用程序的导出函数。//#include "stdafx.h"int num = 0;//加密文件标志，用以识别我们加过密的CLASS文件BYTE EncryptFlag[10] = { 0x73, 0x75, 0x70, 0x65, 0x72, 0x5F, 0x6D, 0x69, 0x6D, 0x69 };JNIEXPORT void JNICALL MyCallBackFunc(jvmtiEnv *jvmti_env,JNIEnv* jni_env,jclass class_being_redefined,jobject loader,const char* name,jobject protection_domain,jint class_data_len,const unsigned char* class_data,jint* new_class_data_len,unsigned char** new_class_data);JNIEXPORT jint JNICALLAgent_OnLoad(JavaVM *vm, char *options, void *reserved){cout << "Agent_OnLoad start!" << endl;//获取jvmtijvmtiEnv * jvmti;jint result = vm->GetEnv((void **)&jvmti, JVMTI_VERSION_1_0);if (result != JNI_OK){return result;}jvmtiCapabilities capabilities;// Clear the capabilities structure and set the ones you need.(void)memset(&capabilities, 0, sizeof(capabilities));capabilities.can_generate_all_class_hook_events = 1;result = jvmti->AddCapabilities(&capabilities);if (result != JVMTI_ERROR_NONE) {printf("ERROR: Unable to AddCapabilities JVMTI!\n");return result;}//回调jvmtiEventCallbacks callbackfunc;memset(&callbackfunc, 0, sizeof(callbackfunc));callbackfunc.ClassFileLoadHook = MyCallBackFunc;result = jvmti->SetEventCallbacks(&callbackfunc,sizeof(callbackfunc));result = jvmti->SetEventNotificationMode(JVMTI_ENABLE, JVMTI_EVENT_CLASS_FILE_LOAD_HOOK, NULL);if (result != JVMTI_ERROR_NONE){//printf("ERROR: Unable to SetEventNotificationMode JVMTI!\n");return result;}return JNI_OK;}JNIEXPORT void JNICALL Agent_OnUnload(JavaVM *vm){printf("Agent_OnUnload!");printf("卸载\n");}//回调函数JNIEXPORT void JNICALL MyCallBackFunc(jvmtiEnv *jvmti_env,JNIEnv* jni_env,jclass class_being_redefined,jobject loader,const char* name,jobject protection_domain,jint class_data_len,const unsigned char* class_data,jint* new_class_data_len,unsigned char** new_class_data){unsigned char * buf;//解密加密类if (memcmp(class_data + 553 - 10, EncryptFlag, 10) == 0){printf("累加了%d次\n", num);//是加密过的//buf = (unsigned char *)malloc((553 - 10) * sizeof(unsigned char));jvmti_env->Allocate(553 - 10, &buf);memcpy(buf, class_data, (553 - 10));*new_class_data = buf;*new_class_data_len = 543;printf("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n");}else{num++;}}