android Application的防反編譯Proguard和應用簽名

來源:互聯網
上載者:User

android APK防止反編譯:

在android2.3之後的版本建立項目中會自動產生proguard.cfg和project.properties檔案,proguard.cfg檔案是混淆java代碼的設定檔,裡面對不需要混淆代碼的類檔案進行配置過濾,project.properties檔案裡設定android項目對應的版本和proguard.cfg的路徑。

1.貼上自動產生的proguard.cfg檔案的內容:

-optimizationpasses 5
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-dontpreverify
-verbose
-optimizations !code/simplification/arithmetic,!field/*,!class/merging/*


-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.app.backup.BackupAgentHelper
-keep public class * extends android.preference.Preference
-keep public class com.android.vending.licensing.ILicensingService


-keepclasseswithmembernames class * {
    native <methods>;
}


-keepclasseswithmembers class * {
    public <init>(android.content.Context, android.util.AttributeSet);
}


-keepclasseswithmembers class * {
    public <init>(android.content.Context, android.util.AttributeSet, int);
}


-keepclassmembers class * extends android.app.Activity {
   public void *(android.view.View);
}


-keepclassmembers enum * {
    public static **[] values();
    public static ** valueOf(java.lang.String);
}


-keep class * implements android.os.Parcelable {
  public static final android.os.Parcelable$Creator *;
}

<-----------系統預設proguard.cfg說明--------------------->


For some situations, the default configurations in the proguard.cfg file will suffice. However, many situations are hard for ProGuard to analyze correctly and it might remove code that it thinks is not used, but your application actually needs. Some examples include:

a class that is referenced only in the AndroidManifest.xml file(AndroidManifest.xml檔案中的引用類)
a method called from JNI(JNI調用的方法)
dynamically referenced fields and methods(動態引用的欄位和方法)
<-----------系統預設proguard.cfg說明--------------------->
從上面的配置代碼可以看出對Activity,Application,Service,BroadcastReceiver,ContentProvider,BackupAgentHelper,Preference,ILicensingService的子類不做代碼混淆處理(這些類可能被其他應用或系統應用調用)。混淆之後應用出現如ClassNotFoundException異常,可以在此檔案中添加過濾混淆代碼:

-keep public class <MyClass>
 2.在project.properties檔案:

# This file is automatically generated by Android Tools.
# Do not modify this file -- YOUR CHANGES WILL BE ERASED!
#
# This file must be checked in Version Control Systems.
#
# To customize properties used by the Ant build system edit
# "ant.properties", and override values to adapt the script to your
# project structure.
#
# To enable ProGuard to shrink and obfuscate your code, uncomment this (available properties: sdk.dir, user.home):
#proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt


# Project target.
target=android-10

 
3.App簽名
簽名主要用到的是JDK中提供的簽名工具keytool(路徑:your jdk path/bin/keytool)

keytool產生key.keystore簽名檔案的命令參數


Keytool Option  Description
-genkey  獲得金鑰組(私人密鑰和公用密鑰)
-v  啟用詳細輸出
-alias <alias_name>  別名
-keyalg <alg>  使用產生密鑰的密碼編譯演算法
-keysize <size>  密鑰長度
-dname <name> 
建立密鑰的描述

-keypass <password> 
密鑰密碼

-validity <valdays> 
密鑰有效期間

Note:推薦使用大於等於10000

-keystore <keystore-name>.keystore  輸出產生密鑰的.keystore檔案儲存路徑
-storepass <password> 
密鑰庫密碼,與-keypass對應

有了以上命令參數,下面執行命令進行應用簽名(以下為例):

keytool -genkey -v -keystore my-release-key.keystore
-alias alias_name -keyalg RSA -keysize 2048 -validity 10000
執行過程中有一些提示輸入資訊,輸入完成後.keystore檔案產生完畢。

4.匯出混淆的簽名應用

右擊項目:Android Tools--------------------->Export sined application package

選擇上一步產生的簽名檔案(.keystore)和輸入密鑰庫密碼,點擊下一步,選擇填寫Alias別名和密鑰密碼----->匯出APK對應的路徑-------->finish

到處截屏以後貼上。

查看驗證APK簽名:同樣是JDK工具jarsigner

jarsigner -verify my_signed.apk
如果出現的是CN=Android Debug,說明是調試密鑰產生簽名的apk

這樣一個混淆代碼後的簽名APK製作完畢。

 

 

聯繫我們

該頁面正文內容均來源於網絡整理,並不代表阿里雲官方的觀點,該頁面所提到的產品和服務也與阿里云無關,如果該頁面內容對您造成了困擾,歡迎寫郵件給我們,收到郵件我們將在5個工作日內處理。

如果您發現本社區中有涉嫌抄襲的內容,歡迎發送郵件至: info-contact@alibabacloud.com 進行舉報並提供相關證據,工作人員會在 5 個工作天內聯絡您,一經查實,本站將立刻刪除涉嫌侵權內容。

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.