在android 應用層開發的時候咱們技術人員都或多或少都會接觸一些SDK比如so、jar等,這些都是數據類公司提供給互聯網開發公司的關於技術核心類
方便的東西,因爲是核心所以加密加固是必不可少的工作,本博今天就向大家介紹jar的封裝打包以及混淆,完成自己的SDK!在此之前需要給大家說
說so,so是由C/C++語言編譯而來,其反編譯難度更大,因爲反編譯之後就是彙編語言,需要懂彙編才能看懂,更重要的是即使懂彙編把其復原也是相
當大的工程,尤其是一些大公司的SDK,那就更別說了,而jar呢反編譯的難度就相比so要小很多,所以這也是很多包名和key的驗證都放在so的原因!
jar加密加固無外乎就是混淆了,只要你在這個行業做了一段時間就會知道個大概了,混淆就是把 keep 命令之外的變量名、類名、函數名、
attributes、parameter name等全部混淆成一些小寫字母之類的,這樣這個SDK看起來就會異常的紊亂,但是先前提到過,只要在這個行業做過一段時
間,即使混淆了部分,但大部分的語法還是可以尋到其根源的,所以比較好的方式就是推薦so+jar
①通過library打包自己的SDK
這是筆者自己寫的一個SDK,裏面主要是用來管理wifi、ap、服務端的文件快傳、攝像監控的rtsp推流框架、asyntask管理、網絡編程、相機管理,硬加速、局域網組播、二維碼
生成和解析等,是用於一個大項目的核心代碼,主要是用來降低架構與UI的耦合性,其次就是爲了安全,廢話不多說先開始介紹library的封裝,打包成jar 的SDK最後介紹jar SDK
的混淆加固
首先看看library的構成,如下圖:
AndroidManifest.xml 清單文件的配置,如下代碼:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="jsp.rtsp.server.camera" >
<application
android:allowBackup="true"
android:label="@string/app_name"
android:supportsRtl="true" >
</application>
</manifest>然後修改AndroidManifest.xml清單文件去掉不必要的xml節點,完成這一步之後,進行如下圖步驟:
接下來彈出如下提示框,進行如下步驟:
這樣一個library的建立就完成了!
下面介紹library的編譯與依賴的編譯
編譯的話直接clean就可以編譯library,簡單粗暴,接着說依賴編譯,還是上圖描述比較深刻
還是單機選擇一個非library的android項目,如下:
選擇properties項後,彈出如下提示框:
點擊OK確認後,進行如下步驟:
執行完該步驟之後,項目會生成一個新的東西,如下圖:
下面繼續說上面的依賴編譯,在完成上面的步驟之後,可以開始依賴編譯,就是對library項目進行clean,但再此之前需要執行一下步驟,方便清除上一次的library
緩存,如下圖步驟操作,在對library進行clean:
這就是依賴編譯,這麼做的好處就是可以不用每次更新編譯生成新library的時候將jar copy到項目中,非常方便!
好了,關於library的jar SDK封裝就完成了,下面開始講library SDK的混淆與加密加固了!
