Java Cryptographic decryption: custom class Loader application

The recent study of Java CLASS Loading technology has implemented a custom loader. The application of the current custom loader is still under discussion. The following are some of the studies of the custom ClassLoader in Java encryption and decryption.

Java Security

Java is the language that interprets execution, and for different operating platforms there is a corresponding JVM that interprets bytecode files for execution. And this bytecode file, which is what we normally see in every. class file.

This is common sense, as we all know, by the. java file, compiled by the compiler, into the. class file that the JVM can interpret.

And this process, in the now open Network technology, using an inverse compiler, anyone can easily get its source files. This is not what many people want to see.

For encryption and decryption technology, I do not know much, some can use some kind of technology "fuzzy" Java class files. This makes it more difficult to decompile. However, it is estimated that the technical level of the counter compiler is also increasing, which leads to the blocking of the method layer. There are also a number of other technologies that can also implement cryptographic decryption of Java files. What I want to study now is one of them.

The flexibility of Java makes it easy to decompile and, at the same time, makes our methods of encrypting and decrypting more flexible.

Leverage Custom ClassLoader

Reference: http://www.blogjava.net/realsmy/archive/2007/04/18/111582.html

Every class in Java is loaded into memory through the ClassLoader. The workflow for the ClassLoader is represented as follows:
1.searchfile ()
Find the class file that I want to load. (The idea of throwing the jar pack is now just to load a. class file)
2.loadDataClass ()
The byte code that reads this class file.
3.difineClass ()
Load class file. (The loading process is really complicated, and we're not going to look at it now.) ）

From this process we can clearly find that the custom class loading can easily control the loading process of each class file. So between the second step (Loaddataclass) and the third Step (Difineclass), we will have our own space to control this process flexibly.

Our encryption and decryption technology is applied here.

Encrypted decryption

There are many techniques for Java encryption and decryption. Java itself provides a good class library to support a variety of algorithms. for which algorithm to use, the network is different, go to Google yourself.

The following is a simple example of the DES symmetric encryption algorithm (setting a key and then encrypting all the data).

First, a key is generated.
I saved it in the key.txt. This document is like a key. Whoever owns it will be able to unlock our class files. Code references are as follows:

Package Com.neusoft.jiami;
Import Java.io.File;
Import Java.io.FileOutputStream;
Import Java.security.SecureRandom;
Import Javax.crypto.KeyGenerator;

Import Javax.crypto.SecretKey;

    Class Key {private String keyname;
    Public Key (String keyname) {this.keyname = KeyName;  public void CreateKey (String keyname) throws Exception {//Create a trusted random number source, DES algorithm requires securerandom sr =
        New SecureRandom ();
        The DES algorithm is used to create a Keygenerator object keygenerator kg = keygenerator.getinstance ("DES");
        Initializes this key generator with a determined key length of Kg.init (SR);
        Generate key Secretkey key = Kg.generatekey ();
        Gets the key data byte rawkeydata[] = key.getencoded ();
        Save the acquired key data to a file and use fileoutputstream fo = new FileOutputStream (new file (KeyName)) to be decrypted;
    Fo.write (Rawkeydata);
        public static void Main (String args[]) {try {new Key ("Key.txt"); catch (Exception e) {E.printstacktracE (); }

    }