在Android开发中, 经常使用别人的第三方库, 开发完成后, 我们需要对apk进行压缩, 混淆, 这样别人就很难看懂你的代码了, 就算反编译过来也看不懂(大牛除外). 下面收集一些目前我正在使用的混淆字段, 我有个项目apk是10M, 压缩混淆后只有3.4M, 很爽的哟.
开启压缩和混淆
要开启混淆, 一般只需要把minifyEnabled设置为true就好了.
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}
常用库混淆
- agentweb
-keep class com.just.agentweb.** { *;
}
-dontwarn com.just.agentweb.**
-dontwarn javax.annotation.** -dontwarn javax.inject.**
- OkHttp3
-dontwarn okhttp3.logging.** -keep class okhttp3.internal.**{*;} -dontwarn okio.**
- Retrofit
-dontwarn retrofit2.** -keep class retrofit2.** { *; } -keepattributes Signature-keepattributes -keep class io.haobi.wallet.network.** { *; }
- RxJava RxAndroid
-dontwarn sun.misc.**
-keepclassmembers class rx.internal.util.unsafe.*ArrayQueue*Field* {
long producerIndex;
long consumerIndex;
}
-keepclassmembers class rx.internal.util.unsafe.BaseLinkedQueueProducerNodeRef {
rx.internal.util.atomic.LinkedQueueNode producerNode;
}
-keepclassmembers class rx.internal.util.unsafe.BaseLinkedQueueConsumerNodeRef {
rx.internal.util.atomic.LinkedQueueNode consumerNode;
}
- Gson
-keepattributes EnclosingMethod -keep class io.haobi.wallet.beans.** { *; } -keep class sun.misc.Unsafe { *; } -keep class com.google.gson.stream.** { *; } -keep class com.google.gson.examples.android.model.** { *; } -keep class com.google.gson.** { *;}
- EventBus
-keepattributes *Annotation*
-keepclassmembers class * {
@org.greenrobot.eventbus.Subscribe <methods>;
}
-keep enum org.greenrobot.eventbus.ThreadMode { *; }
# Only required if you use AsyncExecutor
-keepclassmembers class * extends org.greenrobot.eventbus.util.ThrowableFailureEvent {
<init>(java.lang.Throwable);
}
- LRecyclerview
-dontwarn com.github.jdsjlzx.**
-keep class com.github.jdsjlzx.progressindicator.indicators.** { *; }
- Glide
-keep public class * implements com.bumptech.glide.module.GlideModule -keep public class * extends com.bumptech.glide.module.AppGlideModule -keep public enum com.bumptech.glide.load.ImageHeaderParser$** {
**[] $VALUES;
public *;
}
- bitcoinj
-keep,includedescriptorclasses class org.bitcoinj.wallet.Protos$** { *; }
-keepclassmembers class org.bitcoinj.wallet.Protos { com.google.protobuf.Descriptors$FileDescriptor descriptor; }
-keep,includedescriptorclasses class org.bitcoin.protocols.payments.Protos$** { *; }
-keepclassmembers class org.bitcoin.protocols.payments.Protos { com.google.protobuf.Descriptors$FileDescriptor descriptor; }
-dontwarn org.bitcoinj.store.WindowsMMapHack
-dontwarn org.bitcoinj.store.LevelDBBlockStore
-dontnote org.bitcoinj.crypto.DRMWorkaround
-dontnote org.bitcoinj.crypto.TrustStoreLoader$DefaultTrustStoreLoader
-dontnote com.subgraph.orchid.crypto.PRNGFixes
-dontwarn okio.DeflaterSink
-dontwarn okio.Okio
-dontnote com.squareup.okhttp.internal.Platform
-dontwarn org.bitcoinj.store.LevelDBFullPrunedBlockStore**
- Spongycastle
-dontwarn org.spongycastle.**
- jackson
-keepnames class com.fasterxml.jackson.** {
*;
}
-keepnames interface com.fasterxml.jackson.** {
*;
}
-dontwarn com.fasterxml.jackson.databind.**
- slf4j
-keep class org.slf4j.** { *; } -dontwarn org.slf4j.**
- android-support
-dontwarn android.support.**
-dontnote android.support.**
-keep class android.support.v7.widget.RoundRectDrawable { *; }
-keepclassmembers class **.R$* {
public static <fields>;
}
-keepclassmembers class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator CREATOR;
}
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keepclasseswithmembernames,includedescriptorclasses class * {
native <methods>;
}
-keepclassmembers,includedescriptorclasses public class * extends android.view.View {
void set*(***);
*** get*();
}
-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);
}
-keepclassmembers class * implements java.io.Serializable {
private static final java.io.ObjectStreamField[] serialPersistentFields;
private void writeObject(java.io.ObjectOutputStream);
private void readObject(java.io.ObjectInputStream);
java.lang.Object writeReplace();
java.lang.Object readResolve();
}
神混淆-自定义字典
通常我们反编译的混淆后java代码, 会依稀看清楚某些代码构成, 这对于代码保护不利, 那么应该怎么办呢? 还有种神混淆, 那么就是自定义混淆字典.我们先来看一下他们的区别
- 自定义字典前
- 自定义字典后
感觉如何? 是不是很让人头大, 那么应该如何实现这种效果呢? 这个时候就需要一个自定义混淆字典了. 只需要在混淆文件里面加入以下代码
-obfuscationdictionary dic.txt -classobfuscationdictionary dic.txt -packageobfuscationdictionary dic.txt
dic.txt的位置在项目根目录/app/dic.txt, 是不是很简单啦? 自定义字典下载地址:dic.txt