Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
ProGuard
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Edward Dale
August 31, 2017
Technology
1
520
ProGuard
An introduction to how ProGuard works.
Edward Dale
August 31, 2017
Tweet
Share
More Decks by Edward Dale
See All by Edward Dale
Write your own ProGuard
scompt
1
220
Screenshot your Entire App with Screengrab and Firebase
scompt
0
490
Screenshot your Entire App
scompt
1
2k
Reactive In-App Billing on Android
scompt
2
320
Fitness Motion Recognition with Android Wear
scompt
1
470
Android Apps with Mortar and Flow
scompt
7
1.7k
Functional Reactive Programming in the Mobile World
scompt
2
360
Other Decks in Technology
See All in Technology
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.3k
ブロックテーマ、WordPress でウェブサイトをつくるということ / 2026.02.07 Gifu WordPress Meetup
torounit
0
170
CDK対応したAWS DevOps Agentを試そう_20260201
masakiokuda
1
230
ブロックテーマでサイトをリニューアルした話 / 2026-01-31 Kansai WordPress Meetup
torounit
0
460
AWS Network Firewall Proxyを触ってみた
nagisa53
0
200
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
sansantech
PRO
3
2.3k
AI駆動PjMの理想像 と現在地 -実践例を添えて-
masahiro_okamura
1
110
予期せぬコストの急増を障害のように扱う――「コスト版ポストモーテム」の導入とその後の改善
muziyoshiz
1
1.7k
~Everything as Codeを諦めない~ 後からCDK
mu7889yoon
3
300
顧客の言葉を、そのまま信じない勇気
yamatai1212
1
350
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
220
制約が導く迷わない設計 〜 信頼性と運用性を両立するマイナンバー管理システムの実践 〜
bwkw
3
910
Featured
See All Featured
Java REST API Framework Comparison - PWX 2021
mraible
34
9.1k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.6k
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
250
Believing is Seeing
oripsolob
1
53
Discover your Explorer Soul
emna__ayadi
2
1.1k
Making Projects Easy
brettharned
120
6.6k
The SEO Collaboration Effect
kristinabergwall1
0
350
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
Marketing Yourself as an Engineer | Alaka | Gurzu
gurzu
0
130
The Illustrated Children's Guide to Kubernetes
chrisshort
51
51k
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
320
Transcript
ProGuard Edward Dale @scompt Freeletics https://www.freeletics.com August 31, 2017 ©
Edward Dale, 2017 1
Agenda • Overview • Steps • Problems • Future ©
Edward Dale, 2017 2
Purpose ProGuard is the most popular optimizer for Java bytecode.
It makes your Java and Android applications up to 90% smaller and up to 20% faster. ProGuard also provides minimal protection against reverse engineering by obfuscating the names of classes, fields and methods. — https://www.guardsquare.com/en/proguard © Edward Dale, 2017 3
Purpose ProGuard is the most popular optimizer for Java bytecode.
It makes your Java and Android applications up to 90% smaller and up to 20% faster. ProGuard also provides minimal protection against reverse engineering by obfuscating the names of classes, fields and methods. — https://www.guardsquare.com/en/proguard © Edward Dale, 2017 4
Highlights 1 • ProGuard is a command-line tool with an
optional graphical user interface. • ProGuard is easy to configure. A few intuitive command line options or a simple configuration file is all it takes. All available options are detailed in the user manual. 1 https://www.guardsquare.com/en/proguard © Edward Dale, 2017 5
Highlights 1 (continued) • ProGuard is fast. It processes small
Android applications and entire run-time libraries in seconds. • ProGuard is the default tool in development environments like Oracle’s Wireless Toolkit, NetBeans, EclipseME, Intel’s TXE SDK and Google’s Android SDK. 1 https://www.guardsquare.com/en/proguard © Edward Dale, 2017 6
Highlights (annotated) • ProGuard is easy to configure. A few
intuitive command line options or a simple configuration file is all it takes. All available options are detailed in the user manual. • ProGuard is fast. It processes small Android applications and entire run- time libraries in seconds. © Edward Dale, 2017 7
Steps start shrink end optimize obfuscate preverify © Edward Dale,
2017 8
Shrink Step • Enabled by default • Disabled with -dontshrink
• Removes all classes, methods, resources not reachable from from an entry point (seeds) • Dynamically referenced classes/methods need to be "kept" using -keep or -keepclasseswithmembers © Edward Dale, 2017 9
Example Class Diagram LoginActivity UserManager UserApi FeedActivity FeedApi OldUserManager OldUserApi
© Edward Dale, 2017 10
After Shrinking • No seeds LoginActivity UserManager UserApi FeedActivity FeedApi
OldUserManager OldUserApi © Edward Dale, 2017 11
After Shrinking • -keep MainActivity • -keep SecondActivity LoginActivity UserManager
UserApi FeedActivity FeedApi OldUserManager OldUserApi © Edward Dale, 2017 12
After Shrinking • -keep public class * extends android.app.Activity LoginActivity
UserManager UserApi FeedActivity FeedApi OldUserManager OldUserApi © Edward Dale, 2017 13
Keep Options -keep Specifies classes and class members (fields and
methods) to be preserved as entry points to your code. -keepclassmembers Specifies class members to be preserved, if their classes are preserved as well. -keepclasseswithmembers Specifies classes and class members to be preserved, on the condition that all of the specified class members are present. © Edward Dale, 2017 14
Optimize Step • Enabled by default • Disabled with -dontoptimize
• Performs lots of different bytecode-level optimizations to the code © Edward Dale, 2017 15
Optimize Step • -optimizationpasses declares how many times to optimize/shrink
• Freeletics does 5 passes © Edward Dale, 2017 16
Optimize Step • -optimizations can be used to disable specific
optimizations • Freeletics disables optimizations that cause problems on Android • More information in $ANDROID_HOME/tools/proguard/ proguard-android-optimize.txt © Edward Dale, 2017 17
Example Optimizations 2 • Marks methods as final, whenever possible.