②通過Proguard 混淆 library打包的jar SDK
Proguard 的使用,Proguard在你的android SDK 路徑下的 tools目錄下,比如筆者的如下圖:
雙擊打開,下面介紹 Proguard 使用
點擊next之後,可以新增自己需要被混淆的jar以及混淆後的jar輸出路徑,如下圖:
備註:其中的android.jar依賴需要根據自己的SDK版本對應,比如你選擇的是6.0,那對應選擇SDK目錄下的platforms的android-23下的android.jar
然後選擇next進行下一步
繼續 next 執行下一步
下面介紹怎麼樣配置混淆,以及混淆的具體操作:
1.關於類的混淆:
添加不想被混淆的類:
添加不想被混淆的方法:
添加不想被混淆的變量:
關於內部類和內部接口的混淆,其中內部enum也類似
關於函數和變量方面,筆者怕大家理解不清楚,就隨便演示一下,如下圖:
1.不混淆方法演示圖:
首先看實際代碼:
/**
* @author Engineer-Jsp
* @param android.content.Context context
* @param jsp.rtsp.server.ap.WiFiApManager.ResponseCallBack call
* @return jsp.rtsp.server.ap.WiFiApManager
*/
public static WiFiApManager getInstance(Context context, ResponseCallBack call) {
if (mWiFiApManager == null) {
mWiFiApManager = new WiFiApManager(context, call);
}
return mWiFiApManager;
}再看混淆的配置:
argument type 看不清嗎?沒關係,我把它貼出來:
android.content.Context,jsp.rtsp.server.ap.WiFiApManager$ResponseCallBack
你們肯定在想,爲什麼是WiFiApManager$ResponseCallBack而不是WiFiApManager.ResponseCallBack,這個等下會細說給大家,下面繼續演示變量的混淆配置
2. 不混淆變量演示:
首先看一個內部類代碼:
public class CameraManager {
private static CameraManager mCameraManager = null;
private MediaStream mMediaStream;
public static interface CameraCallBack {
void onSuccess(int code, String msg);
void onCameraStop();
void onError(int errcode, String errmsg);
}
/**
*
* @author Engineer-Jsp
* 內部類的演示
*
*/
public static class CameraParameters {
public int width;
public int height;
}
好了,到此關於混淆的具體配置都已經講得差不多了,下面還要給大家說說關於內部類、內部接口等的調用爲什麼有時候用"$"有時用".",其實這是跟具體配置和
代碼的寫法有關的,還記得在配置混淆的時候的那具體的提示框嗎?沒錯這就是引起調用的關鍵
假如上圖紅色框的2個複選框被勾選了,那麼混淆配置以及混淆之後的內部調用是不用帶"$"符號的,採用"."符號,比如:WiFiApManager.ResponseCallBack
假如上圖紅色框的2個複選框沒有被勾選,那麼混淆配置以及混淆之後的內部調用是帶"$"符號的,比如:WiFiApManager$ResponseCallBack,在import 導包的時候也是用"$"而不能用點符號,即使是 new 創建新實例對象的時候,如果他是內部類,就必須要帶$符號,如下導包和創建新的實例:
import jsp.rtsp.server.ap.WiFiApManager$ResponseCallBack;
CameraManager$CameraParameters cameraParameters = CameraManager.getSupportResolution(this);
所以在不勾選的情況下,建議大家刻意的去使用內部類和內部接口,除非它們不需要暴露給開發者調用,否則最好不要這樣寫!這樣不規範!
在配置完混淆的具體配置以後,繼續next,後面的大概都不用去修改了,一直到 process 選項,選擇 process 按鈕,就會開始混淆jar
在該 process 界面下,有以下按鈕需要注意,如下圖:
混淆後使用jd-gui看效果:
編譯通過後導入項目與依賴該SDK的項目一起編譯
安裝效果圖:
其中本項目又涉及了很多so庫,所以在jni方面最好是不要混淆native的方法,而且C/C++調用java層的方法最好也不要混淆!
關於本篇文章的介紹就這麼多,謝謝觀博!
