Android Tutorial Code Obfuscation

Discussion in 'Tutorials & Examples' started by Erel, Jan 6, 2012.

  1. Erel

    Erel Administrator Staff Member Licensed User

    This tutorial is relevant for B4A and B4J.
    During compilation B4A generates Java code which is then compiled with the Java compiler and converted to Dalvik (Android byte code format).
    There are tools that allow decompilation of Dalvik byte code into Java code.

    The purpose of obfuscation is to make the decompiled code less readable, harder to understand and make it more difficult to extract strings like developer account keys.

    It is important to understand how the obfuscator works.
    The obfuscator does two things:

    Strings obfuscation
    Any string written in Process_Globals sub (and only in this sub) will be obfuscated, making it much harder to extract important keys. The strings are defuscated at runtime.
    Note that several keys are used during obfuscation including the package name, version name and version code. Modifying these values with the manifest editor will break the defuscation process.

    Variables renaming
    The names of global variables and subs are converted to meaningless strings. Local variables are not affected as their names are lost anyway during the compilation.
    The following identifiers are not renamed:
    - Identifiers that contain an underscore (requires for the events handlers).
    - Subs that appear in CallSub statements. Only if the sub name appears as a static string then the identifier will be kept as is.
    - Designer views names.

    Tip: If, for some reason, you need to prevent the obfuscator to rename an identifier you should add an underscore in the identifier name.

    A file named ObfuscatorMap.txt will be created under the Objects folder. This file maps the original identifiers names to the obfuscated names. This mapping can be helpful to analyze crash reports.

    Activating the obfuscator


    There are three modes:
    - Debug - in this mode the IDE debugger will connect to the running application (same as the previous Attach debugger option).
    - Release - compiles the application without any debugging information.
    - Release (obfuscation) - compiles the application and activates the obfuscator.

    [​IMG]

    Pitfalls
    Using CallSub with a non-static string.
    The following code demonstrates this issue:
    Code:
    Sub Activity_Resume
       
    CallSub("Main""Test1"'Works because it is a static string (Test sub will not be renamed)
       Dim subName As String
       subName = 
    "Test2"
       
    CallSub("Main", subName) 'Skipped at runtime because Test2 sub is renamed
       subName = "Test_3"
       
    CallSub("Main", subName) 'Works because Test_3 includes an underscore and it will not be renamed.
    End Sub
    Sub Test1
       
    Log("a")
    End Sub
    Sub Test2
       
    Log("b")
    End Sub
    Sub Test_3
       
    Log("c")
    End Sub
    - LicenseChecker.SetVariableAndValue
    This method references a variable using a string. This method will fail if the variable name doesn't include an underscore.
     
    Last edited: Oct 24, 2016
  2. moster67

    moster67 Well-Known Member Licensed User

    wow !! :sign0188:

    you're a genius!
     
  3. KashMalaga

    KashMalaga Member Licensed User

    We cant wait more until release!! :sign0188:

    :sign0098:
     
  4. nad

    nad Active Member Licensed User

    Awesome Erel, really useful.
    Bless the day i got B4A
    :sign0098:
     
  5. worm

    worm Member Licensed User

    Thank you for your hard work!
     
  6. clx

    clx Member Licensed User

    Amazing!!
    :D:D
    Thanks!
     
  7. Fox

    Fox Active Member Licensed User

    Amazing

    looking forward to this version :sign0188:

    Thanks erel for this nice feature :sign0098:
     
  8. JonPM

    JonPM Well-Known Member Licensed User

    Would using this have any impact on app performance?

    Sent from my DROIDX
     
  9. Smee

    Smee Well-Known Member Licensed User

    Simply Marvellous
    :sign0188:
     
  10. stefanoa

    stefanoa Active Member Licensed User

    Great!!!!
    :sign0098:
     
  11. pluton

    pluton Active Member Licensed User

    Fantastic

    Can't wait :D
     
  12. Erel

    Erel Administrator Staff Member Licensed User

    No. The string defuscation does happen at runtime. However it only affects strings in Process_Globals sub and the defuscation function is very fast.
     
  13. COBRASoft

    COBRASoft Active Member Licensed User

  14. Inman

    Inman Well-Known Member Licensed User

    Great going. Another excellent feature for B4A.
     
  15. palmzac

    palmzac Active Member Licensed User

    Great !!!! :sign0098:
     
  16. pluton

    pluton Active Member Licensed User

    Interesting thing. It is great.
    I notice when I press Relase (obfuscated) it creates also in folder Objects little txt file ObfuscatorMap.txt and there write what has renamed :D

    I love B4A :D

     
  17. AscySoft

    AscySoft Active Member Licensed User

    Super! Can't wait. Keep up the good job
     
  18. ondesic

    ondesic Active Member Licensed User

    Are any of the sub names changed?

    For instance, if I have a sub called Sub LisenceCheck, I would like it to not be visible. Do I have to manually change these names?
     
  19. Erel

    Erel Administrator Staff Member Licensed User

    All subs without an underscore are renamed.
     
  20. ondesic

    ondesic Active Member Licensed User

    Erel,

    But isn't it true that the in the main.java file, all subs are renamed to have an underscore in them? For instance, in a sub called CheckLicense, it looks like b4a automatically changes the name to _CheckLicense. Thus, even though my sub didn't have an underscore originally, it sill is filtered out. Is that correct, or have things changed in this regard?
     
Loading...