混淆简介
Android中的“混淆”可以分为两部分,一部分是Java 代码的优化与混淆,依靠 proguard混淆器来实现;另一部分是资源压缩,将移除项目及依赖的库中未被使用的资源(资源压缩严格意义上跟混淆没啥关系,但一般我们都会放一起用)。
Gradle
android {
buildTypes {
release {
// Enables code shrinking, obfuscation, and optimization for only
// your project's release build type.
minifyEnabled true
// Enables resource shrinking, which is performed by the
// Android Gradle plugin.
shrinkResources true
// Includes the default ProGuard rules files that are packaged with
// the Android Gradle plugin. To learn more, go to the section about
// R8 configuration files.
proguardFiles getDefaultProguardFile(
'proguard-android-optimize.txt'),
'proguard-rules.pro'
}
}
...
}
自定义混淆规则
命令 作用 -keep 防止类和成员被移除或者被重命名 -keepnames 防止类和成员被重命名 -keepclassmembers 防止成员被移除或者被重命名 -keepnames 防止成员被重命名 -keepclasseswithmembers 防止拥有该成员的类和成员被移除或者被重命名 -keepclasseswithmembernames 防止拥有该成员的类和成员被重命名
proguard-android.txt
sdk/tools/proguard/proguard-android.txt
# This is a configuration file for ProGuard.
# http://proguard.sourceforge.net/index.html#manual/usage.html
#
# This file is no longer maintained and is not used by new (2.2+) versions of the
# Android plugin for Gradle. Instead, the Android plugin for Gradle generates the
# default rules at build time and stores them in the build directory.
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-verbose
# Optimization is turned off by default. Dex does not like code run
# through the ProGuard optimize and preverify steps (and performs some
# of these optimizations on its own).
-dontoptimize
-dontpreverify
# Note that if you want to enable optimization, you cannot just
# include optimization flags in your own project configuration file;
# instead you will need to point to the
# "proguard-android-optimize.txt" file instead of this one from your
# project.properties file.
-keepattributes *Annotation*
-keep public class com.google.vending.licensing.ILicensingService
-keep public class com.android.vending.licensing.ILicensingService
# For native methods, see http://proguard.sourceforge.net/manual/examples.html#native
-keepclasseswithmembernames class * {
native <methods>;
}
# keep setters in Views so that animations can still work.
# see http://proguard.sourceforge.net/manual/examples.html#beans
-keepclassmembers public class * extends android.view.View {
void set*(***);
*** get*();
}
# We want to keep methods in Activity that could be used in the XML attribute onClick
-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);
}
# For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keepclassmembers class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator CREATOR;
}
-keepclassmembers class **.R$* {
public static <fields>;
}
# The support library contains references to newer platform versions.
# Don't warn about those in case this app is linking against an older
# platform version. We know about them, and they are safe.
-dontwarn android.support.**
# Understand the @Keep support annotation.
-keep class android.support.annotation.Keep
-keep @android.support.annotation.Keep class * {*;}
-keepclasseswithmembers class * {
@android.support.annotation.Keep <methods>;
}
-keepclasseswithmembers class * {
@android.support.annotation.Keep <fields>;
}
-keepclasseswithmembers class * {
@android.support.annotation.Keep <init>(...);
}
混淆后的结果
提供混淆前后类、方法、类成员等的对照表 ./build/outputs/mapping/release/mapping.txt
列出没有被混淆的类和成员 ./build/outputs/mapping/release/seeds.txt
列出被移除的代码 ./build/outputs/mapping/release/usage.txt
FreeProGuard
- implementation “com.blankj:free-proguard:1.0.2”
- 把项目中的实体类加入到 proguard-rules.pro 文件中,一般为 -keep class urpackage.xx.bean/entity/model.** { *; },或者使用 @Keep 注解这些实体类;
- 把项目中需要防混淆的 jar 加入到 proguard-rules.pro 文件中,比如支付宝 SDK 的 -libraryjars libs/alipaySDK-20150602.jar,如果要对所有 jar 都防混,那么使用 -libraryjars libs 即可;
- 把项目中用到的一些不包括在如上列表中的三方库配置到 proguard-rules.pro 文件中
