【发布时间】:2013-05-14 07:01:34
【问题描述】:
我想使用 java 混淆器来混淆我的源代码。我使用了 proguard,因为它是最推荐的一个。我将 build.xml 配置如下
<target name="-post-jar">
<property name="proguard.jar.path" value="D:/pro/proguard.jar" />
<taskdef resource="proguard/ant/task.properties"
classpath="${proguard.jar.path}" />
<echo message="Obfuscating ${dist.jar}..."/>
<mkdir dir="${build.dir}/obfuscated"/>
<proguard printmapping="${build.dir}/obfuscated/${application.title}.map"
renamesourcefileattribute="SourceFile" ignorewarnings="true">
<injar file="${dist.jar}" />
<outjar file="${build.dir}/obfuscated/${application.title}.jar" />
<libraryjar path="${javac.classpath}" />
<libraryjar file="${java.home}/lib/rt.jar" />
<libraryjar file="${java.home}/lib/jce.jar" />
<keepattribute name="InnerClasses" />
<keepattribute name="SourceFile" />
<keepattribute name="LineNumberTable" />
<keepattribute name="Deprecated" />
<keepattribute name="*Annotation*" />
<keepattribute name="Signature" />
<keepattribute name="Exceptions" />
<keep access="public">
<field access="public protected" />
<method access="public protected" />
</keep>
<keepclassmembernames access="public">
<method type ="java.lang.Class"
name ="class$"
parameters="java.lang.String" />
<method type ="java.lang.Class"
name ="class$"
parameters="java.lang.String,boolean" />
</keepclassmembernames>
<keepclasseswithmembernames>
<method access="native" />
</keepclasseswithmembernames>
<keepclassmembers extends="java.lang.Enum">
<method access="public static"
type="**[]"
name="values"
parameters="" />
<method access="public static"
type="**"
name="valueOf"
parameters="java.lang.String" />
</keepclassmembers>
<keepnames implements="java.io.Serializable"/>
<keepclassmembers implements="java.io.Serializable">
<field access ="final"
type ="long"
name ="serialVersionUID" />
<field access ="!static !transient"
name ="**"/>
<field access ="!private"
name ="**"/>
<method access ="!private"
name ="**"/>
<method access ="private"
type ="void"
name ="writeObject"
parameters="java.io.ObjectOutputStream" />
<method access ="private"
type ="void"
name ="readObject"
parameters="java.io.ObjectOutputStream" />
<method type ="java.lang.Object"
name ="writeReplace"
parameters="" />
<method type ="java.lang.Object"
name ="readResolve"
parameters="" />
</keepclassmembers>
</proguard>
<copy file="${build.dir}/obfuscated/${application.title}.jar" tofile="${dist.jar}" overwrite="true"/>
<delete dir="${build.dir}/obfuscated"/>
</target>
但它会导致以下错误:
java.lang.UnsupportedOperationException: Method must be overridden in [proguard.optimize.peephole.ClassMerger] if ever called
at proguard.classfile.util.SimplifiedVisitor.visitAnyClass(SimplifiedVisitor.java:47)
at proguard.classfile.util.SimplifiedVisitor.visitLibraryClass(SimplifiedVisitor.java:59)
at proguard.classfile.LibraryClass.accept(LibraryClass.java:301)
at proguard.classfile.ProgramClass.subclassesAccept(ProgramClass.java:433)
at proguard.optimize.peephole.VerticalClassMerger.visitProgramClass(VerticalClassMerger.java:83)
at proguard.classfile.ProgramClass.accept(ProgramClass.java:346)
at proguard.classfile.ClassPool.classesAccept(ClassPool.java:125)
at proguard.optimize.Optimizer.execute(Optimizer.java:565)
at proguard.ProGuard.optimize(ProGuard.java:307)
at proguard.ProGuard.execute(ProGuard.java:116)
at proguard.ant.ProGuardTask.execute(ProGuardTask.java:316)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:291)
at sun.reflect.GeneratedMethodAccessor137.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
at org.apache.tools.ant.Task.perform(Task.java:348)
at org.apache.tools.ant.Target.execute(Target.java:392)
at org.apache.tools.ant.Target.performTasks(Target.java:413)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1399)
at org.apache.tools.ant.Project.executeTarget(Project.java:1368)
at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
at org.apache.tools.ant.Project.executeTargets(Project.java:1251)
at org.apache.tools.ant.module.bridge.impl.BridgeImpl.run(BridgeImpl.java:285)
at org.apache.tools.ant.module.run.TargetExecutor.run(TargetExecutor.java:539)
at org.netbeans.core.execution.RunClassThread.run(RunClassThread.java:153)
【问题讨论】:
-
@AndrewThompson 这是一个选择,为什么不呢?
-
看看这个链接能不能帮到你:sourceforge.net/p/proguard/bugs/384
-
@Andrew Thompson:在我的情况下,至少必须保护它不被反编译。
-
1) 混淆不能保护代码免受坚定的黑客攻击。 2) 无法使用 ProGuard 软件的人有大约百万分之一的机会制造出值得窃取的任何东西。我的建议 a) 在应用程序更新上付出额外的努力。这样,黑客就试图“击中一个移动的目标”。 b) 销售支持,而不是软件。
-
@AndrewThompson:是的,改变性别是一种选择,所以有些人会这样做,我不会责怪他们,因为这是他们的选择。此外,您不知道该程序是否值得。同样,销售支持并不是所有公司获取利润的最佳方式,也是他们的选择。我认为当人们在这里提出问题时,他们不是在寻求业务管理方面的帮助,而是寻求技术问题。
标签: java obfuscation proguard