附上pro文件:
-injars 'D:\Android\Android-6.0-23.06-Build\workspace\jsp.jar'
-outjars 'D:\Android\Android-6.0-23.06-Build\workspace\jsp-rtsp-server.jar'
-libraryjars 'D:\Java\jre7\lib\rt.jar'
-libraryjars 'D:\Android\Android-6.0-23.06-Build\workspace\jsp-rtsp-server\libs\zxing.jar'
-libraryjars 'D:\Android\Android-6.0-23.06-Build\android-6.0-sdk\platforms\android-23\android.jar'
-dontshrink
-keeppackagenames
-keep,allowshrinking class jsp.rtsp.server.ap.WiFiApManager {
*** closeWifiAp(...);
public static jsp.rtsp.server.ap.WiFiApManager getInstance(android.content.Context,jsp.rtsp.server.ap.WiFiApManager$ResponseCallBack);
*** getWiFiApAddress(...);
*** openWifiAp(...);
*** onDestroy(...);
}
-keep,allowshrinking interface jsp.rtsp.server.ap.WiFiApManager$ResponseCallBack {
void onWiFiApQrcodeBitmapCall(android.graphics.Bitmap);
}
-keep,allowshrinking class jsp.rtsp.server.camera.CameraManager {
public static jsp.rtsp.server.camera.CameraManager getInstance(android.content.Context,android.view.SurfaceView,jsp.rtsp.server.camera.CameraManager$CameraCallBack);
*** updateResolution(...);
*** setDgree(...);
*** startStream(...);
*** getRtspAddress(...);
*** stopStream(...);
android.hardware.Camera getCamera(...);
*** setRtspAddress(...);
*** createCamera(...);
*** startPreview(...);
*** stopPreview(...);
*** destroyCamera(...);
*** switchCamera(...);
*** reStartStream(...);
public static void setSupportResolution(android.content.Context);
public static jsp.rtsp.server.camera.CameraManager$CameraParameters getSupportResolution(android.content.Context);
}
-keep,allowshrinking interface jsp.rtsp.server.camera.CameraManager$CameraCallBack {
void onSuccess(int,java.lang.String);
void onCameraStop(...);
void onError(int,java.lang.String);
}
-keep,allowshrinking public class jsp.rtsp.server.camera.CameraManager$CameraParameters {
public int width;
public int height;
}
-keep,allowshrinking class org.easydarwin.easyipcamera.camera.EasyIPCamera {
public static void onIPCameraCallBack(int,int,byte[],int);
}
# Keep - Applications. Keep all application classes, along with their 'main'
# methods.
-keepclasseswithmembers public class * {
public static void main(java.lang.String[]);
}
# Also keep - Enumerations. Keep the special static methods that are required in
# enumeration classes.
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
# Also keep - Database drivers. Keep all implementations of java.sql.Driver.
-keep class * extends java.sql.Driver
# Also keep - Swing UI L&F. Keep all extensions of javax.swing.plaf.ComponentUI,
# along with the special 'createUI' method.
-keep class * extends javax.swing.plaf.ComponentUI {
public static javax.swing.plaf.ComponentUI createUI(javax.swing.JComponent);
}
# Keep names - Native method names. Keep all native class/method names.
-keepclasseswithmembers,allowshrinking class * {
native <methods>;
}
# Remove - System method calls. Remove all invocations of System
# methods without side effects whose return values are not used.
-assumenosideeffects public class java.lang.System {
public static long currentTimeMillis();
static java.lang.Class getCallerClass();
public static int identityHashCode(java.lang.Object);
public static java.lang.SecurityManager getSecurityManager();
public static java.util.Properties getProperties();
public static java.lang.String getProperty(java.lang.String);
public static java.lang.String getenv(java.lang.String);
public static java.lang.String mapLibraryName(java.lang.String);
public static java.lang.String getProperty(java.lang.String,java.lang.String);
}
# Remove - Math method calls. Remove all invocations of Math
# methods without side effects whose return values are not used.
-assumenosideeffects public class java.lang.Math {
public static double sin(double);
public static double cos(double);
public static double tan(double);
public static double asin(double);
public static double acos(double);
public static double atan(double);
public static double toRadians(double);
public static double toDegrees(double);
public static double exp(double);
public static double log(double);
public static double log10(double);
public static double sqrt(double);
public static double cbrt(double);
public static double IEEEremainder(double,double);
public static double ceil(double);
public static double floor(double);
public static double rint(double);
public static double atan2(double,double);
public static double pow(double,double);
public static int round(float);
public static long round(double);
public static double random();
public static int abs(int);
public static long abs(long);
public static float abs(float);
public static double abs(double);
public static int max(int,int);
public static long max(long,long);
public static float max(float,float);
public static double max(double,double);
public static int min(int,int);
public static long min(long,long);
public static float min(float,float);
public static double min(double,double);
public static double ulp(double);
public static float ulp(float);
public static double signum(double);
public static float signum(float);
public static double sinh(double);
public static double cosh(double);
public static double tanh(double);
public static double hypot(double,double);
public static double expm1(double);
public static double log1p(double);
