Android 代码混淆
2016-05-26 14:49
435 查看
1.为什么要混淆
作为Android应用开发者,不得不面对一个尴尬的局面,就是自己辛辛苦苦开发的应用可以被别人很轻易的就反编译出来。Google似乎也发现了这个问题,从SDK2.3开始我们可以看到在android-sdk-windows\tools\下面多了一个proguard文件夹。
proguard是一个java代码混淆的工具,通过proguard,别人即使反编译你的apk包,也只会看到一些让人很难看懂的代码,从而达到保护代码的作用。
2.怎么混淆
打包的配置文件build.gradle里面的一段配置代码
minifyEnabled 为true就会在打包的时候进行代码混淆处理
proguardFiles getDefaultProguardFile(‘proguard-android.txt’), ‘proguard-rules.pro’
getDefaultProguardFile(‘proguard-android.txt’) 加载默认混淆配置文件,再E:\tools\adt-bundle-windows-x86_64-20140624\sdk\tools\proguard 下
proguard-rules.pro 自定义混淆文件
3.自定义混淆配置
引用的第三方库一般在说明文档里面会有使用的时候的混淆说明,注意拷到自定义混淆文件中;
webview JPush gson xutils3 #baidu location v4包# Add project specific ProGuard rules here. # By default, the flags in this file are appended to flags specified # in /Users/jacky/Documents/Android_env/eclipse_env/android-sdk-macosx/tools/proguard/proguard-android.txt # You can edit the include path and order by changing the proguardFiles # directive in build.gradle. # # For more details, see # http://developer.android.com/guide/developing/tools/proguard.html # Add any project specific keep options here: # If your project uses WebView with JS, uncomment the following # and specify the fully qualified class name to the JavaScript interface # class: #-keepclassmembers class fqcn.of.javascript.interface.for.webview { # public *; #} # webview + js -keepattributes *JavascriptInterface* # keep 使用 webview 的类 -keepclassmembers class com.cmcc.iot.gatwaycloud.CommonWebviewActivity { public *; } # keep 使用 webview 的类的所有的内部类 -keepclassmembers class com.cmcc.iot.gatwaycloud.CommonWebviewActivity*{ *; } #JPush -dontwarn cn.jpush.** -keep class cn.jpush.** { *; } #==================gson========================== -dontwarn com.google.** -keep class com.google.gson.** {*;} #==================protobuf====================== -dontwarn com.google.** -keep class com.google.protobuf.** {*;} ################### region for xUtils -keepattributes Signature,*Annotation* -keep public class org.xutils.** { public protected *; } -keep public interface org.xutils.** { public protected *; } -keepclassmembers class * extends org.xutils.** { public protected *; } -keepclassmembers @org.xutils.db.annotation.* class * {*;} -keepclassmembers @org.xutils.http.annotation.* class * {*;} -keepclassmembers class * { @org.xutils.view.annotation.Event <methods>; } #################### end region ##---------------Begin: proguard configuration for Gson ---------- # Gson uses generic type information stored in a class file when working with fields. Proguard # removes such information by default, so configure it to keep all of it. -keepattributes Signature # For using GSON @Expose annotation -keepattributes *Annotation* # Gson specific classes -keep class sun.misc.Unsafe { *; } #-keep class com.google.gson.stream.** { *; } # Application classes that will be serialized/deserialized over Gson -keep class com.cmcc.iot.gatwaycloud.http.request.** { *; } -keep class com.cmcc.iot.gatwaycloud.http.response.** { *; } ##---------------End: proguard configuration for Gson ---------- # Explicitly preserve all serialization members. The Serializable interface # is only a marker interface, so it wouldn't save them. -keepclassmembers class * implements java.io.Serializable { static final long serialVersionUID; private static final java.io.ObjectStreamField[] serialPersistentFields; private void writeObject(java.io.ObjectOutputStream); private void readObject(java.io.ObjectInputStream); java.lang.Object writeReplace(); java.lang.Object readResolve(); } -keep public class * implements java.io.Serializable {*;} #baidu location -keep class com.baidu.** { *; } -keep class vi.com.gdi.bgl.android.**{*;} #baidu location # 保持哪些类不被混淆 -keep public class * extends android.app.Fragment -keep public class * extends android.app.Activity -keep public class * extends android.app.Application -keep public class * extends android.app.Service -keep public class * extends android.content.BroadcastReceiver -keep public class * extends android.content.ContentProvider -keep public class * extends android.app.backup.BackupAgentHelper -keep public class * extends android.preference.Preference #如果有引用v4包可以添加下面这行 -keep public class * extends android.support.v4.app.Fragment -keepclasseswithmembers class * { # 保持自定义控件类不被混淆 public <init>(android.content.Context, android.util.AttributeSet); } -keepclasseswithmembers class * {# 保持自定义控件类不被混淆 public <init>(android.content.Context, android.util.AttributeSet, int); }
参考链接:
1. Android studio 使用心得(五)—代码混淆和破解apk
http://my.oschina.net/aibenben/blog/371889
2.Android之混淆心得与亲身体验
http://www.cnblogs.com/lee0oo0/archive/2013/12/04/3457877.html
3.anroid 使用 Gson 混淆 遇到的bug 总结
http://www.cnblogs.com/dyllove98/archive/2013/07/25/3215037.html
4.日积月累:Proguard进行源代码混淆和崩溃日志反混淆
http://blog.csdn.net/p106786860/article/details/11974863
相关文章推荐
- 第三方开源--Android Image Cropper--图片裁剪
- Android源码问题集锦
- android 开发心得杂记
- Android多媒体(二) 多段Mp4文件拼接 我用双手成就你的梦想
- Android 释放资源和进程的优先级顺序
- Android基于Zxing实现二维码,条形码扫描和生成二维码
- Error:Cause: org/gradle/api/publication/maven/internal/DefaultMavenFactory Android
- 安装android studio遇到的问题及解决方案
- Android Activity调用Dialog后的返回值方法
- Android中进程和线程解析,不是想象的那样
- Android源码解析setContentView
- 以Android源码分析初识UML(一)
- Android Context 原理
- android meta-data获取
- Android的4种文件类型Java,class,dex,apk
- android 验证字符串是否是手机号
- android分屏功能
- Android自定义可长按 可点击不可拖动的SeekBar
- [Android Studio 权威教程]断点调试和高级调试
- ImageView