Как настроить правила программы ProGuard, чтобы сделать сердце более трудным для обратного инжиниринга

Question

Как настроить правила программы ProGuard, чтобы сделать сердце более трудным для обратного инжиниринга

Я разработал огромный проект с примерно 25 зависимостями gradle, теперь мне нужно запутать мой код с помощью ProGuard, я не забочусь об удалении неиспользуемых классов, полей, методов и атрибутов, просто нужно сделать мой код сложнее для обратного проектирования. Я пытался найти правила ProGuard на этих сайтах библиотек зависимостей, но все равно получал много предупреждений.

Note: duplicate definition of library class [android.net.http.SslCertificate]
Note: duplicate definition of library class [android.net.http.SslError]
Note: duplicate definition of library class [android.net.http.SslCertificate$DName]
Note: duplicate definition of library class [org.apache.http.conn.scheme.SocketFactory]
Note: duplicate definition of library class [org.apache.http.conn.scheme.HostNameResolver]
Note: duplicate definition of library class [org.apache.http.conn.ConnectTimeoutException]
Note: duplicate definition of library class [org.apache.http.params.HttpParams]

Note: there were 7 duplicate class definitions.
      (http://proguard.sourceforge.net/manual/troubleshooting.html#duplicateclass)

Initializing...
Note: the configuration refers to the unknown class 'butterknife.internal.ViewBinder'
Note: the configuration refers to the unknown class 'butterknife.InjectView'
Note: the configuration refers to the unknown class 'butterknife.InjectView'
Note: the configuration refers to the unknown class 'com.google.android.gms.common.util.DynamiteApi'
Note: the configuration refers to the unknown class 'com.google.android.gms.common.util.DynamiteApi'
Note: the configuration refers to the unknown class 'sun.misc.Unsafe'
Note: the configuration refers to the unknown class 'com.google.vending.licensing.ILicensingService'
      Maybe you meant the fully qualified name 'com.google.android.vending.licensing.ILicensingService'?
Note: the configuration refers to the unknown class 'com.android.vending.licensing.ILicensingService'
      Maybe you meant the fully qualified name 'com.google.android.vending.licensing.ILicensingService'?
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21: can't find dynamically referenced class android.service.media.IMediaBrowserServiceCallbacks
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21: can't find dynamically referenced class android.content.pm.ParceledListSlice
Note: android.support.v4.media.IMediaBrowserServiceCallbacksAdapterApi21$Stub: can't find dynamically referenced class android.service.media.IMediaBrowserServiceCallbacks$Stub
Note: android.support.v4.media.ParceledListSliceAdapterApi21: can't find dynamically referenced class android.content.pm.ParceledListSlice
Note: android.support.v4.text.ICUCompatApi23: can't find dynamically referenced class libcore.icu.ICU
Note: android.support.v4.text.ICUCompatIcs: can't find dynamically referenced class libcore.icu.ICU
Note: android.support.v7.widget.DrawableUtils: can't find dynamically referenced class android.graphics.Insets
Note: com.google.api.client.util.IOUtils: can't find dynamically referenced class java.nio.file.Files
Note: com.google.api.client.util.IOUtils: can't find dynamically referenced class java.nio.file.Path
Note: com.google.gson.internal.UnsafeAllocator: can't find dynamically referenced class sun.misc.Unsafe
Note: there were 8 references to unknown classes.
      You should check your configuration for typos.
      (http://proguard.sourceforge.net/manual/troubleshooting.html#unknownclass)
Note: there were 10 unresolved dynamic references to classes or interfaces.
      You should check if you need to specify additional program jars.
      (http://proguard.sourceforge.net/manual/troubleshooting.html#dynamicalclass)
Ignoring unused library classes...
  Original number of library classes: 3880
  Final number of library classes:    1451
Printing kept classes, fields, and methods...

И затем около 8k строк или предупреждений, подобных этому

AGPBI: {"kind":"error","text":"this warning is that reflective operations on this class will incorrectly","sources":[{}]}
AGPBI: {"kind":"error","text":"indicate that it is *not* an inner class.","sources":[{}]}
AGPBI: {"kind":"error","text":"warning: Ignoring InnerClasses attribute for an anonymous inner class","sources":[{}]}
AGPBI: {"kind":"error","text":"(android.support.v4.widget.SwipeRefreshLayout$3) that doesnu0027t come with an","sources":[{}]}
AGPBI: {"kind":"error","text":"associated EnclosingMethod attribute. This class was probably produced by a","sources":[{}]}
AGPBI: {"kind":"error","text":"compiler that did not target the modern .class file format. The recommended","sources":[{}]}
AGPBI: {"kind":"error","text":"solution is to recompile the class from source, using an up-to-date compiler","sources":[{}]}
AGPBI: {"kind":"error","text":"and without specifying any "-target" type options. The consequence of ignoring","sources":[{}]}
AGPBI: {"kind":"error","text":"this warning is that reflective operations on this class will incorrectly","sources":[{}]}
AGPBI: {"kind":"error","text":"indicate that it is *not* an inner class.","sources":[{}]}
AGPBI: {"kind":"error","text":"warning: Ignoring InnerClasses attribute for an anonymous inner class","sources":[{}]}
AGPBI: {"kind":"error","text":"(android.support.v4.widget.SwipeRefreshLayout$4) that doesnu0027t come with an","sources":[{}]}

