I have been working on one project which is too complex and contain very much space with so many images and Java files as well.
Somewhere I have read about the proguard which optimizes the code.
I have used it, but it's still does not have an effect on my final APK file.
It might be I have made a mistake somewhere. I have the following this like http://developer.android.com/guide/developing/tools/proguard.html.
How can I optimize my code?
You can add it to the default.properties. I've been adding manually without having a problem so far.
If you add the line:
proguard.config=proguard.cfg
As said it will only use ProGuard when exporting signed application (Android Tools => Export Signed Application)
If you start the project with the SDK before Android 2.3 the proguard.cfg file will not be created (next to default.properties as in 2.3>).
To enable automatic creation of it, just simply update to the SDK of Android 2.3 and create a new project with existing sources (which are the sources of the project you currently have).
Automagically the proguard.cfg fill will be created.
Without optimizations the compiler produces very dumb code - each command is compiled in a very straightforward manner, so that it does the intended thing.
The Debug builds have optimizations disabled by default, because without the optimizations the produced executable matches the source code in a straightforward manner.
Please refer this one
From documentation:
ProGuard is integrated into the Android build system, so you do not have to invoke it manually. ProGuard runs only when you build your application in release mode, so you do not have to deal with obfuscated code when you build your application in debug mode.
Related
Trying to develop android LPA system app for eSIM with the new Pie API.
The doc says to extend the abstract EuiccService class. But this class is not in the official SDK, and the link in the docs just leads to corresponding file in the android source repo.
I tried using this file/class as a dependency, but it references other internal android classes/annotations and causes build/IDE errors.
Does anyone have an idea how to use this?
Do I really have to pull android src code and somehow reference required class from it?
EDIT: I think I've solved it, found couple of potential solutions, but they were a bit cumbersome. Used the android.jar from here: https://github.com/anggrayudi/android-hidden-api (contains modified android.jar with hidden APIs and internal resources). It didn't work when i replaced the whole file and resulted strange build errors, but i manually transferred the android\service\euicc\ folder to original android.jar of android-28 sdk and it works perfectly (class is available and apk builds without issues). And no need to waste time pulling and building AOSP.
EDIT #2: apparently not fully fixable atm. There's issue with android gradle plugins (at least 3.2.x-3.3.x) where during full sync some build task generates mock classes from android.jar and process fails if it's modified (discussion is here: https://github.com/anggrayudi/android-hidden-api/issues/46). Error looks like this:
Failed to transform file 'android.jar' to match attributes {artifactType=android-mockable-jar, returnDefaultValues=false} using transform MockableJarTransform
There's a workaround for that, though inconvenient:
when you need a full sync for the project, replace the android.jar with original, run sync, restore modified android.jar, the IDE now will run indexing and classes will be available again with build working until next full sync.
Will update this post if/when it's fixed or new solution is found.
EDIT#3: here's probably a final solution for EuiccService case (turned out pretty obvious):
Instead of adding 'android/service/euicc' folder to android.jar, just put it in a separate library and add it as a compileOnly dependency. Since the classes were not in the SDK, the lib should not cause conflict (would be the case if you need to use modified framework or access hidden APIs in already existing classes).
If you are going to create a System APP, you will do it in several ways:
You could call a part of the SystemAPI (a method for example) by reference.
You could make the aplication as a part of the AOSP Project (Downloading the AOSP code, and introducing your app as part of packages/apps/)
You will be able to access system APIs on a rooted device or if you have system permissions (this happens when you flash your app into the device as part of the system image).
However, if you want to be able to call the EuiccService class from Android Studio (for coding purposes), you'll need to add the Android framework jar to your project.
The steps are provided below:
First, you will have to download and build AOSP and generate a framework jar for your target Android version. Check the documentation here to get an idea of how to download and build AOSP.
After a successful build all framework classes are compiled into a jar called classes.jar which can be found at the location out/target/common/obj/JAVA_LIBRARIES/framework_intermediates.
Get this classes.jar and add it to your Android project as a jar file.
