一、为什么要加入混淆机制?
为了防止apk被反编译后,很容易被其他人看懂。
混淆机制的本质是什么?
把原来有具体含义的类名,变量名,方法名,修改成让人看不懂的名字,例如方法名getUserName编程了方法名a
二、如何混淆代码
Android工程目录下有两个文件,project.properties,proguard-project.txt
1、project.properties(工程目录下)内容如下:
# This file is automatically generated by Android Tools.# Do not modify this file -- YOUR CHANGES WILL BE ERASED!## This file must be checked in Version Control Systems.## To customize properties used by the Ant build system edit# "ant.properties", and override values to adapt the script to your# project structure.## To enable ProGuard to shrink and obfuscate your code, uncomment this (available properties: sdk.dir, user.home):# proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt# Project target.target=android-18
# To enable ProGuard to shrink and obfuscate your code, uncomment this (available properties: sdk.dir, user.home):
也就是说,如果你要混淆和压缩代码,那么就取消下面一行的注释。
proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt
此行指定了混淆代码的配置文件,是/home/jltxgcy/android-sdk-linux/tools/proguard/proguard-android.txt。如果想优化你的代码,配置文件换成/home/jltxgcy/android-sdk-linux/tools/proguard/proguard-android-optimize.txt。
冒号后面就是自定义混淆规则文件,如下:
2、proguard-project.txt(工程目录下)
# To enable ProGuard in your project, edit project.properties# to define the proguard.config property as described in that file.## Add project specific ProGuard rules here.# By default, the flags in this file are appended to flags specified# in ${sdk.dir}/tools/proguard/proguard-android.txt# You can edit the include path and order by changing the ProGuard# include property in project.properties.## For more details, see# http://developer.android.com/guide/developing/tools/proguard.html# Add any project specific keep options here:# If your project uses WebView with JS, uncomment the following# and specify the fully qualified class name to the JavaScript interface# class:#-keepclassmembers class fqcn.of.javascript.interface.for.webview {# public *;#}
# Add project specific ProGuard rules here.# By default, the flags in this file are appended to flags specified# in ${sdk.dir}/tools/proguard/proguard-android.txt增加自定义混淆机制,默认情况下,这里的规则会被附加到/home/jltxgcy/android-sdk-linux/tools/proguard/proguard-android.txt后面。
3、导出混淆后的apk
默认的debug版本的apk是不包含混淆信息的,所以要产生release版本的apk,点击右键,选择Android Tools->Export Signed Application Package,此时导出的apk是包含混淆信息的。
三、实例分析
1、project.properties如下:
# This file is automatically generated by Android Tools.# Do not modify this file -- YOUR CHANGES WILL BE ERASED!## This file must be checked in Version Control Systems.## To customize properties used by the Ant build system edit# "ant.properties", and override values to adapt the script to your# project structure.## To enable ProGuard to shrink and obfuscate your code, uncomment this (available properties: sdk.dir, user.home):proguard.config=${sdk.dir}/tools/proguard/proguard-android-optimize.txt:proguard-project.txt# Project target.target=android-18
2、proguard-project.txt如下:
# To enable ProGuard in your project, edit project.properties# to define the proguard.config property as described in that file.## Add project specific ProGuard rules here.# By default, the flags in this file are appended to flags specified# in ${sdk.dir}/tools/proguard/proguard-android.txt# You can edit the include path and order by changing the ProGuard# include property in project.properties.## For more details, see# http://developer.android.com/guide/developing/tools/proguard.html# Add any project specific keep options here:# If your project uses WebView with JS, uncomment the following# and specify the fully qualified class name to the JavaScript interface# class:#-keepclassmembers class fqcn.of.javascript.interface.for.webview {# public *;#}-keep public class * extends android.app.Activity #保留继承Activity类的类名-keep public class * extends android.app.Application #保留继承Application类的类名#-keepclassmembers class com.jltxgcy.crack.MainActivity$SNChecker {# public boolean isRegistered();#}-keep class android.support.v4.** { *; }//保留这个第三方jar包不被混淆-keep interface android.support.v4.** { *; }
3、/home/jltxgcy/android-sdk-linux/tools/proguard/proguard-android-optimize.txt如下:
# This is a configuration file for ProGuard.# http://proguard.sourceforge.net/index.html#manual/usage.html# Optimizations: If you don't want to optimize, use the# proguard-android.txt configuration file instead of this one, which# turns off the optimization flags. Adding optimization introduces# certain risks, since for example not all optimizations performed by# ProGuard works on all versions of Dalvik. The following flags turn# off various optimizations known to have issues, but the list may not# be complete or up to date. (The "arithmetic" optimization can be# used if you are only targeting Android 2.0 or later.) Make sure you# test thoroughly if you go this route.-optimizations !code/simplification/arithmetic,!code/simplification/cast,!field/*,!class/merging/*-optimizationpasses 5-allowaccessmodification-dontpreverify# The remainder of this file is identical to the non-optimized version# of the Proguard configuration file (except that the other file has# flags to turn off optimization).-dontusemixedcaseclassnames-dontskipnonpubliclibraryclasses-verbose-keepattributes *Annotation*-keep public class com.google.vending.licensing.ILicensingService -keep public class com.android.vending.licensing.ILicensingService# For native methods, see http://proguard.sourceforge.net/manual/examples.html#native-keepclasseswithmembernames class * { #保留native的方法的方法名和包含native方法的类的类名不变 native <methods>;}# keep setters in Views so that animations can still work.# see http://proguard.sourceforge.net/manual/examples.html#beans-keepclassmembers public class * extends android.view.View {#保留继承于View的类中set*和get*方法的方法名不变 void set*(***); *** get*();}# We want to keep methods in Activity that could be used in the XML attribute onClick-keepclassmembers class * extends android.app.Activity { #保留继承于Activity的类中以View为参数,返回值是void的方法的方法名 public void *(android.view.View);}# For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations-keepclassmembers enum * { public static **[] values(); public static ** valueOf(java.lang.String);}-keep class * implements android.os.Parcelable { #保留实现了Parcelable接口的类的类名以及Parcelable$Createor内部类的类名 public static final android.os.Parcelable$Creator *;}-keepclassmembers class **.R$* { #保留R$*类中静态字段的字段名 public static <fields>;}# The support library contains references to newer platform versions.# Don't warn about those in case this app is linking against an older# platform version. We know about them, and they are safe.-dontwarn android.support.**
4、导出签名的apk,命名为CrackApk01.apk。
5、在proguard-project.txt中去掉注释
-keepclassmembers class com.jltxgcy.crack.MainActivity$SNChecker { public boolean isRegistered();}再次导出签名的apk,命名为CrackApk02.apk。
四、proguard-android-optimize.txt和proguard-project.txt说明
-keep class 保留类名
-keepclassmembers 保留类中的方法或者字段名
-keepclasseswithmembernames 保留类名和类中的方法或者字段名
此部分详见:http://proguard.sourceforge.net/index.html#manual/examples.html
五、工程源码下载
http://download.csdn.net/detail/jltxgcy/7125411