AabResGuard is an open source resource obfuscation tool for.aab files developed by Tiktok technology team of Bytedance.
AabResGuard was completed in June 2019 and launched in many overseas products, including Tiktok and Vigo, at the end of July 2019, providing resource protection and package size optimization capabilities for overseas products.
After practice and verification, AabResGuard was up and running, so the team opened it to the community. To support more scenarios, AabResGuard provides a Gradle plugin and jar packages that can be run separately. In addition to resource obfuscation, some additional features are provided.
Github project address: github.com/bytedance/A… .
Development background
What is AAB?
AAB stands for Android App Bundle, which is a dynamic packaging and componentization technology of APK launched by Google. AAB ends in a Bundle file to assemble a most suitable APK for your mobile phone model and install it for your device.
An Android App Bundle is a new upload format that includes all your app’s compiled code and resources, but defers APK generation and signing to Google Play.
Introduction: Android App Bundle
Why resource obfuscation for AAB files?
Significance of resource confusion: protecting resources and reducing package size.
According to statistics, there is a negative correlation between APK size and installation conversion rate. This conversion rate drops not only because people simply choose not to install, but because the installation is incomplete for a variety of reasons. Statistically, an app with an APK size of about 10MB will have a download completion rate about 30% higher than an app with an APK size of about 100MB (according to Google Play Internal Data).
Due to the Google Play policy, apps on Google Play must include the 64-bit SO library by the end of August 2019. This policy will undoubtedly cause an explosion in package size, so we decided to use the Android App Bundle solution.
After installing the Android App Bundle scheme, we exported an APK file through AAB to compare package sizes, and found that package sizes became larger, and the difference was mainly in resources.
At present, most apps use wechat’s “APK resource confusion” scheme AndResGuard to reduce the volume of APK packages by reducing resources.
Apk’s resource obfuscation scheme is not applicable to AAB due to the difference in file structure between.aab and.apk.
We couldn’t give up the benefits of this resource obfuscation, so we produced AabResGuard, a resource obfuscation tool for.aab files.
earnings
The following data is the revenue of AabResGuard on TikTok-9.4.0 version. Due to the different degree of resource optimization of each app, the optimization of this data on different apps is different, and the actual data shall prevail.
AAB file is actually a compressed package format (only used for uploading to Google Play Store). When users download it, they will generate an APK that is most suitable for the configuration according to the configuration of the user’s mobile phone model. Users will finally install and download the APK file.
The file format | Before resource compression | After resource compression | Resource compression ratio |
---|---|---|---|
AAB | 35.8 MB | 27.2 MB | 24% |
APK(Download size) | 14.8 MB | 12.3 MB | 16.90% |
The configuration of different mobile phones is different, so the revenue is different. The above table shows the configuration of mobile phones (SDK16 / ARM64/480). Due to the secondary compression of package volume in Google Play Store, the actual revenue is reduced. Please refer to the revenue of APK Download Size for specific online data.
The principle is introduced
AAB and APK file structure differences
The structure of *.aab and *.apk files is shown in the following figure:
*. Aab = resources. Pb; *. Apk = resources. Arsc = resources. And the files in *. Aab contain the dynamic feature directory, so more file contents need to be confused in *. Aab.
AAB file parsing
AabResGuard relies on Bundletool to parse and modify.aab files. However, different Versions of Bundletool may have some compatibility problems.
AabResGuard currently relies on Bundletool 0.10.0. It is possible to overwrite the Bundletool version that AGP(Android Gradle Plugin) itself relies on, resulting in version compatibility issues.
We solved this problem by using Shadow to redirect packages from other introduced libraries and removing the dependency on bundletool for delivery in the aabresGuard-Plugin.
Resources to confuse
Minimum character replacement: AabResGuard obfuscates resource files and replaces the original resource name and path with the shortest character to reduce package size and protect resources.
A resource consists of several parts: ID, name, path, etc. By default, name and path are one-to-one in the original file (name is the file name of path), but in fact, they are not related. If name is used as the name of path after confusion, it will undoubtedly cause space waste.
If there is only one file in the res/drawable-xxhdpi path, it will waste two characters of space.
AabResGuard uses separate obfuscation for files and resource names of different types in each folder to ensure that files and resources in each folder are shortest paths.
In addition, the resource ID of the file is saved in the output mapping, which helps you quickly locate resources when problems occur.
File to heavy
AabResGuard performs MD5 deduplication of duplicate resources in a package. Only one copy of the same MD5 resource file is kept and the deduplicated resource file path is redirected to resources.
File de-focus on TikTok reduces 4050 files and the file size is reduced by 0.6MB. As TikTok optimizes resources in other aspects, the size of some resources itself is small, and the benefits of different applications are different, so the actual benefits shall be subject.
Text filtering
In addition to useless resource files, some string resources (including languages) are also invalid. These resources can also occupy the package size. These resources can be removed by changing the resources.
As it turns out, string resources account for the largest proportion of resources. By removing useless strings, this part earns considerable profits. On TikTok, the number of strings is reduced by 3,691 and 37 languages, and the maximum profit can reach 2.5m.
AabResGuard features and use
features
- Resource deduplication: Merges duplicate resource files to reduce package size.
- File filtering: Supports
bundle
Currently, only files in packets can be filteredMATE-INFO/
,lib/
Filtering under paths. - Whitelist: Resources in the whitelist whose names are not to be confused.
- Incremental obfuscation: Input
mapping
Files that support incremental obfuscation. - Copy deletion: Enter a string file split by line to remove copy and translation.
use
- Command line tool: Supports one-click input and output.
- Gradle pluginSupport:
gradle plugin
, using the original package command to perform obfuscation.
Gradle plugin
Build. Gradle (root project)
Build. Gradle (Application)
The aabResGuard plugin invades the bundle packaging process by executing the original packaging command.
Get the obfuscated bundle path from Gradle:
Command line support
AabResGuard provides JAR packages that can be executed directly from the command line.
Config. XML configuration file, whitelist supports regular expression:
For more command usage, go to command line support.
product
resources-mapping
The following is an example of a log file used to record a resource obfuscation rule:
- Res dir mapping:Obfuscation rules for storage resource file directories. Format: dir -> dir (
res/
The root directory should not be confused. - Res ID Mapping: Confusion rule for storage resource names. Format: resourceId: resourceName -> resourceName (resourceId is not read in when increments are confused)
- Res entries path mapping: Confusion rule for storage resource file paths. Format: resourceId: path -> path (If increments are confused, resourceId is not read in)
-duplicated.txt
The following is an example of a deduplicated resource file:
Outlook and Summary
AabResGuard is highly scalable, with functions such as “resource obfuscation”, “resource de-duplication”, “file filtering”, and “string filtering” running independently. The framework’s design makes AabResGuard not only a tool for resource obfuscation, but also an easy way to parse and update *. Aab files.
For example, in some cases we need to export a full APK package through AAB, in which case the exported APK will contain all resources, but we want only one dimension OF SO, we can filter 32-bit SO to generate a 64-bit AAB file to achieve this goal.
If you need to make secondary changes to *. Aab files for special needs, you can extend AabResGuard to do so quickly.
The resources
Android app bundle
AndResGuard
Aapt2
Bundletool
Shadow
Shrinking APKs, growing installs