Android Proguard a General Idea

What is Proguard on android and what does it do?

ProGuard is a tool that comes with the Android SDK. It  shrinks, optimizes, and obfuscates your code by removing unused code and renaming classes, fields, and methods with semantically obscure names. The result is a smaller sized .apk file that is more difficult to reverse engineer. Because ProGuard makes your application harder to reverse engineer, it is important that you use it when your application utilizes features that are sensitive to security.

How to enable it? And is it recommended?

ProGuard is integrated into the Android build system. And to enable it you just have to find the “project.properties” file in your android project and have to uncomment the line which sets the path for the ProGuard. Also Proguard slows the app building sequence.
So you do not have to invoke it manually. ProGuard runs only when you build your application in release mode, so you do not have to wait longer time when debugging the app. Having ProGuard run is completely optional, but highly recommended.

So is that all that we have to do to enable and use ProGuard?

Yes that’s the basic, and it only does the Shrinking, but there are 2 more functions that give more advantages in increasing the security and management of the build.
They are Obfuscation and Repackaging.

So what is Obfuscation and how does it Work

With tools available to extract the contents of APK’s, deodex, and read the class files, it’s important to obfuscate to protect the proprietary aspects of your codebase.

ProGuard generates a mapping file that allows you to map the stack traces of obfuscated code to actual methods. Basically it replaces the methods in meaning full name to something unguessable like a work or letter.

Original Code

public Data(int id, int result, String message) {
       mId = id;
       mResult = result;
       mMessage = message;
    }

Obfuscated Code

public a(int paramInt1, int paramInt2, String paramString)
    {
       this.a = paramInt1;
       this.b = paramInt2;
       this.c = paramString;
   }

 Hope you got an idea on how it works

So what is Repackaging?

Repackaging allows ProGuard to take externals jars and class files and move them to a single container with a common java package location.

For those of you building libraries, repackaging is extremely helpful if you choose to show a simple interface to third party developers while keeping a maintainable and well structured project hierarchy in the source repository. This can also be useful in organizing lower level packages while exposing well defined interfaces!

 Optimizing

There is another function of Proguard which Optimizes the code, where you can specify which part of the code, which type of code needs to be Optimized.  However, there are known incompatibility issues with various Dalvik versions.
But It is good to know this feature, which can be used without issues using some other tools.

Reference : http://www.crashlytics.com/blog/mastering-proguard-for-building-lightweight-android-code/, http://developer.android.com/tools/help/proguard.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s