Suggestions for a custom bootstrap class loader

David Holmes David.Holmes at oracle.com
Tue Jun 1 03:00:47 PDT 2010 

George,

I'll pass on the debate as to whether encrypting serves any point :)

But why would you need to modify the bootstrap loader to do the 
decrypting? You can define a custom loader to be used as the system, aka 
application, classloader and use it to decrypt the class file into a 
byte[] and pass it to defineClass. (Though this means you can't add any 
encrypted classes to the bootclasspath or as an extension, but maybe 
that's ok.)

PS. There is no "tweak" to save the output of the JIT and reuse it next 
time.

Cheers,
David Holmes

George H said the following on 06/01/10 17:21:
> Hi,
> 
> I have in mind a feature that I would like to see in the OpenJDK and I
> was reading on the OpenJDK webpage that it is better to discuss a new
> feature first on the mailing list before starting on it. And I have a
> few questions to ask. Thought if anyone could provide me with insight,
> tips and some sort of starting point it would be on this mailing list.
> 
> My ultimate goal to have the virtual machine load encrypted java
> byte-byte code. Yes, its the age old protecting intellectual property
> (IP) routine.
> Doing this with a custom class loader in Java is out of the question.
> I believe the best way to do this is through the bootstrap class
> loader which is written natively. I was hoping of trying to do the
> following.
> 
> 1: Be able to supply a cryptographic key to the VM so that it may use
> it to decrypt/encrypt bytecode on the fly
> 
> and/or
> 
> 2. Be able to register a second bootstrap class loader that performs
> the on the fly encryption/decryption on the fly, and I can call it
> from inside java programs.
> 
> I was thinking that this might be a nice feature for everyone to use
> especially if point No.1 is done. The VM will be better adopted by
> persons and entities who require protection from decompiling class
> files. It would certainly make it easier than having to deploy a
> custom built OpenJDK variant that will load encrypted class files.
> 
> 
> Currently I have looked at
> "openjdk-6-src-b19-15_apr_2010\hotspot\src\share\vm\classfile\classLoader.cpp"
> and I wonder if there is any more documentation about this file and
> the whole bootstrap class loading process.
> 
> What are your suggestions, opinions and responses? I am eager to know
> if this is something many people want or just me?
> I am probably going to inevitably try to do this so any help in
> getting to know the OpenJDK source code would be great.
> 
> Thanks
> --
> George

More information about the hotspot-dev mailing list