Application packaging and signature obfuscation process for android development: android Process

Source: Internet
Author: User

Application packaging and signature obfuscation process for android development: android Process
After the project is almost done, it needs to be signed, and then obfuscation prevention is decompiled. By default, all the environments of the process are configured.
The main steps are as follows: 1. Generate the configuration file required for ant packaging. 2. Generate the keystore of the application signature. 3. Sign the apk. 3. Write the obfuscation file and confuse the code to prevent decompilation.
Step 1: generate the ant package configuration file and execute the command in the project root directory: android update project-path. Three directories will be automatically generated: build.xml,local.properties,proguard-project.txt, and an ant. properties file to be created by yourself.
A total of four files, build. xml: the default file generated by Ant, describes the packaging task and process. For the syntax, see click to open the link.
Local. properties: contains the local environment variable sdk. dir =/Users/Xx/Eclipse/adt-bundle-mac-x86_64-20131030/sdk
Proguard-project.txt: obfuscation file, obfuscation of code, syntax reference click to open the link
Ant. properties: configuration of the signature file.
After this step is completed, you can use ant to package the application. Go to the application root directory and run ant release. Then, the packaged apk will be generated under the bin directory, but there is no signature, at this time, no signature is configured.
Step 2: generate a keystore and configure the Signature command: keytool-genkey-keystore jason0539.keystore-keyalg RSA-validity 10000-alias jason0539.keystore and enter the keystore password: * ******** enter the new password again:
What is your first name and last name?
[Unknown]: blog.csdn.net/jason0539
What is the name of your organization?
[Unknown]: jason0539
What is your organization name?
[Unknown]: jason0539
What is the name of your city or region?
[Unknown]: Qinhuangdao
What is the name of your province/city/autonomous region?
[Unknown]: Hebei
What is the dual-letter country/region code for this unit? [Unknown]: CNCN = huodianditu.bmob.cn, OU = jason0539, O = jason0539, L = Qinhuangdao, ST = Hebei, C = CN are correct?
[No]: y
Enter the key password of <jason0539.keysotre> (if the password is the same as that of the keystore, press Enter): After you press enter, the jason0539.keystore file is generated in the directory, which is used to sign the application.

Command parameter description:

-Genkey generates the Certificate file-in the. keystore file of the keystore-keyalg specifies the algorithm of the key-validity as the number of valid days of the certificate. Here we write the code for 10000 days. -Alias generation
No echo is displayed when you enter the password. You only need to enter the password. Generally, 20 digits are recommended. Do not remember to use them later, Note:

1. CN (Common Name-Name and last Name): in fact, this "Name and last Name" should be a domain Name, such as localhost or blog.devep.net. Enter the name, and the domain name does not match the real operation, it will cause problems. When the browser accesses the site, a dialog box is displayed, prompting "the name on the security certificate is invalid or does not match the site name". You can choose to continue or browse the Web page. However, when you use an http client to write a program for access, an exception similar to "javax. servlet. ServletException: HTTPS hostname wrong: shocould be" will be thrown.


2. When using keytool to generate a digital certificate, ensure that the names of-keystore androidapp. keystore-alias androidapp. keystore must be the same. Otherwise, the following error occurs: jarsigner: The certificate chain of androidapp. keystore cannot be found. Androidapp. keystore must reference a valid keystore key entry that contains a private key and the corresponding public key certificate chain.
Step 3: Configure ant. properties, use keystore to sign the apk in ant. in the properties file, add the following content: key. store = jason0539.keystorekey. alias = jason0539.keystorekey. store. password = *** key. alias. password = *** android. library = false
The keystore is a private key library file. The key is the private key required for signature. Key. store. password is the password of the private key library. Key. alias. password is the password of the private key.
After this step is completed, run ant release on the command line and the package is successful. The package is signed and stored in the bin directory.
The problem encountered in this step: the first time the keystore of the alias is converted to keystroe, the result is always prompted build. xml: 1151: Signing key jason0539.keystore not found was deleted later. To regenerate a new keystore, the system prompts android Keystore was tampered with, or password was incorrect: password verification later realized that it may be related to the same names of the two keystores, and then deleted and re-generated one. The name is not jason0539.keystore, but changed to jason. keystore.
Step 4. obfuscation of Files

There is a line of commented-out code in project. properties as follows:

proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt

Write the project proguard-project.txt for obfuscation. For details about the obfuscation syntax, refer to click to open the link. Note that if a third-party jar package, such as Baidu map, is used in the project, ensure that some classes are not obfuscated, otherwise, crash will be triggered. For specific classes to be maintained, instructions will be provided on the Baidu open platform. You can simply go to the official website of the corresponding jar package. If a lot of third-party sdks are used, crash may occur when the application is started after obfuscation. We recommend that you find the problematic sdk Based on the log and check the obfuscation precautions on the corresponding open platform, protect the classes to be maintained. By the way, it is okay to configure all third-party sdks.
For more information, see compile and package android projects using ant scripts.
Android proguard
Ant usage Summary


Author: jason0539

Blog: http://blog.csdn.net/jason0539 (reprinted please explain the source)

Scan the QR code to follow the public account.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.