Android 混淆

一、步骤：

ProGuard由shrink、optimize、obfuscate和preverify四个步骤组成，每个步骤都是可选的，需要哪些步骤都可以在脚本中配置。参见ProGuard官方介绍。

　　压缩（Shrink）：默认开启，侦测并移除代码中无用的类、字段、方法和特性，减少应用体积，并且会在优化动作执行之后再次执行（因为优化后可能会再次暴露一些未使用的类和成员）。
　　　　-dontshrink 关闭混淆
　　优化（Optimize）：默认开启，分析和优化字节码，让应用运行的更快。
　　　　-dontoptimize 关闭优化，默认混淆配置文件开始
　　　　-optimizationpasses n 表示proguard对代码进行迭代优化的次数，Android一般为5
　　混淆（Obfuscate）：默认开启，使用a、b、c、d这样简短而无意义的名称，对类、字段和方法进行重命名，增大反编译难度。
　　　　-dontobfuscate 关闭混淆
上面三个步骤使代码大小更小、更高效，也更难被逆向工程。

　　预检（Preverify）：在java平台上对处理后的代码进行预检。

二、开启方法：

buildTypes {
    release {
        minifyEnabled true
        proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
    }
}

三、默认的混淆方案

proguard-android.txt

# This is a configuration file for ProGuard.
# http://proguard.sourceforge.net/index.html#manual/usage.html
#
# This file is no longer maintained and is not used by new (2.2+) versions of the
# Android plugin for Gradle. Instead, the Android plugin for Gradle generates the
# default rules at build time and stores them in the build directory.


-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-verbose


# Optimization is turned off by default. Dex does not like code run
# through the ProGuard optimize and preverify steps (and performs some
# of these optimizations on its own).
-dontoptimize
-dontpreverify
# Note that if you want to enable optimization, you cannot just
# include optimization flags in your own project configuration file;
# instead you will need to point to the
# "proguard-android-optimize.txt" file instead of this one from your
# project.properties file.


-keepattributes *Annotation*
-keep public class com.google.vending.licensing.ILicensingService
-keep public class com.android.vending.licensing.ILicensingService


# For native methods, see http://proguard.sourceforge.net/manual/examples.html#native
-keepclasseswithmembernames class * {
    native <methods>;
}


# keep setters in Views so that animations can still work.
# see http://proguard.sourceforge.net/manual/examples.html#beans
-keepclassmembers public class * extends android.view.View {
   void set*(***);
   *** get*();
}


# We want to keep methods in Activity that could be used in the XML attribute onClick
-keepclassmembers class * extends android.app.Activity {
   public void *(android.view.View);
}


# For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations
-keepclassmembers enum * {
    public static **[] values();
    public static ** valueOf(java.lang.String);
}


-keepclassmembers class * implements android.os.Parcelable {
  public static final android.os.Parcelable$Creator CREATOR;
}


-keepclassmembers class **.R$* {
    public static <fields>;
}


# The support library contains references to newer platform versions.
# Don't warn about those in case this app is linking against an older
# platform version.  We know about them, and they are safe.
-dontwarn android.support.**


# Understand the @Keep support annotation.
-keep class android.support.annotation.Keep


-keep @android.support.annotation.Keep class * {*;}


-keepclasseswithmembers class * {
    @android.support.annotation.Keep <methods>;
}


-keepclasseswithmembers class * {
    @android.support.annotation.Keep <fields>;
}


-keepclasseswithmembers class * {
    @android.support.annotation.Keep <init>(...);

}

四、通配符

? matches any single character in a name.(匹配一个字符)

* matches any part of a name not containing the directory separator.（匹配一个名字，除了目录分隔符外的任意部分）

** matches any part of a name, possibly containing any number of directory separators.(匹配任意名,可能包含任意路径分隔符)

! exclude

<field> 匹配类中的所有字段

<method> 匹配类中所有的方法

<init> 匹配类中所有的构造函数

五、关键字

-keep 只保留类名 加上{*;}则会保留类名和所有成员
-keepclassmembers 只保留成员
-keepclasseswithmembers 保留类名及指定的成员
不带names的选项为既不会被移除或重命名，即使类或类成员未被使用。带有names的选项为不会被重命名，如果是无用的类或类成员，会被移除，移除是指在压缩（Shrinking）时是否会被删除。