• Removes unused method parameters. • Propagates the values of method parameters from method invocations to the invoked methods. • Propagates the values of method return values from methods to their invocations. • Inlines short methods. • Inlines methods that are only called once. 2 https://www.guardsquare.com/en/proguard/manual/optimizations © Edward Dale, 2017 18
Obfuscate Step • Enabled by default • Disabled with -dontobfuscate
• Classes and class members receive new short random names, except for the ones listed by the various -keep options • Internal attributes that are useful for debugging are removed © Edward Dale, 2017 19
After Obfuscation LoginActivity A B FeedActivity C OldUserManager OldUserApi ©
Edward Dale, 2017 20
Preverification Step • Enabled by default • Disabled with -dontpreverify
• When loading class files, the class loader performs some sophisticated verification of the byte code. • Unnecessary on Android © Edward Dale, 2017 21
Problems © Edward Dale, 2017 22
Problem 1 Class is unintentionally removed/obfuscated Symptom: Runtime crash java.lang.NoClassDefFoundError:
Failed resolution of: Lcom/freeletics/LoginActivity; © Edward Dale, 2017 23
Problem 1 Class is unintentionally removed/obfuscated Symptom: Runtime crash java.lang.NoClassDefFoundError:
Failed resolution of: Lcom/freeletics/LoginActivity; Solution: Ensure class is kept -keep com.freeletics.LoginActivity © Edward Dale, 2017 24
Problem 2 Code references a class not available Symptom:: Build
failure Warning: rx.internal.util.unsafe.ConcurrentCircularArrayQueue: can't find referenced class sun.misc.Unsafe ... Warning: there were 47 unresolved references to classes or interfaces. © Edward Dale, 2017 25
Problem 2 Code references a class not available Symptom:: Build
failure Warning: rx.internal.util.unsafe.ConcurrentCircularArrayQueue: can't find referenced class sun.misc.Unsafe ... Warning: there were 47 unresolved references to classes or interfaces. Solution: Don't warn about classes unavailable on Android -dontwarn sun.misc.Unsafe © Edward Dale, 2017 26
Problem 3 Adding a new library breaks build Symptom: Build
failure © Edward Dale, 2017 27
Problem 3 Adding a new library breaks build Symptom: Build
failure Solution: Google Should only happen with non-Android-specific libraries. Android-specific Libraries can add a ProGuard configuration that should be used. © Edward Dale, 2017 28
The Future we are also working on R8, which is
a Proguard replacement for whole program minification and optimization3 — James Lau, Product Manager 3 https://android-developers.googleblog.com/2017/08/next-generation-dex-compiler-now-in.html © Edward Dale, 2017 29
The Future • D8 is a dexer that converts java
byte code to dex code. • R8 is a java program shrinking and minification tool that converts java byte code to optimized dex code. • R8 is a Proguard replacement for whole-program optimization, shrinking and minification. R8 uses the Proguard keep rule format for specifying the entry points for an application. © Edward Dale, 2017 30
Questions? Edward Dale @scompt Freeletics https://www.freeletics.com © Edward Dale, 2017
31
Citations • http://knowyourmeme.com/memes/yao-ming-face-bitch- please © Edward Dale, 2017 32
scompt
sansan33
torounit
masakiokuda
nagisa53
sansantech
masahiro_okamura
muziyoshiz
mu7889yoon
yamatai1212
slsops
bwkw
mraible
zakiyama
garrettdimon
tmiket
oripsolob
emna__ayadi
brettharned
kristinabergwall1
chriscoyier
gurzu
chrisshort
chikuwait
