Protect JavaSE Applications

Video Tutorial

▶️ https://www.youtube.com/watch?v=MQf9IiDHQ18

Download

Visit https://protector4j.com/download to download the latest version.

Installation

Windows and Linux

No special installation steps are required, just download and extract the archive.

macOS

Download the dmg file and drag Protector4J to Applications, the actual contents of this tool are in Protector4J.app/Contents/protector4j-mac.

Use GUI Tool to Encrypt the JavaSE Application

Go to the folder of Protector4J then execute p4j-ui[.exe] , you will see the interface below

For macOS, just double click the Protector4J.app

Login

If you have got the license, please click the login button on the top-right corner and input your account information. Although you can still try this tool free without the license.

Choose app type

Click the “JavaSE Application” button on the app type page.

Choose jar/war files to encrypt

Choose the jar files to protect, you can add single or multi jar files.

Options

Just encrypt jar files

If this option is selected, only the encrypted jar files will be generated and the JRE will not be deployed, this option is usually used in combination with key seed for updating existing applications.

Create executable file

Create the executable file to launch the application.

Hide Console

This option is only valid for Windows, applicable to gui applications.

JVM Options

Set the arguments to be passed to the JVM, such as -Xmx and -Xms, separated by spaces or newlines.

Output

Java Version

Select the target Java version, support Java 8, Java 11 and Java 17

Create new folder

Selected by default, the task will create a folder like p4j-[task-id] in the output folder, the final result is in the there.

Include JavaFX

Check this option if this is a JavaFX Application.

SWT Application

Check this option if this is a SWT application.

KeySeed

Every encryption task will request a random key from the server by default, the jar files generated in different encryption tasks can’t be used together. However, the same key seed will generate the same key, this option can used in combination with “Only Encrypt Jar Files” to update existing applications. This option is only valid for Licensed user.

Encryption process

It will take some time to finish the encryption process. You can check the result in the output folder after it is done.

Run the encrypted app

  1. Run the executable file or the script created by the encryption task.

  2. Use the traditional way to run java application, the encrypted jar files are stored in vlxlib folder by default.

    1
    vlxjre/bin/java -jar vlxlib/xxx.jar

    or

    1
    vlxjre/bin/java -cp vlxlib/xxx.jar MainClass

Notice

If the application is for macOS or Linux and generated under Windows, please execute add-executable-permission.sh first to give the program executable permission.

Modify the JVM Options

If you need to modify the JVM options, edit the exe-name.json file, there is an array called JArgs, you can edit and add the JVM options there.

1
2
3
4
"JArgs"          : [
"-DParam1=value1",
"-DParam2=value2"
]

Use CLI Tool to Encrypt the JavaSE Application

The configuration of task file

It needs to specify a task file as an argument to the command-line tool.

Find java-task.yml in task-templates folder, copy and modify a new one.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# Available values: 8,11,17
javaVersion: 8

# The jar files that need to be encrypted
jarFiles: []
# Only encrypt the jar files, do not deploy the runtime
# This option is used while upgrading an existing application
onlyEncryptJarFiles: false

## [ Executable file information ]
# The executable file name
exeFileName: ''
# Hide command line window, only valid for Windows
hideConsole: false
# The main class of this Java Application
mainClass: ''
# The splash image
splash: ''
# JVM Options
jvmOptions: []

## [ Output Options ]
# The output folder
outputFolder: ''
# Create a new and unique folder for the application, the folder name is like p4j-<taskId>
createNewFolder: true
# Whether this is a JavaFX application
includeJavaFX: false
# Whether this a swt gui application
swtApplication: false
# Fixed key seed, only avaiable for licensed user
# Jars encrypted in different tasks can be used together with same key seed
keySeed: ''
# The target platforms, keep it empty for current plaform,
# available values: [win, linux, mac]
platforms: []

Execute the encryption process

Go to the folder of Protector4J and execute the command below to run the encryption task.

On Linux or macOS

For macOS users, you can find the cli tool in Protector4J.app/Contents/protector4j-mac

1
./p4j -t java -f path-of-task-file

On Windows

1
p4j -t java -f path-of-task-file

-t task type

-f task file

You can execute p4j --help to see the detail arguments.

Run with account information

1
./p4j -t java -f path-of-task-file -u email -p password

Check the result

After the encryption task is completed, please go to the output folder to check the result.

Run the encrypted app

  1. Run the executable file created by the encryption task

  2. Use the traditional java method, but the encrypted jar files are stored in the vlxlib folder

    1
    vlxjre/bin/java -jar vlxlib/xxx.jar

    or

    1
    vlxjre/bin/java -cp xxx MainClass

Notice

If the application is for macOS or Linux and generated under Windows, please execute add-executable-permission.sh first to give the program executable permission.

Modify the JVM Options

If you need to modify the JVM options, edit the exe-name.json, there is an array called JArgs, you can edit and add the JVM options there.

1
2
3
4
"JArgs"          : [
"-DParam1=value1",
"-DParam2=value2"
]