如何设置 ProGuard 规则使我的核心更难进行逆向工程
How to setup ProGuard rules to make my core harder for reverse engineering
我开发了一个包含大约 25 gradle 依赖项的大型项目,现在我需要使用 ProGuard 混淆我的代码,我不关心删除未使用的 类、字段、方法和属性,只需要让我的代码更难逆向工程。
我试图在这些依赖库站点上找到 ProGuard 规则,但仍然收到很多警告。
Note: duplicate definition of library class [android.net.http.SslCertificate]
Note: duplicate definition of library class [android.net.http.SslError]
Note: duplicate definition of library class [android.net.http.SslCertificate$DName]
Note: duplicate definition of library class [org.apache.http.conn.scheme.SocketFactory]
Note: duplicate definition of library class [org.apache.http.conn.scheme.HostNameResolver]
Note: duplicate definition of library class [org.apache.http.conn.ConnectTimeoutException]
Note: duplicate definition of library class [org.apache.http.params.HttpParams]
Note: there were 7 duplicate class definitions.
(http://proguard.sourceforge.net/manual/troubleshooting.html#duplicateclass)
Initializing...
Note: the configuration refers to the unknown class 'butterknife.internal.ViewBinder'
Note: the configuration refers to the unknown class 'butterknife.InjectView'
Note: the configuration refers to the unknown class 'butterknife.InjectView'
Note: the configuration refers to the unknown class 'com.google.android.gms.common.util.DynamiteApi'
Note: the configuration refers to the unknown class 'com.google.android.gms.common.util.DynamiteApi'
Note: the configuration refers to the unknown class 'sun.misc.Unsafe'
Note: the configuration refers to the unknown class 'com.google.vending.licensing.ILicensingService'
Maybe you meant the fully qualified name 'com.google.android.vending.licensing.ILicensingService'?
Note: the configuration refers to the unknown class 'com.android.vending.licensing.ILicensingService'
Maybe you meant the fully qualified name 'com.google.android.vending.licensing.ILicensingService'?
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21: can't find dynamically referenced class android.service.media.IMediaBrowserServiceCallbacks
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21: can't find dynamically referenced class android.content.pm.ParceledListSlice
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21$Stub: can't find dynamically referenced class android.service.media.IMediaBrowserServiceCallbacks$Stub
Note: android.support.v4.media.ParceledListSliceAdapterApi21: can't find dynamically referenced class android.content.pm.ParceledListSlice
Note: android.support.v4.text.ICUCompatApi23: can't find dynamically referenced class libcore.icu.ICU
Note: android.support.v4.text.ICUCompatIcs: can't find dynamically referenced class libcore.icu.ICU
Note: android.support.v7.widget.DrawableUtils: can't find dynamically referenced class android.graphics.Insets
Note: com.google.api.client.util.IOUtils: can't find dynamically referenced class java.nio.file.Files
Note: com.google.api.client.util.IOUtils: can't find dynamically referenced class java.nio.file.Path
Note: com.google.gson.internal.UnsafeAllocator: can't find dynamically referenced class sun.misc.Unsafe
Note: there were 8 references to unknown classes.
You should check your configuration for typos.
(http://proguard.sourceforge.net/manual/troubleshooting.html#unknownclass)
Note: there were 10 unresolved dynamic references to classes or interfaces.
You should check if you need to specify additional program jars.
(http://proguard.sourceforge.net/manual/troubleshooting.html#dynamicalclass)
Ignoring unused library classes...
Original number of library classes: 3880
Final number of library classes: 1451
Printing kept classes, fields, and methods...
