Obfuscated code can effectively increase the difficulty of project decompilation, and at the same time, it can also appropriately reduce the size of apk, which is especially important in the actual development process. After a long period of exploration, I have a certain understanding of code obfuscation. Write down my personal experience below:
1. An important file for code confusion: proguard-rules.pro, if you accidentally delete it, copy it from another place or create one yourself.
2. Turn on obfuscation:
Set buildTypes->release->minifyEnabled under build.gradle to true to enable code obfuscation
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}3. The meaning of each configuration in the proguard-rules.pro file
Explain some meanings before configuring
- -keep keep the target from being obfuscated
- * Wildcard, means all, extended: set* means start with set, *onEvent* means contains onEvent keyword
- <init> represents the construction method
- Methods in the <methods> class
- Attributes in the <fields> class
- $ delimiter, identifies inner class
- -keepclasseswithmembers keep members of classes
(The # sign is added before the configuration item to indicate a comment)
-optimizationpasses 5 # 指定代码的压缩级别
-dontusemixedcaseclassnames # 是否使用大小写混合
-dontskipnonpubliclibraryclasses # 是否混淆第三方jar(建议注释掉)
-dontpreverify # 混淆时是否做预校验
-verbose # 混淆时是否记录日志
-optimizations !code/simplification/arithmetic,!field/*,!class/merging/* # 混淆时所采用的算法
-keep public class * extends **** # 保持哪些类不被混淆
-keepclasseswithmembernames class * { # 保持 native 方法不被混淆
native <methods>;
}
-keepclasseswithmembers class * { # 保持自定义控件类不被混淆
public <init>(android.content.Context, android.util.AttributeSet);
}
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet, int); # 保持自定义控件类不被混淆
}
-keepclassmembers class * extends android.app.Activity { # 保持自定义控件类不被混淆
public void *(android.view.View);
}
-keepclassmembers enum * { # 保持枚举 enum 类不被混淆
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keep class * implements android.os.Parcelable { # 保持 Parcelable 不被混淆
public static final android.os.Parcelable$Creator *;
}
#使用WebView时JavascriptInterface不被混淆,同时需要保证自定义的JS与原生交互的接口对象不被混淆
-keepattributes *JavascriptInterface*
#保证R文件不混淆
-keep public class [你的应用包名].R$*{ public static final int *;}
-keep class MyClass; # 保持自己定义的类不被混淆4. Add the declaration of the code that does not need to be confused in proguard-rules.pro:
a. Declare the parts you don’t need to confuse. Some classes will fail to compile if they are conflated.
-keep public class * extends android.app.Fragment
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.app.backup.BackupAgentHelper
-keep public class * extends android.preference.Preference
-keep public class * extends android.support.v4.**
-keep public class com.android.vending.licensing.ILicensingServiceThe above are the basic components and dependencies of android
b. The class of the Model layer (entity) is recommended not to be confused
-keep class com.test.model.** { *; }
-keep class com.test.domain.** { *; } # 具体看实际项目包名和类c. It is not recommended to confuse third-party packages
Third-party library libraries are generally already confused, so there is no need to confuse them again
#示例:百度地图SDK
-keep class com.baidu.** { *; }
-keep class vi.com.gdi.bgl.android.**{*;}
#其他第三方lib混淆规则请参照它们的官方文档
In summary, use -keep plus what you want to keep.
Here's another way to quickly configure confusion, using the annotation @Keep
1. We need to import before using the @Keep annotation (the AndroidX dependency is already built-in, so there is no need to introduce the following dependencies)
compile 'com.android.support:support-annotations:{version}'2. Add the following configuration in proguard-rules.pro
-dontwarn android.support.annotation.Keep
#保留注解
-keepattributes *Annotation*
-keep @android.support.annotation.Keep class ** #保留@Keep注解的类以及它的属性方法不被混淆3. Use the @Keep annotation on the things we want to keep
@Keep
public class Test {
private String name;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}In the above code, we set to keep the Test class, so it will not be confused when packaging
What should we do if we only want to keep its attributes or methods, and the class name is confused? as follows
Modify the following configuration in proguard-rules.pro:
-keep @android.support.annotation.Keep class **{
@android.support.annotation.Keep <fields>; #保留类里面被@Keep注解的属性
@android.support.annotation.Keep <methods>; #保留类里面被@Keep注解的方法
}then in the code
public class Test {
@Keep
private String name;
@Keep
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}In the above code, the name attribute and the getName() method are kept from being confused, and the class name Test and method name setName() are still confused.
Well, the code obfuscation summary is almost like this, I hope it will be helpful to everyone!