Code obfuscation + Signature packaging in Android studio environment

Code obfuscation + Signature packaging in Android studio environment The author mr_ Mr. Feng's concern 2016.08.21 01:10 Words 1040 Read 734 comments 5 likes

Note: The version of Android Studio used in this article is 2.1.2.

To do a company project, you need to code the project to confuse + signature packaging, and then a variety of collection to view data, is a small result. The weekend is nothing to think of summing up the later use can do reference. If there is a wrong place please God guide ...

One, code confusion

Android Studio for code obfuscation needs to be configured in two places: 1. Add your own obfuscation rules to the Proguard-rules.pro file under the corresponding module, 2, modify the Build.gradle under the corresponding module;

1. Add Confusion Rule

has been added in my Code obfuscation rules (for reference only)

#--------------------------1. Entity class---------------------------------

-keepclasscom.package.bean.**{*;}

#--------------------------2. Third Party Package-------------------------------

#Gson
-keepattributes Signature
-keepattributes *annotation*
-keep class Sun.misc.Unsafe {*;}
-keep class com.google.gson.stream.** {*;}
-keep class com.google.gson.examples.android.model.** {*;}
-keep class Com.google.gson.* {*;}
-dontwarncom.google.gson.**

#umeng
-dontwarncom.umeng.**
-keepclasscom.umeng.**{*;}
-keepclassu.aly.**{*;}
-keepclasscom.google.**{*;}

#nineoldandroids
-dontwarncom.nineoldandroids.*
-keepclasscom.nineoldandroids.**{*;}

#weixin
-dontwarncom.tencent.mm.**
-keepclasscom.tencent.mm.**{*;}

#JGPUSH
-dontwarn cn.jpush.**
-keep class cn.jpush.** {*;}
-dontwarn com.google.**
-keep class com.google.protobuf.** {*;}
-keep class com.google.gson.** {*;}

#-------------------------3. Classes that are called to each other with JS------------------------

#-------------------------4. Reflection-related classes and methods----------------------

#-------------------------5. Basic no-Move area--------------------------

#指定代码的压缩级别
-optimizationpasses5

#不去忽略非公共的库类
-dontskipnonpubliclibraryclasses
-dontskipnonpubliclibraryclassmembers

# Whether to use case blending
-dontusemixedcaseclassnames

#预校验
-dontpreverify

#混淆时是否记录日志
-verbose

#忽略警告 to avoid certain warnings when packaging occurs
-ignorewarning

# algorithms used in obfuscation
-optimizations!code/simplification/arithmetic,!field/*,!class/merging/*

#保护注解
-keepattributes *annotation*

#记录生成的日志数据, the Gradle build is output at the root of this project
#apk the internal structure of all classes within the package
-dump Class_files.txt
#未混淆的类和成员
-printseeds Seeds.txt
#列出从 the code removed from the APK
-printusage Unused.txt
#混淆前后的映射
-printmapping Mapping.txt

#-----------------------------6. Default Reserved Area-----------------------

# Keep What classes are not confused
-keep public class * extends Android.app.Activity
-keep public class * extends Android.app.Fragment
-keep public class * extends Android.app.Application
-keep public class * extends Android.app.Service
-keep public class * extends Android.content.BroadcastReceiver
-keep public class * extends Android.content.ContentProvider
-keep public class * extends Android.app.backup.BackupAgentHelper
-keep public class * extends Android.preference.Preference
-keep public class Com.android.vending.licensing.ILicensingService

#如果有引用v4, V7 package can add the following line
-keep publicclass*extendsandroid.support.*

-keepclasseswithmembersclass*{
Public (Android.content.context,android.util.attributeset);
Public (Android.content.context,android.util.attributeset,int);
}

-keepclassmembers class * Implements Java.io.Serializable {
Static final long serialversionuid;
private static final java.io.objectstreamfield[] Serialpersistentfields;
private void WriteObject (Java.io.ObjectOutputStream);
private void ReadObject (Java.io.ObjectInputStream);
Java.lang.Object Writereplace ();
Java.lang.Object Readresolve ();
}

# Keep The native method not to be confused
-keepclasseswithmembernamesclass*{
Native
}

# Keep your custom control classes from being confused
-keepclasseswithmembersclass*{
Public (Android.content.context,android.util.attributeset);
}
# Keep your custom control classes from being confused
-keepclasseswithmembersclass*{
Public (Android.content.context,android.util.attributeset,int);
}
# Keep your custom control classes from being confused
-keepclassmembersclass*extendsandroid.app.activity{
publicvoid* (Android.view.View);
}

# keep Enum enum class not to be confused
-keepclassmembersenum*{
Publicstatic**[]values ();
Publicstatic**valueof (java.lang.String);
}

# Keep Parcelable not be confused
-keepclass*implementsandroid.os.parcelable{
Publicstaticfinalandroid.os.parcelable$creator *;
}

#---------------------------7.webview-----------------------

-keepclassmembersclassfqcn.of.javascript.interface.for.webview{
public*;
}

-keepclassmembersclass*extendsandroid.webkit.webviewclient{
publicvoid* (ANDROID.WEBKIT.WEBVIEW,JAVA.LANG.STRING,ANDROID.GRAPHICS.BITMAP);
publicboolean* (android.webkit.webview,java.lang.string);
}

-keepclassmembersclass*extendsandroid.webkit.webviewclient{
publicvoid* (android.webkit.webview,jav.lang.string);
}

#-----------------------------End-------------------------------

2. Modify the Gradle file

Locate the corresponding Build.gradle file under the module that will be packaged as follows:

Correspondence Gradle

Open Gradle Modify the corresponding content such as:

Gradle the corresponding obfuscation configuration file within the

The code obfuscation switch is turned off by default when you create a new Android studio project, so we need to set the minifyenabled switch to true in the Build.gradle file, as shown in, where all the preparation for confusing the code is complete, The code is not confused when the signature is packaged;

Second, signature packaging:

Follow these steps to package your signature:

1. Under Build, select the signature apk

Select Signature Package

2. Select New KeyStore or use existing KeyStore:

New KeyStore
Select an existing KeyStore

The first signature packaging will appear, at present is just a random set of a password, it is not clear what the role of, (if any big God know, please inform, in advance thanked ~)

Master Password

Select the output location of the signature pack apk

Select Output APK location

So far the code obfuscation + signature package has all been done, and to verify that your apk is being confused you need to decompile it yourself and then validate it ~

Code obfuscation + Signature packaging in Android studio environment