Java代码安全性

本文介绍了Java代码安全性的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

可能重复： 您是否混淆了商业Java代码？

除了混淆之外还有什么方法可以保护罐子不会被其他人打开吗？问题是我不希望任何人访问代码，这就是我不喜欢Java的原因。从我使用的反编译器开始，用C＃和Java编写的程序就像变量的名称一样完整，这样可以很容易地访问不是免费的程序。更糟糕的是，给出源代码。

Is there any way other then obfuscation to protect jars from being opened by someone else? The thing is that I don't want anyone to access the code, which is why I don't prefer Java. From the decompilers I used, programs made in C# and Java have EVERYTHING like the names of the variables intact which would make it easy to get access to programs that are not free. Worse, give out the source code.

推荐答案

上述评论涵盖了大部分这些要点，但我会对它们进行扩展这里有一点：

Most of these points are covered by comments above, but I'll expand on them a bit here:

如果你的代码在用户的机器上运行，用户可以反编译你的代码。它是什么语言并不重要。 Java，C，whitespace，brainfuck，没关系。如果代码在计算机上运行，​​则人类可以读取它。即使您使用自己的自制语言和编译器，编译后的代码仍然是一系列标准机器指令，反编译器会轻易地将其转换为C语言或您喜欢的任何语言的可读代码。

If your code is running on the user's machine, the user can decompile your code. It doesn't matter what language it is. Java, C, whitespace, brainfuck, it doesn't matter. If the code runs on a computer, a human can read it. Even if you make your own homebrew language and compiler, the compiled code is still going to be a sequence of standard machine instructions, which decompilers will handily turn into readable code in C or whatever language you like.

没有例外。忘了吧。

No exceptions. Forget about it.

但是有办法得到你想要的东西：保护一些秘密的商业逻辑。一种简单的方法是将业务逻辑放在您自己的计算机上并使用Web服务公开它。用户仍然可以看到客户端请求和服务响应，但您的逻辑是黑盒子。

But there are ways to get what you want: protecting some secret business logic. An easy way to do this would be to place the business logic on your own machine and expose it with a web service. The user can still see the client requests and service responses but otherwise your logic is a black box.

您还可以制作自己的机器，锁定它们并将它们分发给用户。请注意，虽然这是可能的，但在技术上很难做到正确（想想所有被黑客入侵的游戏机和智能手机），并且会显着增加您的服务成本。

You could also make your own machines, lock them down, and distribute them to users. Be aware that although this is possible, it's technically quite difficult to do correctly (think of all the hacked gaming consoles and smartphones), and will significantly increase the cost of your service.