I have to distribute a Java app, and am required to make it difficult to reverse engineer. Having taken the app.jar file through a decompiler, I can see most of the code easily!, my boss would not want that!
Are there any easy to use tools out there to encrypt the jar file, and maybe embed the encrypted version into a .exe file, so there isn't much to look at? The app uses additional .jar libraries, most of the additional jar libraries do not need to be "secured", but it would be nice to be able to secure some of them.
I'm looking at jar2exe by regexlab, and haven't gotten it to work yet (and still don't know if it has just one encryption key for all of its users, or if I can generate/specify any encryption keys myself)
Other solutions I read about are similar, with "write your own class loader". I don't know how to do this, but if it's easy and there's sample code to do it, I would consider it. I can also add some C++/dll code in the mix if it helps.
All ideas are welcome, I will divide the points between all the useful comments. I know you can't completely protect/hide things, but whatever I can do to make it more difficult would be good.