ARTICLE AD BOX
I'm building an application launcher using GraalVM native image. The launcher downloads an encrypted JAR, decrypts it in memory, and needs to launch it without ever touching the disk. Security requirement - the decrypted application code should never be written anywhere. Is it possible to load the full jar?
What I've tried (all failed):
Direct ClassLoader approach - Doesn't work, native-image has no bytecode interpreter
Embedding JVM via JNI -Too complex and wasted a full day, and it never worked and i did not see or understand what was wrong and where and won't try this again due to jni unless some guides me. Technically possible, but it is a nightmare to work with it.
Writing temp JAR and spawning java -jar - Works perfectly BUT defeats the entire purpose (JAR is on disk, even if briefly), this is currently for testing my app.
I'm bundling a JRE means the launcher will download if not found on the user's machine, same as the jar from my server, so I can spawn Java processes. I just need a way to tell that JVM process, "here's a JAR in memory, load it" without writing files.
How do enterprise apps handle this? Game launchers, IDE updaters, etc - they must have solved this problem, right?
I love Java, but here I just don't like it. I can not compile it to a full native image as some libs don't support it, which I have in my jar. Also, all methods of loading by defineClass work in ide but without jvm can not work in a native image.
Any suggestions would be greatly appreciated! I really need help from you all legends.
