为了防止apk被破解,源码被他人看到,可以进行基本的安全防护:代码混淆。
如何进行代码混淆呢?其实并不难!
在生成的项目中,和代码混淆相关的文件是:proguard-project.txt、project.properties。
代码混淆就一步:
project.properties文件中的代码如下:
# This file is automatically generated byAndroid Tools.
# Do not modify this file -- YOUR CHANGESWILL BE ERASED!
#
# This file must be checked in VersionControl Systems.
#
# To customize properties used by the Antbuild system edit
# "ant.properties", and overridevalues to adapt the script to your
# project structure.
#
# To enable ProGuard to shrink andobfuscate your code, uncomment this (available properties: sdk.dir, user.home):
#proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt
# Project target.
target=android-19
只需要将#proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt这句前边的“#”号去掉即可!
但是一般项目不可能这么简单,项目中会有很多引入的第三方Jar包,如果不对这些JAR包进行处理,混淆打包的APK会报错,所以需要对这些jar包进行处理,防止jar包被混淆。这是需要对proguard-project.txt文件进行配置。
防止jar包混淆的配置如下:
1)将项目中所有jar包申明进来
-libraryjars libs/android-support-v4.jar
-libraryjars libs/androideventbus-1.0.2.jar
…
…
2)避免jar被混淆
-dontwarn org.simple.eventbus.**
-keep class org.simple.eventbus.**{*;}
#以下是api中的类,最好进行非混淆处理
-keep public class * extendsandroid.app.Fragment
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extendsandroid.app.backup.BackupAgentHelper
-keep public class * extends android.preference.Preference
-keep public class * extends android.support.v4.**
-keep public class com.android.vending.licensing.IlicensingService
3)配置某个Activity中的某各类不进行混淆
-keep public classcom.example.testpgdemo.MainActivity {
private void csuicideMyself(java.lang.String);
}
proguard-project.txt文件中的内容全部如下:
# To enable ProGuard in your project, editproject.properties
# to define the proguard.config property asdescribed in that file.
#
# Add project specific ProGuard rules here.
# By default, the flags in this file areappended to flags specified
# in ${sdk.dir}/tools/proguard/proguard-android.txt
# You can edit the include path and orderby changing the ProGuard
# include property in project.properties.
#
# For more details, see
# http://developer.android.com/guide/developing/tools/proguard.html
# Add any project specific keep optionshere:
# If your project uses WebView with JS,uncomment the following
# and specify the fully qualified classname to the JavaScript interface
# class:
#-keepclassmembers classfqcn.of.javascript.interface.for.webview {
# public*;
#}
-optimizationpasses 5
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-dontpreverify
-verbose
-optimizations!code/simplification/arithmetic,!field/*,!class/merging/*
-keepattributes *Annotation*
-keepattributes Signature
-libraryjars libs/android-support-v4.jar
-libraryjars libs/androideventbus-1.0.2.jar
-dontwarn org.simple.eventbus.**
-keep class org.simple.eventbus.**{*;}
-keep public classcom.example.testpgdemo.MainActivity {
private void csuicideMyself(java.lang.String);
}
-keep public class * extendsandroid.app.Fragment
-keep public class * extendsandroid.app.Activity
-keep public class * extendsandroid.app.Application
-keep public class * extendsandroid.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extendsandroid.content.ContentProvider
-keep public class * extendsandroid.app.backup.BackupAgentHelper
-keep public class * extendsandroid.preference.Preference
-keep public class * extendsandroid.support.v4.**
-keep public classcom.android.vending.licensing.IlicensingService
混淆完成。项目进行混淆的难点是需要慢慢调试的,例如某个jar
包做了避免混淆配置还报错,就要根据具体情况来进行配置,这是在混淆中比较麻烦的部分,需要你具体情况具体分析。