Android studio Configuration Details

Confuse

studio obfuscates using Proguard, a tool for compressing, optimizing, and obfuscating java bytecode files.

Functions: Shrinking (compression), Optimization (optimization), Obfuscattion (obfuscation), Preverification (pre-check) four operations.

Advantages:
1. Delete useless resources of the project and effectively reduce the size of apk;
2. Delete useless classes, class members, methods and attributes, and delete useless comments to optimize bytecode files to the maximum extent;
3. Rename existing classes, methods, properties, etc. with short and meaningless names, which increases the difficulty of reverse engineering.

Configure

buildTypes {
    release {
      // true -  Turn on obfuscation 
      minifyEnabled true
      // true -  Turn on resource compression 
      shrinkResources true
      //  Used to set Proguard The planning path of; 
      proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro',
          '../libModule/proguard-rules.pro'
    }
  }

proguard-android. txt: proguard-android. txt is the default obfuscation file of the system, specifically in../sdk/tools/proguard/directory, which contains the most basic obfuscation of android, and generally does not need to be changed; proguard-rules. pro: Is the rule we need to configure; If you want to configure multiple Module obfuscation files, you only need to add commas and obfuscation file paths; Basic obfuscation configuration

#  Code obfuscation compression ratio, in 0~7 Between, the default is 5 , 1 I don't want to make changes 
-optimizationpasses 5

#  Mixing does not use case mixing, and the mixed class name is lowercase 
-dontusemixedcaseclassnames

#  Specifies that classes that do not ignore non-public libraries 
-dontskipnonpubliclibraryclasses

#  Specifies that class members of non-public libraries are not ignored 
-dontskipnonpubliclibraryclassmembers

#  This sentence can confuse our project and produce a mapping file 
#  Contains the class name -> Mapping relationship of confused class names 
-verbose

#  Without pre-verification, preverify Yes proguard Adj. 4 One of the steps 1 , Android No need preverify , get rid of this 1 Step can speed up confusion. 
-dontpreverify

#  Reservation Annotation Do not confuse   This is in JSON Entity mapping is very important, such as fastJson
-keepattributes *Annotation*,InnerClasses

#  Avoid confusing generics 
-keepattributes Signature

#  Preserve the code line number when throwing an exception 
-keepattributes SourceFile,LineNumberTable

#  Specifies the algorithm used for obfuscation, and the following parameters are 1 Filters 
#  This filter is an algorithm recommended by Google. 1 I don't want to make changes 
-optimizations !code/simplification/cast,!field/*,!class/merging/*

#  Ignore warnings 
-ignorewarnings

#  Sets whether scope changes are allowed 
-allowaccessmodification

#  Confuse the method names in the confused class 
-useuniqueclassmembernames

# apk  All in the package  class  Internal structure of 
-dump class_files.txt

#  Unconfused classes and members 
-printseeds seeds_txt

#  List from apk Deleted code in 
-printusage unused.txt

#  Mapping before and after confusion 
-printmapping mapping.txt

You cannot use obfuscation

1. For the elements used in reflection, it is necessary to ensure that the class name, method name and attribute name remain unchanged, otherwise there will be problems in reflection.

2. It is best not to confuse some bean classes

3, 4 big components can not be confused, 4 big components must register declaration in manifest, and after confusion, the class name will change, which does not conform to the registration mechanism of 4 big components.

-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.app.backup.BackupAgent
-keep public class * extends android.preference.Preference
-keep public class * extends android.support.v4.app.Fragment
-keep public class * extends android.app.Fragment
-keep public class * extends android.view.view
-keep public class com.android.vending.licensing.ILicensingService

4. Annotations should not be confused. In many scenarios, annotations are used to reflect some elements while they are in progress.

-keepattributes *Annotation*

5. You can't confuse the value and valueOf methods in the enumeration, because these two methods are statically added to the code and will also be used by reflection, so you can't confuse these two methods. Applying enumeration will add many methods, increase the number of methods in the package, and increase the size of dex.

-keepclassmembers enum * {
  public static **[] values();
  public static ** valueOf(java.lang.String);
}

6. When JNI calls Java method, it needs to be formed by the address composed of class name and method name.

7. Java uses the Native method, while Native is written by C/C + +, and the method cannot be confused.

-keepclasseswithmembernames class * {
  native <methods>;
}

8. JS calls Java method

-keepattributes *JavascriptInterface*

9. The calling method of JavaScript in Webview cannot be confused
Note: Webview refers to which package name.

-keepclassmembers class fqcn.of.javascript.interface.for.webview {
  public *;
}

-keepclassmembers class * extends android.webkit.WebViewClient {
  public void *(android.webkit.WebView, java.lang.String, android.graphics.Bitmap);
  public boolean *(android.webkit.WebView, java.lang.String);
}

-keepclassmembers class * extends android.webkit.WebViewClient {
  public void *(android.webkit.WebView, java.lang.String);
}

10. The third party may recommend the use of its own confusion rules

11. Subclasses of Parcelable and static member variables of Creator are not confused, otherwise android. os. BadParcelableExeception exceptions will occur.
Serializable interface class deserialization:

-keep class * implements android.os.Parcelable {
 public static final android.os.Parcelable$Creator *;
}

-keep class * implements java.io.Serializable {
  public *;
}

-keepclassmembers class * implements java.io.Serializable {
  static final long serialVersionUID;
  private static final java.io.ObjectStreamField[] serialPersistentFields;
  !static !transient <fields>;
  private void writeObject(java.io.ObjectOutputStream);
  private void readObject(java.io.ObjectInputStream);
  java.lang.Object writeReplace();
  java.lang.Object readResolve();
}

12. The sequence number and deserialization of Gson are essentially resolved using reflection acquisition classes

-keep class com.google.gson.** {*;}
-keep class sun.misc.Unsafe {*;}
-keep class com.google.gson.stream.** {*;}
-keep class com.google.gson.examples.android.model.** {*;}
-keep class com.google.** {
  <fields>;
  <methods>;
}
-dontwarn class com.google.gson.**