微信开源工具AndResGuard做Android资源混淆
前言
在Android开发过程中,为了防止自己的劳动成功被窃取或者受到不发分子的篡改,往往在发布的时候会对代码做混淆,但是混淆只混淆了代码,资源文件却还是赤裸在其他人面前,而且查看资源文件还非常简单,将.apk文件更换成.zip文件几个res文件夹下清楚的看到相关的资源文件,如下图:
为了保护项目的资源文件的可读性,同时也为了减小整个apk包的大小,下面一起来通过微信的开源库AndResGuard进行资源文件的混淆。
了解AndResGuard的原理请戳这里
准备工作
需要准备以下几个文件:
点击下载最新的配置文件,下面对以上文件一一做介绍
签名文件test.jks
可以通过Android studio或者eclipse创建;也可以使用keytool.exe创建,具体操作在android APK反编译及混淆学习总结中有介绍配置文件config.xml
重要的配置也用中文做了简单的解释,具体配置如下:<?xml version="1.0" encoding="UTF-8"?> <resproguard> <!--defaut property to set --> <issue id="property"> <!--whether use 7zip to repackage the signed apk, you must install the 7z command line version in window --> <!--sudo apt-get install p7zip-full in linux --> <!--and you must write the sign data fist, and i found that if we use linux, we can get a better result --> <seventzip value="false"/> <!--the sign data file name in your apk, default must be META-INF--> <!--generally, you do not need to change it if you dont change the meta file name in your apk--> <metaname value="META-INF"/> <!--if keep root, res/drawable will be kept, it won‘t be changed to such as r/s--> <keeproot value="false"/> </issue> <!--whitelist, some resource id you can not proguard, such as getIdentifier--> <!--isactive, whether to use whitelist, you can set false to close it simply--> <!--这里设置了那些资源不混淆的,如:友盟相关的资源就不能混淆,混淆后将会出现问题--> <issue id="whitelist" isactive="true"> <!--you must write the full package name, such as com.tencent.mm.R --> <!--for some reason, we should keep our icon better--> <!--and it support *, ?, such as com.tencent.mm.R.drawable.emoji_*, com.tencent.mm.R.drawable.emoji_?--> <path value="com.lpf.argt.R.drawable.ic_launcher"/> <path value="com.lpf.argt.R.mipmap.ic_launcher"/> <path value="com.lpf.argt.R.string.app_name"/> <path value="com.lpf.argt.R.drawable.icon"/> <path value="com.lpf.argt.R.string.umeng*"/> <path value="com.lpf.argt.R.layout.umeng*"/> <path value="com.lpf.argt.R.drawable.umeng*"/> <path value="com.lpf.argt.R.anim.umeng*"/> <path value="com.lpf.argt.R.color.umeng*"/> <path value="com.lpf.argt.R.style.*UM*"/> <path value="com.lpf.argt.R.style.umeng*"/> <path value="com.lpf.argt.R.id.umeng*"/> </issue> <!--keepmapping, sometimes if we need to support incremental upgrade, we should keep the old mapping--> <!--isactive, whether to use keepmapping, you can set false to close it simply--> <!--if you use -mapping to set keepmapping property in cammand line, these setting will be overlayed--> <!-- <issue id="keepmapping" isactive="false"> --> <!--the old mapping path, in window use \, in linux use /, and the default path is the running location--> <!--<path value="{your_mapping_path}"/> --> <!--</issue> --> <!--compress, if you want to compress the file, the name is relative path, such as resources.arsc, res/drawable-hdpi/welcome.png--> <!--what can you compress? generally, if your resources.arsc less than 1m, you can compress it. and i think compress .png, .jpg is ok--> <!--isactive, whether to use compress, you can set false to close it simply--> <issue id="compress" isactive="false"> <!--you must use / separation, and it support *, ?, such as *.png, *.jpg, res/drawable-hdpi/welcome_?.png--> <path value="*.png"/> <path value="*.jpg"/> <path value="*.jpeg"/> <path value="*.gif"/> <path value="resources.arsc"/> </issue> <!--sign, if you want to sign the apk, and if you want to use 7zip, you must fill in the following data--> <!--isactive, whether to use sign, you can set false to close it simply--> <!--if you use -signature to set sign property in cammand line, these setting will be overlayed--> <issue id="sign" isactive="true"> <!--the signature file path, in window use \, in linux use /, and the default path is the running location--> <!--这里设置签名文件的路径--> <path value="F:/DATA/code/build/test.jks"/> <!--storepass--> <storepass value="123456789"/> <!--keypass--> <keypass value="123456789"/> <!--alias--> <alias value="test"/> </issue> </resproguard>
7-zip工具的安装
下载软件,根据引导安装即可bat文件
新建一个txt文件夹,将如下指令拷贝进去,然后将.txt的后缀更换为.batJava -jar AndResGuard-cli-1.1.16.jar test.apk -config config.xml -out release -zipalign F:/DATA/code/software/sdk/build-tools/23.0.2/zipalign -7zip "E:/Program Files/7-Zip/7z.exe" -signature F:/DATA/code/build/test.jks 123456789 123456789 test
- F:/DATA/code/software/sdk/build-tools/23.0.2/zipalign为SDK自带的工具,具体路径根据自己的实际情况配置
- E:/Program Files/7-Zip/7z.exe为前一步中安装的7-zip的路径
- F:/DATA/code/build/test.jks为签名文件,后面紧跟的是2个密码和alias
test.apk
测试apk,这里的apk为任意apk均可以,签名过的apk必须是使用上面bat中配置的签名文件进行签名的;同时混淆后的apk也是没有问题的
开始混淆
按照上面步骤中的操作将配置文件及资源文件配齐之后,双击运行test.bat文件,出现以下日志:
同时在同目录下会出现一个“release”的文件夹,其中包含了混淆后的资源文件、源文件及混淆文件的对应关系、签名后的apk和未签名的apk,详情如下:
再次查看apk的资源文件,发现res文件夹已经变成了r,里面的各个资源也全部更换成其他的别名。
资源代码都混淆,资源和配置文件引用均无问题;为了测试包含第三方库是否会有影响,引入了ButterKnife测试,apk能正常运行。
混淆前与混淆后的大小对比
- 资源混淆前:
- 资源混淆后:
空项目就压缩了70KB-100KB的大小,相信在实际的项目开发中,资源文件更多,压缩率会更高
- 资源混淆前: