To protect the minimal application, first make a copy of the
minimal directory somewhere you have write access.
From the copied minimal directory, run the
following command:
java -jar <install
path>/lib/vldy-tech-translator.jar -v -i ./classes -o ./sclasses -x ./dasm
This tells the translator to transform classes found under the
classes directory, put the modified classes under
the sclasses directory, and put disassembled
listings of the class files before and after transformation under the
dasm directory. These and other options are
described in more details in Section 3, “Running the Tools”.
Under the dasm directory, two subdirectories
input and output contain a
listing of the bytecode for the Minimal class,
before and after the transformation. By comparing these files, it is
possible to see that the counter field and
its annotation has been replaced by another field that holds a pointer
to the secure coprocessor memory.
// access flags 2 private I counter @Lcom/validy/technology/annotation/SecureField;() // invisible
is transformed into
// access flags 4114 private final Lcom/validy/technology/runtime/Memory; k$This
The inc method increments the counter
field by one. The instruction IADD performs this operation
in the original bytecode below.
// access flags 1
public inc()V
@Lcom/validy/technology/annotation/SecureMethod;() // invisible
ALOAD 0
DUP
GETFIELD Minimal.counter : I
ICONST_1
IADD
PUTFIELD Minimal.counter : I
RETURN
In the transformed bytecode, the instructions that manipulate the
counter field have been converted to be
executed by the secure coprocessor virtual machine. In the bytecode
below, these instructions appear as calls to a method from the Validy
Technology runtime that receive a long constant - the ciphered
instruction - as parameter.
// access flags 1
public inc()V
@Lcom/validy/technology/annotation/SecureMethod;() // invisible
LDC -1871519230529205310
INVOKESTATIC com/validy/technology/runtime/Token.exe (J)V
LDC 5960922510504744152
INVOKESTATIC com/validy/technology/runtime/Token.exe (J)V
LDC 2237779730922682514
INVOKESTATIC com/validy/technology/runtime/Token.exe (J)V
LDC -2778962704774231912
INVOKESTATIC com/validy/technology/runtime/Token.exe (J)V
LDC 8090141189977720929
INVOKESTATIC com/validy/technology/runtime/Token.exe (J)V
LDC 8491204469737689782
INVOKESTATIC com/validy/technology/runtime/Token.exe (J)V
RETURN
Because the minimal application is very small, all instructions have been selected to be executed by the secure coprocessor and the size of the class file more than doubles. In a more complex application, only a relatively small fraction of the instructions will be converted.