Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Other Security APIs, Tools, and Issues

Binary Jar file?

How can we create binary Jar file in order to hide the code from the client?Note that: The .xml and .html files are accessible/understandable in Jar file. I need somehow hidden this codes when deploy it. Or a way to prevent from opening the Jar file.
[278 byte] By [chadorbaf] at [2007-9-26 3:16:59]
«« javah -old
»» GUI class structure and heirarchy
# 1

Use the jartool to create jar files and place the classes and resources you need into the jar. You may need to make a couple of coding chnage to fetch graphics etc, depending on how you did it in the code.

A jar is just a zip file, so users can always just unzip it to get at the files. There are Java decompilers around, so it isn't safe.

You could try to Obvuscate (<-- Spellink ?) the code which helps make it hard to change and just recompile it.

And of course you can also change it using the byte code .. been there .. done that.

What 1 person can build another can destroy.

jan.svensson at 2007-6-29 11:29:40 > top of Java-index,Security,Other Security APIs, Tools, and Issues...
# 2

> How can we create binary Jar file in order to hide the

> code from the client?

>

> Note that: The .xml and .html files are

> accessible/understandable in Jar file. I need somehow

> hidden this codes when deploy it. Or a way to prevent

> from opening the Jar file.

A jar is just a zip file, with some additional files that describe the contents (like entry method, cryptographic hashes).

While zip files allow for encryption, thus requiring a password for unpacking, I have not heard yet, that the Java jar tools and jar loaders make use of that feature.

What you can achieve is signing a jar, which means that your customer can't change the jar, without breaking the signature.

You might think about putting a couple of encrypted files into the jar file and to provide your application with a modified class loader that decrypts.

You must decide, depending on the technical skills of your customer, if it is worth the hassle.

Regards,

Marc

van.woerkom at 2007-6-29 11:29:40 > top of Java-index,Security,Other Security APIs, Tools, and Issues...
Security
Other Security APIs, Tools, and Issues

Security New Topic

Security Hot Topic

Security

All Classified