Мои правила

-dontwarn android.support.**

-keep public class com.google.android.gms.ads.** {
   public *;
}

-keep public class com.google.ads.** {
   public *;
}
-keep class * implements android.os.Parcelable {
  public static final android.os.Parcelable$Creator *;
}
-keepnames class * implements android.os.Parcelable {
  public static final ** CREATOR;
}

-dontwarn com.google.android.gms.**
-dontwarn com.google.common.cache.**
-dontwarn com.google.common.primitives.**
-keepattributes *Annotation*
-keepattributes Signature
-keepattributes InnerClasses
-keepclassmembers class ** {
    @org.greenrobot.eventbus.Subscribe <methods>;
}
-keep enum org.greenrobot.eventbus.ThreadMode { *; }

# Only required if you use AsyncExecutor
-keepclassmembers class * extends org.greenrobot.eventbus.util.ThrowableFailureEvent {
    <init>(java.lang.Throwable);
}
-keep class butterknife.** { *; }
-dontwarn butterknife.internal.**
-keep class **$$ViewBinder { *; }

-keepclasseswithmembernames class * {
    @butterknife.* <fields>;
}

-keepclasseswithmembernames class * {
    @butterknife.* <methods>;
}
-keep class **$$ViewBinder { *; }
# Retain generated class which implement ViewBinder.
-keep public class * implements butterknife.internal.ViewBinder { public <init>(); }

# Prevent obfuscation of types which use ButterKnife annotations since the simple name
# is used to reflectively look up the generated ViewBinder.
-keep class butterknife.*
-keepclasseswithmembernames class * { @butterknife.* <methods>; }
-keepclasseswithmembernames class * { @butterknife.* <fields>; }

-dontwarn butterknife.internal.**

-keep class **$$ViewInjector { *; }

-keepnames class * { @butterknife.InjectView *;}

-dontwarn butterknife.Views$InjectViewProcessor

-dontwarn com.gc.materialdesign.views.**


-keep public class com.google.android.gms.common.internal.safeparcel.SafeParcelable {
    public static final *** NULL;
}

-keepnames class * implements android.os.Parcelable
-keepclassmembers class * implements android.os.Parcelable {
  public static final *** CREATOR;
}

-keep @interface android.support.annotation.Keep
-keep @android.support.annotation.Keep class *
-keepclasseswithmembers class * {
  @android.support.annotation.Keep <fields>;
}
-keepclasseswithmembers class * {
  @android.support.annotation.Keep <methods>;
}

-keep @interface com.google.android.gms.common.annotation.KeepName
-keepnames @com.google.android.gms.common.annotation.KeepName class *
-keepclassmembernames class * {
  @com.google.android.gms.common.annotation.KeepName *;
}

-keep @interface com.google.android.gms.common.util.DynamiteApi
-keep public @com.google.android.gms.common.util.DynamiteApi class * {
  public <fields>;
  public <methods>;
}

-dontwarn android.security.NetworkSecurityPolicy

# Gson specific classes
-keep class sun.misc.Unsafe { *; }
#-keep class com.google.gson.stream.** { *; }

# Application classes that will be serialized/deserialized over Gson
-keep class com.google.gson.examples.android.model.** { *; }

-keep public class * implements com.bumptech.glide.module.GlideModule
-keep public enum com.bumptech.glide.load.resource.bitmap.ImageHeaderParser$** {
  **[] $VALUES;
  public *;
}

Есть ли какое-нибудь простое правило чтобы сделать это в Android Studio ?

1 3

android proguard android-proguard

1 ответ:

JohnWatsonDev · Accepted Answer · 2017-02-12 11:27:15

Просто попробуйте добавить -keepattributes Exceptions, Signature, InnerClasses в файл правил, чтобы удалить предупреждение AGPBI: {"kind":"error", etc }.

Я подумал, что вы могли бы добавить специальные правила Proguard в официальный документ библиотеки или README.md файл.