Re: encrypted source file support in jdk?

On Thu, 27 Sep 2007 13:17:55 +0100, Tom Forsmo <tom@xxxxxxxxxx> wrote:

I know there are many other issues as well, I'll be working throuhg it.
here is the list of the issues of most importance:

- en-/decryption support in

....

- disassembler/debugger
- remove excess information from class files

You can do this bit with an obfuscator, such as Proguard (http://proguard.sourceforge.net).

- if class files are also encrypted
- en-/decryption support in the jvm runtime, covers tomcat, jboss etc.
- possible encrypted jar/war/ear files etc
- debugger
- information about classes must also be protected from prying eyes who have obtained the class files and using the debugger to get information.

This is a common suggestion for protecting class files but it won't work (see http://www.javaworld.com/javaworld/javaqa/2003-05/01-qa-0509-jcrypt.html).

Dan.

--
Daniel Dyer
http://www.uncommons.org
.

Relevant Pages

  • Re: encrypted source file support in jdk?
    ... information about classes must also be protected from prying eyes who have obtained the class files and using the debugger to get information. ... of decrypting your ciphertext /and/ all instances of decrypted ... What I was thinking of here was if somebody had illegally obtained the class files, and using debugging to reverse engineer the code. ... Its about protecting IP of internal projects in progress, in the same way you would protect marketing plans etc. ...
    (comp.lang.java.help)
  • Re: encrypted source file support in jdk?
    ... tom forsmo wrote: ... CODE and CLASS FILES during DEVELOPMENT, that means only when the code is in-house. ... I am not talking about protecting class files distributed to the public. ...
    (comp.lang.java.help)