然后大约 8k 行或这样的警告
AGPBI: {"kind":"error","text":"this warning is that reflective operations on this class will incorrectly","sources":[{}]}
AGPBI: {"kind":"error","text":"indicate that it is *not* an inner class.","sources":[{}]}
AGPBI: {"kind":"error","text":"warning: Ignoring InnerClasses attribute for an anonymous inner class","sources":[{}]}
AGPBI: {"kind":"error","text":"(android.support.v4.widget.SwipeRefreshLayout) that doesn\u0027t come with an","sources":[{}]}
AGPBI: {"kind":"error","text":"associated EnclosingMethod attribute. This class was probably produced by a","sources":[{}]}
AGPBI: {"kind":"error","text":"compiler that did not target the modern .class file format. The recommended","sources":[{}]}
AGPBI: {"kind":"error","text":"solution is to recompile the class from source, using an up-to-date compiler","sources":[{}]}
AGPBI: {"kind":"error","text":"and without specifying any \"-target\" type options. The consequence of ignoring","sources":[{}]}
AGPBI: {"kind":"error","text":"this warning is that reflective operations on this class will incorrectly","sources":[{}]}
AGPBI: {"kind":"error","text":"indicate that it is *not* an inner class.","sources":[{}]}
AGPBI: {"kind":"error","text":"warning: Ignoring InnerClasses attribute for an anonymous inner class","sources":[{}]}
AGPBI: {"kind":"error","text":"(android.support.v4.widget.SwipeRefreshLayout) that doesn\u0027t come with an","sources":[{}]}
我的规则
-dontwarn android.support.**
-keep public class com.google.android.gms.ads.** {
public *;
}
-keep public class com.google.ads.** {
public *;
}
-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}
-keepnames class * implements android.os.Parcelable {
public static final ** CREATOR;
}
-dontwarn com.google.android.gms.**
-dontwarn com.google.common.cache.**
-dontwarn com.google.common.primitives.**
-keepattributes *Annotation*
-keepattributes Signature
-keepattributes InnerClasses
-keepclassmembers class ** {
@org.greenrobot.eventbus.Subscribe <methods>;
}
-keep enum org.greenrobot.eventbus.ThreadMode { *; }
# Only required if you use AsyncExecutor
-keepclassmembers class * extends org.greenrobot.eventbus.util.ThrowableFailureEvent {
<init>(java.lang.Throwable);
}
-keep class butterknife.** { *; }
-dontwarn butterknife.internal.**
-keep class **$$ViewBinder { *; }
-keepclasseswithmembernames class * {
@butterknife.* <fields>;
}
-keepclasseswithmembernames class * {
@butterknife.* <methods>;
}
-keep class **$$ViewBinder { *; }
# Retain generated class which implement ViewBinder.
-keep public class * implements butterknife.internal.ViewBinder { public <init>(); }
# Prevent obfuscation of types which use ButterKnife annotations since the simple name
# is used to reflectively look up the generated ViewBinder.
-keep class butterknife.*
-keepclasseswithmembernames class * { @butterknife.* <methods>; }
-keepclasseswithmembernames class * { @butterknife.* <fields>; }
-dontwarn butterknife.internal.**
-keep class **$$ViewInjector { *; }
-keepnames class * { @butterknife.InjectView *;}
-dontwarn butterknife.Views$InjectViewProcessor
-dontwarn com.gc.materialdesign.views.**
-keep public class com.google.android.gms.common.internal.safeparcel.SafeParcelable {
public static final *** NULL;
}
-keepnames class * implements android.os.Parcelable
-keepclassmembers class * implements android.os.Parcelable {
public static final *** CREATOR;
}
-keep @interface android.support.annotation.Keep
-keep @android.support.annotation.Keep class *
-keepclasseswithmembers class * {
@android.support.annotation.Keep <fields>;
}
-keepclasseswithmembers class * {
@android.support.annotation.Keep <methods>;
}
-keep @interface com.google.android.gms.common.annotation.KeepName
-keepnames @com.google.android.gms.common.annotation.KeepName class *
-keepclassmembernames class * {
@com.google.android.gms.common.annotation.KeepName *;
}
-keep @interface com.google.android.gms.common.util.DynamiteApi
-keep public @com.google.android.gms.common.util.DynamiteApi class * {
public <fields>;
public <methods>;
}
-dontwarn android.security.NetworkSecurityPolicy
# Gson specific classes
-keep class sun.misc.Unsafe { *; }
#-keep class com.google.gson.stream.** { *; }
# Application classes that will be serialized/deserialized over Gson
-keep class com.google.gson.examples.android.model.** { *; }
-keep public class * implements com.bumptech.glide.module.GlideModule
-keep public enum com.bumptech.glide.load.resource.bitmap.ImageHeaderParser$** {
**[] $VALUES;
public *;
}
在 Android Studio 中是否有任何简单的规则可以做到这一点?