}
# Remove - Number method calls. Remove all invocations of Number
# methods without side effects whose return values are not used.
-assumenosideeffects public class java.lang.* extends java.lang.Number {
public static java.lang.String toString(byte);
public static java.lang.Byte valueOf(byte);
public static byte parseByte(java.lang.String);
public static byte parseByte(java.lang.String,int);
public static java.lang.Byte valueOf(java.lang.String,int);
public static java.lang.Byte valueOf(java.lang.String);
public static java.lang.Byte decode(java.lang.String);
public int compareTo(java.lang.Byte);
public static java.lang.String toString(short);
public static short parseShort(java.lang.String);
public static short parseShort(java.lang.String,int);
public static java.lang.Short valueOf(java.lang.String,int);
public static java.lang.Short valueOf(java.lang.String);
public static java.lang.Short valueOf(short);
public static java.lang.Short decode(java.lang.String);
public static short reverseBytes(short);
public int compareTo(java.lang.Short);
public static java.lang.String toString(int,int);
public static java.lang.String toHexString(int);
public static java.lang.String toOctalString(int);
public static java.lang.String toBinaryString(int);
public static java.lang.String toString(int);
public static int parseInt(java.lang.String,int);
public static int parseInt(java.lang.String);
public static java.lang.Integer valueOf(java.lang.String,int);
public static java.lang.Integer valueOf(java.lang.String);
public static java.lang.Integer valueOf(int);
public static java.lang.Integer getInteger(java.lang.String);
public static java.lang.Integer getInteger(java.lang.String,int);
public static java.lang.Integer getInteger(java.lang.String,java.lang.Integer);
public static java.lang.Integer decode(java.lang.String);
public static int highestOneBit(int);
public static int lowestOneBit(int);
public static int numberOfLeadingZeros(int);
public static int numberOfTrailingZeros(int);
public static int bitCount(int);
public static int rotateLeft(int,int);
public static int rotateRight(int,int);
public static int reverse(int);
public static int signum(int);
public static int reverseBytes(int);
public int compareTo(java.lang.Integer);
public static java.lang.String toString(long,int);
public static java.lang.String toHexString(long);
public static java.lang.String toOctalString(long);
public static java.lang.String toBinaryString(long);
public static java.lang.String toString(long);
public static long parseLong(java.lang.String,int);
public static long parseLong(java.lang.String);
public static java.lang.Long valueOf(java.lang.String,int);
public static java.lang.Long valueOf(java.lang.String);
public static java.lang.Long valueOf(long);
public static java.lang.Long decode(java.lang.String);
public static java.lang.Long getLong(java.lang.String);
public static java.lang.Long getLong(java.lang.String,long);
public static java.lang.Long getLong(java.lang.String,java.lang.Long);
public static long highestOneBit(long);
public static long lowestOneBit(long);
public static int numberOfLeadingZeros(long);
public static int numberOfTrailingZeros(long);
public static int bitCount(long);
public static long rotateLeft(long,int);
public static long rotateRight(long,int);
public static long reverse(long);
public static int signum(long);
public static long reverseBytes(long);
public int compareTo(java.lang.Long);
public static java.lang.String toString(float);
public static java.lang.String toHexString(float);
public static java.lang.Float valueOf(java.lang.String);
public static java.lang.Float valueOf(float);
public static float parseFloat(java.lang.String);
public static boolean isNaN(float);
public static boolean isInfinite(float);
public static int floatToIntBits(float);
public static int floatToRawIntBits(float);
public static float intBitsToFloat(int);
public static int compare(float,float);
public boolean isNaN();
public boolean isInfinite();
public int compareTo(java.lang.Float);
public static java.lang.String toString(double);
public static java.lang.String toHexString(double);
public static java.lang.Double valueOf(java.lang.String);
public static java.lang.Double valueOf(double);
public static double parseDouble(java.lang.String);
public static boolean isNaN(double);
public static boolean isInfinite(double);
public static long doubleToLongBits(double);
public static long doubleToRawLongBits(double);
public static double longBitsToDouble(long);
public static int compare(double,double);
public boolean isNaN();
public boolean isInfinite();
public int compareTo(java.lang.Double);
public <init>(byte);
public <init>(short);
public <init>(int);
public <init>(long);
public <init>(float);
public <init>(double);
public <init>(java.lang.String);
public byte byteValue();
public short shortValue();
public int intValue();
public long longValue();
public float floatValue();
public double doubleValue();
public int compareTo(java.lang.Object);
public boolean equals(java.lang.Object);
public int hashCode();
public java.lang.String toString();
