0

I'd like to encrypt my native libraries and decrypt them on runtime before doing System.loadLibrary("foo")

System.loadLibrary() and System.load() only takes libname and filename

I've already looked at Runtime.java source code, and the library loading methods seems to depend on a native function

Is there a workaroud for this ?

Ghilas BELHADJ
  • 13,412
  • 10
  • 59
  • 99
  • Why? You'd have to distribute the decryption key in order for any app to use the libraries. There's no point to a security system based on, "These libraries are encrypted, so here's the decryption key so you can use them." – Andrew Henle Mar 01 '17 at 11:32
  • @AndrewHenle I'm aware of this. – Ghilas BELHADJ Mar 01 '17 at 11:35
  • 1
    I've seen other cases, where a "fat jar" embeds the binary library as a resource, but the answer has always been "cache it on disk". – Wheezil Mar 04 '17 at 15:20
  • This post http://stackoverflow.com/questions/5053664/dlopen-from-memory suggests that the OS-level load-from-memory cannot be done portably, but you could pull some tricks on FreeBSD. – Wheezil Mar 05 '17 at 15:12
  • This would be very helpful, if we could load java libs from byte array. Then this would allow to create a self contained binaries binaries from JNI, firstly from C executable we could call JNI_CreateJavaVM() then some API to load jarlib from byte array. The byte array by itself would be blob generated by some C precompiler/blob serializer and stored in C static array. The benefit of all this would be that we could delver to customer kind of "standard os" executable and not the java classes. Meanwhile System.load(); – Madars Vi Apr 19 '18 at 12:22

0 Answers0