如何在Android上使用Proguard并保护应用程序的功能完整性?
[英]How to use Proguard with Android and protect the app's functional integrity?
问题描述
I've an Ant build using the Proguard config below, which is that generated by the "android" command line tool, it seems pretty straightfoward. 
我使用下面的Proguard配置构建了一个Ant,该配置是由“ android”命令行工具生成的,看起来很简单。 But when I build the app using this script, the app blows up when it's executed on the device, with a series of null pointer exceptions (the obfuscation process is somehow adding bugs to the code). 但是,当我使用此脚本构建应用程序时,该应用程序在设备上执行时会崩溃,并带有一系列空指针异常(混淆过程以某种方式向代码中添加了错误)。 To fix the app, I just rebuild it without running it through Proguard. 要修复该应用程序,我无需通过Proguard运行它即可对其进行重建。
What advice would you offer to someone using Proguard with Android apps so that a) the app is optimised and obfuscated to a reasonable degree, but b) without the functional integrity being damaged? 您将为使用Proguard和Android应用程序的用户提供什么建议,以便a)在合理程度上优化和混淆了该应用程序,但是b)在不损害功能完整性的情况下?
-optimizationpasses 5
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-dontpreverify
-verbose
-optimizations !code/simplification/arithmetic,!field/*,!class/merging/*
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.app.backup.BackupAgentHelper
-keep public class * extends android.preference.Preference
-keep public class com.android.vending.licensing.ILicensingService
-keepclasseswithmembernames class * {
native <methods>;
}
-keepclasseswithmembernames class * {
public <init>(android.content.Context, android.util.AttributeSet);
}
-keepclasseswithmembernames class * {
public <init>(android.content.Context, android.util.AttributeSet, int);
}
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}
2 个解决方案
解决方案1
5 2011-02-15 16:04:00
I've found the solution to the specific case I experienced. 我找到了针对我所遇到的特定案例的解决方案。 I'll document the solution as I suspect others may find it useful. 我会记录该解决方案,因为我怀疑其他人可能会发现它有用。
I have two classes that are used specifically to hold payloads to/from JSON API calls. 我有两个专门用于保存往返JSON API调用的有效负载的类。 I hadn't excluded those classes from the obfuscation, so the GSON parser was failing to create the objects correctly as the class member names did not match the JSON parameter names. 我没有从混淆中排除这些类,所以GSON解析器无法正确创建对象,因为类成员名称与JSON参数名称不匹配。
So the moral of this story is if that when deserialising JSON data to create objects using GSON or other tools that match JSON parameter names with class member names, make sure Proguard doesn't rename them. 因此,本故事的寓意是,当使用GSON或其他将JSON参数名称与类成员名称匹配的工具反序列化JSON数据以创建对象时,请确保Proguard不重命名它们。 The null reference exceptions I was seeing were because all the deseralised objects were blank. 我看到的null引用异常是因为所有反序列化的对象均为空白。
I should say I'm NOT experiencing ClassNotFoundException, this is a different issue, and what initially seemed like quite inexplicable runtime errors, was just an interesting combo of assumptions. 我应该说我没有遇到ClassNotFoundException,这是一个不同的问题,最初看起来像莫名其妙的运行时错误,只是一个有趣的假设组合。
解决方案2
4 已采纳 2011-02-15 15:46:45
Just follow the rules listed in the Configuring Pro-guard section . 只需遵循“ 配置Pro-guard”部分中列出的规则。 The key is any reference to a class in xml probably. 关键是对xml中的类的任何引用。 So if you have any Receivers or Services in your manifest that aren't explicitly used in the code, they may be being removed by Proguard. 因此,如果清单中有未在代码中明确使用的任何接收方或服务,则Proguard可能会将其删除。 This also includes classes in your layouts, like Custom views, etc. 这也包括布局中的类,例如“自定义”视图等。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.