Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to turn off all Android ProGuard features except obfuscation?

Google is suggesting that developers might want to obfuscate byte code:

http://android-developers.blogspot.com/2010/09/proguard-android-and-licensing-server.html

I followed Google's instructions to get an obfuscated Android app that, at first glance, seemed to work. But there were some strange bugs introduced that are not in the un-obfuscated app. I kept turning off ProGuard options to get to this configuration:

-dontoptimize -dontshrink -dontusemixedcaseclassnames -dontskipnonpubliclibraryclasses -dontpreverify -verbose

Still the bugs are there. Is there anything else I can turn off to get only pure obfuscation? Obfuscation would be nice, but I am willing to turn off ProGuard's other features.

like image 643
Androider Avatar asked Oct 01 '10 21:10

Androider


1 Answers

This is what I use:

-libraryjars ${android.jar}
-injars      temp.jar
-outjars    proguard.jar

#-printseeds: Prints the un-obfuscated filenames
-printseeds
-printmapping mapping-used-to-retrace-exceptions.txt
-verbose

#-dontusemixedcaseclassnames: Necessary when building on windows where x.class and X.class is the same file
-dontusemixedcaseclassnames

#-repackageclasses: Adds further obfuscation, Counter-indication: classes that look for resource files in their package directories will no longer work properly if they are moved elsewhere. When in doubt, just leave the packaging untouched by not using this option.
-repackageclasses ''

#-dontskipnonpubliclibraryclasses: Counter-indication: you probably shouldn't use this option when processing code that is to be used as a library, since classes and class members that weren't designed to be public in the API may become public.
-dontskipnonpubliclibraryclasses

-keep public class * extends android.app.Activity
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep class * extends android.view.View { 
  public <init>(android.content.Context); 
  public <init>(android.content.Context, android.util.AttributeSet); 
  public <init>(android.content.Context, android.util.AttributeSet, int); 
  public void set*(...); 
}
-keep class * extends android.preference.Preference { 
  public <init>(android.content.Context); 
  public <init>(android.content.Context, android.util.AttributeSet); 
  public <init>(android.content.Context, android.util.AttributeSet, int); 
  public void set*(...); 
}    
# LVL License binder class
-keep class com.android.vending.licensing.ILicensingService    
# This is necessary for LVL among others. According to proguard doc java accesses enum fields by introspection.
-keepclassmembers enum * {
    public static **[] values();
    public static ** valueOf(java.lang.String);
}
#Optimization settings
-dontoptimize

It obfuscates but keeps public the public methods and class name of classes needed by Android. As you requested it does not optimize - optimizations are more likely to break your program due to removed methods and constructors.

If you want to try out including optimizations here's what I do (remember to remove the -dontoptimize option above)

#Optimization settings    
# Keep (ie. don't remove) all public constructors of all public classes, but still obfuscate+optimize their content. This is necessary because optimization removes constructors which I use through reflection.
-keepclassmembers class * {
    <init>(...);
}

-optimizationpasses 7
-allowaccessmodification
# The -optimizations option disables some arithmetic simplifications that Dalvik 1.0 and 1.5 can't handle. 
-optimizations !code/simplification/arithmetic 

I use proguard 4.5, but other versions probably work just as well.

like image 54
arberg Avatar answered Nov 14 '22 22:11

arberg