}
# Remove - String method calls. Remove all invocations of String
# methods without side effects whose return values are not used.
-assumenosideeffects public class java.lang.String {
public <init>();
public <init>(byte[]);
public <init>(byte[],int);
public <init>(byte[],int,int);
public <init>(byte[],int,int,int);
public <init>(byte[],int,int,java.lang.String);
public <init>(byte[],java.lang.String);
public <init>(char[]);
public <init>(char[],int,int);
public <init>(java.lang.String);
public <init>(java.lang.StringBuffer);
public static java.lang.String copyValueOf(char[]);
public static java.lang.String copyValueOf(char[],int,int);
public static java.lang.String valueOf(boolean);
public static java.lang.String valueOf(char);
public static java.lang.String valueOf(char[]);
public static java.lang.String valueOf(char[],int,int);
public static java.lang.String valueOf(double);
public static java.lang.String valueOf(float);
public static java.lang.String valueOf(int);
public static java.lang.String valueOf(java.lang.Object);
public static java.lang.String valueOf(long);
public boolean contentEquals(java.lang.StringBuffer);
public boolean endsWith(java.lang.String);
public boolean equalsIgnoreCase(java.lang.String);
public boolean equals(java.lang.Object);
public boolean matches(java.lang.String);
public boolean regionMatches(boolean,int,java.lang.String,int,int);
public boolean regionMatches(int,java.lang.String,int,int);
public boolean startsWith(java.lang.String);
public boolean startsWith(java.lang.String,int);
public byte[] getBytes();
public byte[] getBytes(java.lang.String);
public char charAt(int);
public char[] toCharArray();
public int compareToIgnoreCase(java.lang.String);
public int compareTo(java.lang.Object);
public int compareTo(java.lang.String);
public int hashCode();
public int indexOf(int);
public int indexOf(int,int);
public int indexOf(java.lang.String);
public int indexOf(java.lang.String,int);
public int lastIndexOf(int);
public int lastIndexOf(int,int);
public int lastIndexOf(java.lang.String);
public int lastIndexOf(java.lang.String,int);
public int length();
public java.lang.CharSequence subSequence(int,int);
public java.lang.String concat(java.lang.String);
public java.lang.String replaceAll(java.lang.String,java.lang.String);
public java.lang.String replace(char,char);
public java.lang.String replaceFirst(java.lang.String,java.lang.String);
public java.lang.String[] split(java.lang.String);
public java.lang.String[] split(java.lang.String,int);
public java.lang.String substring(int);
public java.lang.String substring(int,int);
public java.lang.String toLowerCase();
public java.lang.String toLowerCase(java.util.Locale);
public java.lang.String toString();
public java.lang.String toUpperCase();
public java.lang.String toUpperCase(java.util.Locale);
public java.lang.String trim();
}
# Remove - StringBuffer method calls. Remove all invocations of StringBuffer
# methods without side effects whose return values are not used.
-assumenosideeffects public class java.lang.StringBuffer {
public <init>();
public <init>(int);
public <init>(java.lang.String);
public <init>(java.lang.CharSequence);
public java.lang.String toString();
public char charAt(int);
public int capacity();
public int codePointAt(int);
public int codePointBefore(int);
public int indexOf(java.lang.String,int);
public int lastIndexOf(java.lang.String);
public int lastIndexOf(java.lang.String,int);
public int length();
public java.lang.String substring(int);
public java.lang.String substring(int,int);
}
# Remove - StringBuilder method calls. Remove all invocations of StringBuilder
# methods without side effects whose return values are not used.
-assumenosideeffects public class java.lang.StringBuilder {
public <init>();
public <init>(int);
public <init>(java.lang.String);
public <init>(java.lang.CharSequence);
public java.lang.String toString();
public char charAt(int);
public int capacity();
public int codePointAt(int);
public int codePointBefore(int);
public int indexOf(java.lang.String,int);
public int lastIndexOf(java.lang.String);
public int lastIndexOf(java.lang.String,int);
public int length();
public java.lang.String substring(int);
public java.lang.String substring(int,int);
}