android 代码混淆与安全

android 代码混淆与安全

作者: Skypew | 来源:发表于2017-07-17 09:31 被阅读16次

Android 高级混淆和代码保护技术

参考 :

proguard (压缩 优化 混淆 预检测)

proguard 工具 是用于压缩,优化,混淆我们的代码,主作用 是用于移除代码中的无用类,字段,方法和属性同时可以 混淆


EntryPoint 一种功能 在proguard过程中不会被处理的类或方法


# Add project specific ProGuard rules here.
# By default, the flags in this file are appended to flags specified
# in E:\AndroidSdk/tools/proguard/proguard-android.txt
# You can edit the include path and order by changing the proguardFiles
# directive in build.gradle.
# For more details, see
#   http://developer.android.com/guide/developing/tools/proguard.html

# Add any project specific keep options here:

# If your project uses WebView with JS, uncomment the following
# and specify the fully qualified class name to the JavaScript interface
# class:
#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
#   public *;

# Uncomment this to preserve the line number information for
# debugging stack traces.
#-keepattributes SourceFile,LineNumberTable

# If you keep the line number information, uncomment this to
# hide the original source file name.
#-renamesourcefileattribute SourceFile

-optimizationpasses 5                                                       #指定代码压缩级别
-dontusemixedcaseclassnames                                                 #混淆时不会产生形形色色的类名
-dontskipnonpubliclibraryclasses                                            #指定不忽略非公共类库
-dontpreverify                                                              #不预校验,如果需要预校验,是-dontoptimize
-ignorewarnings                                                             #屏蔽警告
-verbose                                                                    #混淆时记录日志
-optimizations !code/simplification/arithmetic,!field/*,!class/merging/*    #优化

#-----------------导入第三方包,但是在当前版本中使用会报 input jar file is specified twice 错误,所以注释掉
#-libraryjars libs/hellocharts-library-1.5.8.jar

-dontwarn android.support.v4.**                                             #去掉警告
-keep class android.support.v4.** { *; }                                    #过滤android.support.v4
-keep interface android.support.v4.app.** { *; }
-keep public class * extends android.support.v4.**
-keep public class * extends android.support.v7.**
-keep public class * extends android.app.Fragment

-dontwarn lecho.lib.hellocharts.**                                             #去掉警告
-keep class lecho.lib.hellocharts.**{*;}                                       #过滤hellocharts.jar

-keepattributes *Annotation*

-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.preference.Preference
-keep public class com.android.vending.licensing.ILicensingService

-keep class com.zcits.highwayplatform.model.bean.**{*;}                                   #过滤掉自己编写的实体类 包括请求的基类model
-keep class com.zcits.highwayplatform.common.utils.**{*;}                                          #过滤掉工具类

##记录生成的日志数据,gradle build时在本项目根目录输出##
#apk 包内所有 class 的内部结构
-dump proguard/class_files.txt
-printseeds proguard/seeds.txt
#列出从 apk 中删除的代码
-printusage proguard/unused.txt
-printmapping proguard/mapping.txt
########记录生成的日志数据,gradle build时 在本项目根目录输出-end######

-keepclasseswithmembernames class * {
    public <init>(android.content.Context, android.util.AttributeSet);           # 保持自定义控件类不被混淆

-keepclasseswithmembernames class * {
    public <init>(android.content.Context, android.util.AttributeSet, int);

-keepclasseswithmembernames class * {                                           # 保持 native 方法不被混淆
    native <methods>;

-keepclassmembers class * extends android.app.Activity {                        # 保持自定义控件类不被混淆
  public void *(android.view.View);

-keep public class * extends android.view.View {
    public <init>(android.content.Context);
    public <init>(android.content.Context, android.util.AttributeSet);
    public <init>(android.content.Context, android.util.AttributeSet, int);
    public void set*(...);
    *** get*();

-keepclassmembers class **.R$* {
    public static <fields>;

-keep class * implements android.os.Parcelable {                                # 保持 Parcelable 不被混淆
  public static final android.os.Parcelable$Creator *;

-keepnames class * implements java.io.Serializable                              # 保持 Serializable 不被混淆

#PictureSelector 2.0
-keep class com.luck.picture.lib.** { *; }
-dontwarn com.yalantis.ucrop**
-keep class com.yalantis.ucrop** { *; }
-keep interface com.yalantis.ucrop** { *; }

-dontwarn sun.misc.**
-keepclassmembers class rx.internal.util.unsafe.*ArrayQueue*Field* {
 long producerIndex;
 long consumerIndex;
-keepclassmembers class rx.internal.util.unsafe.BaseLinkedQueueProducerNodeRef {
 rx.internal.util.atomic.LinkedQueueNode producerNode;
-keepclassmembers class rx.internal.util.unsafe.BaseLinkedQueueConsumerNodeRef {
 rx.internal.util.atomic.LinkedQueueNode consumerNode;

-dontwarn sun.misc.**
-keepclassmembers class rx.internal.util.unsafe.*ArrayQueue*Field* {
   long producerIndex;
   long consumerIndex;
-keepclassmembers class rx.internal.util.unsafe.BaseLinkedQueueProducerNodeRef {
    rx.internal.util.atomic.LinkedQueueNode producerNode;
-keepclassmembers class rx.internal.util.unsafe.BaseLinkedQueueConsumerNodeRef {
    rx.internal.util.atomic.LinkedQueueNode consumerNode;

-keep public class * implements com.bumptech.glide.module.GlideModule
-keep public class * extends com.bumptech.glide.AppGlideModule
-keep public enum com.bumptech.glide.load.resource.bitmap.ImageHeaderParser$** {
  **[] $VALUES;
  public *;

# for DexGuard only
#-keepresourcexmlelements manifest/application/meta-data@value=GlideModule


-dontwarn okhttp3.**
-keep class okhttp3.**{*;}
-dontwarn okio.**
-keep class okio.**{*;}

-dontwarn com.lzy.okgo.**
-keep class com.lzy.okgo.**{*;}

-dontwarn com.lzy.okrx.**
-keep class com.lzy.okrx.**{*;}

-dontwarn com.lzy.okrx2.**
-keep class com.lzy.okrx2.**{*;}

-dontwarn com.lzy.okserver.**
-keep class com.lzy.okserver.**{*;}

-keep class org.litepal.** {*;}
-keep class * extends org.litepal.crud.DataSupport {*;}

-keep class com.chad.library.adapter.** {
-keep public class * extends com.chad.library.adapter.base.BaseQuickAdapter
-keep public class * extends com.chad.library.adapter.base.BaseViewHolder
-keepclassmembers  class **$** extends com.chad.library.adapter.base.BaseViewHolder {

-keep class butterknife.** { *; }
-dontwarn butterknife.internal.**
-keep class **$$ViewBinder { *; }
-keepclasseswithmembernames class * {
    @butterknife.* <fields>;

-keepclasseswithmembernames class * {
    @butterknife.* <methods>;

-keepattributes *Annotation*
-keepclassmembers class ** {
    @org.greenrobot.eventbus.Subscribe <methods>;
-keep enum org.greenrobot.eventbus.ThreadMode { *; }

-dontwarn com.google.**
-keep class com.google.gson.** {*;}



      本文标题:android 代码混淆与安全