Gradle sync the project and start coding.
Please beware that you WILL NOT BE ABLE TO run this app on an Adnroid device where you do not have system permission for this app.
I am trying to obfuscate my simple HelloWorld project (that I just created) with ProGuard.
The configuration files are below.
[project.properties]
proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt
target=android-20
[proguard-project.txt]
Nothing valid. all the lines are commented.
Lastly, I created signed apk file through the menu, File - Export - Export Android Application,
with a new key.
To make sure that the apk is obfuscated properly, I unzip the apk and decompiled classes.dex to view the inner class files. but NOT obfuscated at all. all the function names in MainActivity.java are
still the same.
Anything I missed out?
Thank you.
Look at the "Enabling ProGuard" section at http://developer.android.com/tools/help/proguard.html to see exactly how ProGuard determines which configuration file(s) to use. Look carefully at the different ways to specify the file(s) for Eclipse builds vs. Android Studio (or Gradle) builds. The ProGuard configuration files delivered with the SDK are simple starting points (examples) that almost certainly will not do exactly what you want. You should copy them to an appropriate location and change them as needed for your particular needs.
Many times after building an app and uploading it to play store I realize that I haven't guarded the apk using proguard feature provided by android and anyone can decompile the app using various tools to get my app's source code. So is it possible that whenever i create a new project the proguard feature is automatically enabled and my app's source code can be secure?
For obfuscation just add to project.properties file in android project the following line:
proguard.config=proguard.cfg
see details in android's development page here
Probably you will have to right a custom ant build script which throws an error when proguard property is not set in properties.To write custom ant build script visit this link:
http://www.androidengineer.com/2010/06/using-ant-to-automate-building-android.html
First of all, i'm new on ProGuard, but i read some tutorials and i know that the best way to use it on android is the one described on android.developer guide.
im trying to obfuscate the code of my new Android app with ProGuard. For that i enter this website: http://developer.android.com/tools/help/proguard.html#enabling
But it tells: "hen you create an Android project, a proguard.cfg file is automatically generated in the root directory of the project."
That file does not exist on my project root directory, so i dont know how to continue. My Android app is for api level 4, 1.6, so, is it possible that this is a problem for using ProGuard?
How can i use proguard with an app for api 4 (android 1.6)
Thanks a lot
You need a proguard.cfg File. You can either create it by hand or use the proguard-GUI (> java -jar proguardgui.jar). Using the GUI makes some things easier, but a basic understandig of proguard and obfuscating is still required. It isn't very comfortable to use the gui for obfuscating your release apk, so proviging the config-file and using the SDKs Build tools is still the best way to go.
The ACRA Documentation features an Example for a proguard.cfg http://code.google.com/p/acra/wiki/ACRAProGuardHowTo most of the stuff is ACRA related and can be ommited if you don't use ACRA in your project.
I Don't know if the SDK is supposed to create an proguard.cfg. If never seen one which was created automaticaly, so i suggest you go with the file as supplied by the acra-guys for a starting point.
Make sure that you are using the latest Android SDK. You can check this with the standard android application from the SDK.
Then make sure that your project directory is up-to-date too, by typing
adb update project -p MyProjectDirectory
(from the command-line, with the proper path to the directory of your project). This should create a ProGuard configuration file, which is called proguard-project.txt in recent releases of the SDK.
You can then enable ProGuard by uncommenting the proper line in project.properties.
My project does not enable proguard when creating it. Therefore I need to manually add proguard and enable it via project.properties.
Is there any way I can know whether my application has been obfuscated or not aside from reverse engineering?
If your application has been obfuscated you will see a new folder called proguard in you project folder.
It should contain four text files: dump, mapping, seeds and usage.
Note that your project will not be obfuscated unless you build it in release mode.
Just for records, if you want to check if your code was really obfuscated, you can generate the APK and analyse it in this webpage: http://www.javadecompilers.com/apktool
You can check using Android Studio as well by generating the APK and later going to Build -> Analyze APK... -> select your APK to analyze.
I hope this help.