只需尝试在规则文件中添加 -keepattributes Exceptions, Signature, InnerClasses 即可删除 AGPBI: {"kind":"error", etc } 警告消息。
我认为您可以在库的官方文档或 README.md 文件中添加特殊的 Proguard 规则。
我开发了一个包含大约 25 gradle 依赖项的大型项目,现在我需要使用 ProGuard 混淆我的代码,我不关心删除未使用的 类、字段、方法和属性,只需要让我的代码更难逆向工程。 我试图在这些依赖库站点上找到 ProGuard 规则,但仍然收到很多警告。
Note: duplicate definition of library class [android.net.http.SslCertificate]
Note: duplicate definition of library class [android.net.http.SslError]
Note: duplicate definition of library class [android.net.http.SslCertificate$DName]
Note: duplicate definition of library class [org.apache.http.conn.scheme.SocketFactory]
Note: duplicate definition of library class [org.apache.http.conn.scheme.HostNameResolver]
Note: duplicate definition of library class [org.apache.http.conn.ConnectTimeoutException]
Note: duplicate definition of library class [org.apache.http.params.HttpParams]
Note: there were 7 duplicate class definitions.
(http://proguard.sourceforge.net/manual/troubleshooting.html#duplicateclass)
Initializing...
Note: the configuration refers to the unknown class 'butterknife.internal.ViewBinder'
Note: the configuration refers to the unknown class 'butterknife.InjectView'
Note: the configuration refers to the unknown class 'butterknife.InjectView'
Note: the configuration refers to the unknown class 'com.google.android.gms.common.util.DynamiteApi'
Note: the configuration refers to the unknown class 'com.google.android.gms.common.util.DynamiteApi'
Note: the configuration refers to the unknown class 'sun.misc.Unsafe'
Note: the configuration refers to the unknown class 'com.google.vending.licensing.ILicensingService'
Maybe you meant the fully qualified name 'com.google.android.vending.licensing.ILicensingService'?
Note: the configuration refers to the unknown class 'com.android.vending.licensing.ILicensingService'
Maybe you meant the fully qualified name 'com.google.android.vending.licensing.ILicensingService'?
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21: can't find dynamically referenced class android.service.media.IMediaBrowserServiceCallbacks
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21: can't find dynamically referenced class android.content.pm.ParceledListSlice
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21$Stub: can't find dynamically referenced class android.service.media.IMediaBrowserServiceCallbacks$Stub
Note: android.support.v4.media.ParceledListSliceAdapterApi21: can't find dynamically referenced class android.content.pm.ParceledListSlice
Note: android.support.v4.text.ICUCompatApi23: can't find dynamically referenced class libcore.icu.ICU
Note: android.support.v4.text.ICUCompatIcs: can't find dynamically referenced class libcore.icu.ICU
Note: android.support.v7.widget.DrawableUtils: can't find dynamically referenced class android.graphics.Insets
Note: com.google.api.client.util.IOUtils: can't find dynamically referenced class java.nio.file.Files
Note: com.google.api.client.util.IOUtils: can't find dynamically referenced class java.nio.file.Path
Note: com.google.gson.internal.UnsafeAllocator: can't find dynamically referenced class sun.misc.Unsafe
Note: there were 8 references to unknown classes.
You should check your configuration for typos.
(http://proguard.sourceforge.net/manual/troubleshooting.html#unknownclass)
Note: there were 10 unresolved dynamic references to classes or interfaces.
You should check if you need to specify additional program jars.
(http://proguard.sourceforge.net/manual/troubleshooting.html#dynamicalclass)
Ignoring unused library classes...
Original number of library classes: 3880
Final number of library classes: 1451
Printing kept classes, fields, and methods...
