Google is suggesting that developers might want to obfuscate byte code:
http://android-developers.blogspot.com/2010/09/proguard-android-and-licensing-server.html
I followed Google's instructions to get an obfuscated Android app that, at first glance, seemed to work. But there were some strange bugs introduced that are not in the un-obfuscated app. I kept turning off ProGuard options to get to this configuration:
-dontoptimize -dontshrink -dontusemixedcaseclassnames -dontskipnonpubliclibraryclasses -dontpreverify -verbose
Still the bugs are there. Is there anything else I can turn off to get only pure obfuscation? Obfuscation would be nice, but I am willing to turn off ProGuard's other features.
This is what I use:
-libraryjars ${android.jar}
-injars temp.jar
-outjars proguard.jar
#-printseeds: Prints the un-obfuscated filenames
-printseeds
-printmapping mapping-used-to-retrace-exceptions.txt
-verbose
#-dontusemixedcaseclassnames: Necessary when building on windows where x.class and X.class is the same file
-dontusemixedcaseclassnames
#-repackageclasses: Adds further obfuscation, Counter-indication: classes that look for resource files in their package directories will no longer work properly if they are moved elsewhere. When in doubt, just leave the packaging untouched by not using this option.
-repackageclasses ''
#-dontskipnonpubliclibraryclasses: Counter-indication: you probably shouldn't use this option when processing code that is to be used as a library, since classes and class members that weren't designed to be public in the API may become public.
-dontskipnonpubliclibraryclasses
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep class * extends android.view.View {
public <init>(android.content.Context);
public <init>(android.content.Context, android.util.AttributeSet);
public <init>(android.content.Context, android.util.AttributeSet, int);
public void set*(...);
}
-keep class * extends android.preference.Preference {
public <init>(android.content.Context);
public <init>(android.content.Context, android.util.AttributeSet);
public <init>(android.content.Context, android.util.AttributeSet, int);
public void set*(...);
}
# LVL License binder class
-keep class com.android.vending.licensing.ILicensingService
# This is necessary for LVL among others. According to proguard doc java accesses enum fields by introspection.
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
#Optimization settings
-dontoptimize
It obfuscates but keeps public the public methods and class name of classes needed by Android. As you requested it does not optimize - optimizations are more likely to break your program due to removed methods and constructors.
If you want to try out including optimizations here's what I do (remember to remove the -dontoptimize option above)
#Optimization settings
# Keep (ie. don't remove) all public constructors of all public classes, but still obfuscate+optimize their content. This is necessary because optimization removes constructors which I use through reflection.
-keepclassmembers class * {
<init>(...);
}
-optimizationpasses 7
-allowaccessmodification
# The -optimizations option disables some arithmetic simplifications that Dalvik 1.0 and 1.5 can't handle.
-optimizations !code/simplification/arithmetic
I use proguard 4.5, but other versions probably work just as well.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With