preface
Obfuscating the code before the application is released makes our code hard to read even when decompiled; Many people do not know how to set up confusion, which do not need to be confused, that to the old iron people, can be directly used knowledge points.
Android OkHttp network architecture source code in-depth analysis (uncover the mysterious veil)
The configuration of the AS is confused
In AS, you can configure the proGuard-rules. pro file to encrypt the generated APK and JAR. In addition, you need to configure the build.gradle under the app in the project to enable the obtrude function.
Item configuration in AS is confused
Gradle code is as follows
BuildTypes {debug {minifyEnabled false // confuse zipAlignEnabled true // Zipalign optimizes shrinkResources true // Delete resource file proguardFiles getDefaultProguardFile(' proGuard-android.txt ') 'proguard-rules.pro' // load the default obfuscation configuration file signingConfig signingConfigs.debug // signature} Release {minifyEnabled true // obfuscation Zipalign optimizes shrinkResources true // Remove useless resource files proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' // load default obfuscation configuration file signingConfig signingConfigs.relealse // signature}}Copy the code
The rules
Obfuscation renames classes, variables, and methods with meaningless short variables, but some external references find corresponding methods and classes by name. If the method and class cannot be found, an exception will be reported. So there are situations where you can’t get confused.
- Custom controls do not obfuscate
- Enumeration classes are not confused
- Reflection classes do not do obfuscation
- Entity classes are not confused
- Java method called by JS
- The four components are not to be confused
- There is no confusion in calling classes in JNI
- Layout Used by the Layout
View
Constructor,android:onClick
Etc. Parcelable
A subclass of andCreator
Static member variables are not confused
Obfuscating file contents
Basic obfuscation instruction
# OptimizationPasses 5 # OptimizationPasses 0 ~ 7 Obfuscated class called lowercase - dontusemixedcaseclassnames # specified not to ignore the public library classes - dontskipnonpubliclibraryclasses # specified not to ignore the members of the public library - no do preverification dontskipnonpubliclibraryclassmembers # confusion - no logging dontpreverify # confusion - verbose # # ignore the warning - ignorewarning code optimization - Dontshrink # do not optimize input class files -dontoptimize # Keep annotations without obfuscating - KeepAttributes *Annotation*,InnerClasses # Avoid obfuscating generics - keepAttributes Signature # reservation code line number, convenient exception information tracking - keepattributes SourceFile, LineNumberTable # confuse the algorithm - optimizations. code/simplification/cast,! field/*,! Class /merging/* # seeds. TXT lists the internal structure of all classes within the APK package TXT file lists the code deleted from the APK - printUsage unused. TXT # mapping. TXT file lists the mappings before and after the confusion -printmapping mapping.txtCopy the code
Android classes that don’t need to be confused
Support Design library, all classes under Support and their inner classes, Android classes
-keep public class * extends android.app.Fragment -keep public class * extends android.app.Activity -keep public class * extends android.app.Application -keep public class * extends android.app.Service -keep public class * extends android.content.BroadcastReceiver -keep public class * extends android.preference.Preference -keep public class * extends android.content.ContentProvider -keep public class * extends android.app.backup.BackupAgentHelper -keep public class * extends android.preference.Preference -keep public class * extends android.view.View -keep public class com.android.vending.licensing.ILicensingService -keep class android.support.** {*; } -dontwarn android.support.** -keep interface android.support.** { *; } -keep class androidx.** {*; } -keep interface androidx.** {*; } -keep public class * extends androidx.** -dontwarn androidx.** -dontwarn android.support.design.** -keep class android.support.design.** { *; } -keep interface android.support.design.** { *; } -keep public class android.support.design.R$* { *; } -keep class com.google.android.material.** {*; } -dontwarn com.google.android.material.** -dontnote com.google.android.material.**Copy the code
Avoid confusing the get/set methods and constructors of custom control classes
-keep public class * extends android.view.View{
*** get*();
void set*(***);
public <init>(android.content.Context);
public <init>(android.content.Context, android.util.AttributeSet);
public <init>(android.content.Context, android.util.AttributeSet, int);
}
Copy the code
Disabling Log
-assumenosideeffects class android.util.Log { public static boolean isLoggable(java.lang.String, int); public static int v(...) ; public static int i(...) ; public static int w(...) ; public static int d(...) ; public static int e(...) ; }Copy the code
Avoid resource confusion
-keep class **.R$* {*; }Copy the code
Avoid the onclick method in layout
-keepclassmembers class * extends android.app.Activity{
public void *(android.view.View);
}
Copy the code
Avoid confusing enumeration classes
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
Copy the code
The Natvie method is not confused
-keepclasseswithmembernames class * {
native <methods>;
}
Copy the code
Avoid confusion between Parcelable and Serializable interfaces
-keep class * implements android.os.Parcelable { public static final android.os.Parcelable$Creator *; } -keepclassmembers class * implements java.io.Serializable { static final long serialVersionUID; private static final java.io.ObjectStreamField[] serialPersistentFields; ! static ! transient <fields>; private void writeObject(java.io.ObjectOutputStream); private void readObject(java.io.ObjectInputStream); java.lang.Object writeReplace(); java.lang.Object readResolve(); }Copy the code
WebView confuses the configuration
-keepclassmembers class fqcn.of.javascript.interface.for.webview { public *; } -keepclassmembers class * extends android.webkit.webViewClient { public void *(android.webkit.WebView, java.lang.String, android.graphics.Bitmap); public boolean *(android.webkit.WebView, java.lang.String); } -keepclassmembers class * extends android.webkit.webViewClient { public void *(android.webkit.webView, jav.lang.String); } -keep public class {public *; } -keepattributes JavascriptInterfaceCopy the code
The network framework OkHttp3 confuses the configuration
-dontwarn com.squareup.okhttp3.** -keep class com.squareup.okhttp3.** { *; } -dontwarn okio.**Copy the code
To learn more about Android development, be sure to subscribe. Thanks
Done. Comments on questions
Public number [Android development and programming]