然后大约 8k 行或这样的警告
AGPBI: {"kind":"error","text":"this warning is that reflective operations on this class will incorrectly","sources":[{}]}
AGPBI: {"kind":"error","text":"indicate that it is *not* an inner class.","sources":[{}]}
AGPBI: {"kind":"error","text":"warning: Ignoring InnerClasses attribute for an anonymous inner class","sources":[{}]}
AGPBI: {"kind":"error","text":"(android.support.v4.widget.SwipeRefreshLayout) that doesn\u0027t come with an","sources":[{}]}
AGPBI: {"kind":"error","text":"associated EnclosingMethod attribute. This class was probably produced by a","sources":[{}]}
AGPBI: {"kind":"error","text":"compiler that did not target the modern .class file format. The recommended","sources":[{}]}
AGPBI: {"kind":"error","text":"solution is to recompile the class from source, using an up-to-date compiler","sources":[{}]}
AGPBI: {"kind":"error","text":"and without specifying any \"-target\" type options. The consequence of ignoring","sources":[{}]}
AGPBI: {"kind":"error","text":"this warning is that reflective operations on this class will incorrectly","sources":[{}]}
AGPBI: {"kind":"error","text":"indicate that it is *not* an inner class.","sources":[{}]}
AGPBI: {"kind":"error","text":"warning: Ignoring InnerClasses attribute for an anonymous inner class","sources":[{}]}
AGPBI: {"kind":"error","text":"(android.support.v4.widget.SwipeRefreshLayout) that doesn\u0027t come with an","sources":[{}]}
我的规则
-dontwarn android.support.**
-keep public class com.google.android.gms.ads.** {
public *;
}
-keep public class com.google.ads.** {
public *;
}
-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}
-keepnames class * implements android.os.Parcelable {
public static final ** CREATOR;
}
-dontwarn com.google.android.gms.**
-dontwarn com.google.common.cache.**
-dontwarn com.google.common.primitives.**
-keepattributes *Annotation*
-keepattributes Signature
-keepattributes InnerClasses
-keepclassmembers class ** {
@org.greenrobot.eventbus.Subscribe <methods>;
}
-keep enum org.greenrobot.eventbus.ThreadMode { *; }
# Only required if you use AsyncExecutor
-keepclassmembers class * extends org.greenrobot.eventbus.util.ThrowableFailureEvent {
<init>(java.lang.Throwable);
}
-keep class butterknife.** { *; }
-dontwarn butterknife.internal.**
-keep class **$$ViewBinder { *; }
-keepclasseswithmembernames class * {
@butterknife.* <fields>;
}
-keepclasseswithmembernames class * {
@butterknife.* <methods>;
}
-keep class **$$ViewBinder { *; }
# Retain generated class which implement ViewBinder.
-keep public class * implements butterknife.internal.ViewBinder { public <init>(); }
# Prevent obfuscation of types which use ButterKnife annotations since the simple name
# is used to reflectively look up the generated ViewBinder.
-keep class butterknife.*
-keepclasseswithmembernames class * { @butterknife.* <methods>; }
-keepclasseswithmembernames class * { @butterknife.* <fields>; }
-dontwarn butterknife.internal.**
-keep class **$$ViewInjector { *; }
-keepnames class * { @butterknife.InjectView *;}
-dontwarn butterknife.Views$InjectViewProcessor
-dontwarn com.gc.materialdesign.views.**
-keep public class com.google.android.gms.common.internal.safeparcel.SafeParcelable {
public static final *** NULL;
}
-keepnames class * implements android.os.Parcelable
-keepclassmembers class * implements android.os.Parcelable {
public static final *** CREATOR;
}
-keep @interface android.support.annotation.Keep
-keep @android.support.annotation.Keep class *
-keepclasseswithmembers class * {
@android.support.annotation.Keep <fields>;
}
-keepclasseswithmembers class * {
@android.support.annotation.Keep <methods>;
}
-keep @interface com.google.android.gms.common.annotation.KeepName
-keepnames @com.google.android.gms.common.annotation.KeepName class *
-keepclassmembernames class * {
@com.google.android.gms.common.annotation.KeepName *;
}
-keep @interface com.google.android.gms.common.util.DynamiteApi
-keep public @com.google.android.gms.common.util.DynamiteApi class * {
public <fields>;
public <methods>;
}
-dontwarn android.security.NetworkSecurityPolicy
# Gson specific classes
-keep class sun.misc.Unsafe { *; }
#-keep class com.google.gson.stream.** { *; }
# Application classes that will be serialized/deserialized over Gson
-keep class com.google.gson.examples.android.model.** { *; }
-keep public class * implements com.bumptech.glide.module.GlideModule
-keep public enum com.bumptech.glide.load.resource.bitmap.ImageHeaderParser$** {
**[] $VALUES;
public *;
}
在 Android Studio 中是否有任何简单的规则可以做到这一点?
只需尝试在规则文件中添加 -keepattributes Exceptions, Signature, InnerClasses 即可删除 AGPBI: {"kind":"error", etc } 警告消息。
我认为您可以在库的官方文档或 README.md 文件中添加特殊的 Proguard 规则。