Android Tutorial Code Obfuscation

Erel

Administrator
Staff member
Licensed User
This tutorial is relevant for B4A and B4J.
During compilation B4A generates Java code which is then compiled with the Java compiler and converted to Dalvik (Android byte code format).
There are tools that allow decompilation of Dalvik byte code into Java code.

The purpose of obfuscation is to make the decompiled code less readable, harder to understand and make it more difficult to extract strings like developer account keys.

It is important to understand how the obfuscator works.
The obfuscator does two things:

Strings obfuscation
Any string written in Process_Globals sub (and only in this sub) will be obfuscated, making it much harder to extract important keys. The strings are defuscated at runtime.
Note that several keys are used during obfuscation including the package name, version name and version code. Modifying these values with the manifest editor will break the defuscation process.

Variables renaming
The names of global variables and subs are converted to meaningless strings. Local variables are not affected as their names are lost anyway during the compilation.
The following identifiers are not renamed:
- Identifiers that contain an underscore (requires for the events handlers).
- Subs that appear in CallSub statements. Only if the sub name appears as a static string then the identifier will be kept as is.
- Designer views names.

Tip: If, for some reason, you need to prevent the obfuscator to rename an identifier you should add an underscore in the identifier name.

A file named ObfuscatorMap.txt will be created under the Objects folder. This file maps the original identifiers names to the obfuscated names. This mapping can be helpful to analyze crash reports.

Activating the obfuscator


There are three modes:
- Debug - in this mode the IDE debugger will connect to the running application (same as the previous Attach debugger option).
- Release - compiles the application without any debugging information.
- Release (obfuscation) - compiles the application and activates the obfuscator.



Pitfalls
Using CallSub with a non-static string.
The following code demonstrates this issue:
B4X:
Sub Activity_Resume
   CallSub("Main", "Test1") 'Works because it is a static string (Test sub will not be renamed)
   Dim subName As String
   subName = "Test2"
   CallSub("Main", subName) 'Skipped at runtime because Test2 sub is renamed
   subName = "Test_3"
   CallSub("Main", subName) 'Works because Test_3 includes an underscore and it will not be renamed.
End Sub
Sub Test1
   Log("a")
End Sub
Sub Test2
   Log("b")
End Sub
Sub Test_3
   Log("c")
End Sub
- LicenseChecker.SetVariableAndValue
This method references a variable using a string. This method will fail if the variable name doesn't include an underscore.
 
Last edited:

Fox

Active Member
Licensed User
Amazing

looking forward to this version :sign0188:

Thanks erel for this nice feature :sign0098:
 

JonPM

Well-Known Member
Licensed User
Would using this have any impact on app performance?

Sent from my DROIDX
 

Erel

Administrator
Staff member
Licensed User
Would using this have any impact on app performance?
No. The string defuscation does happen at runtime. However it only affects strings in Process_Globals sub and the defuscation function is very fast.
 

pluton

Active Member
Licensed User
Interesting thing. It is great.
I notice when I press Relase (obfuscated) it creates also in folder Objects little txt file ObfuscatorMap.txt and there write what has renamed :D

I love B4A :D

This file maps the renamed variables to the original ones.
v5=adview1
v6=i
v7=provjera
v0=fotka
vv1=share
vv2=setwallpaper
 

ondesic

Active Member
Licensed User
Are any of the sub names changed?

For instance, if I have a sub called Sub LisenceCheck, I would like it to not be visible. Do I have to manually change these names?
 

ondesic

Active Member
Licensed User
Erel,

But isn't it true that the in the main.java file, all subs are renamed to have an underscore in them? For instance, in a sub called CheckLicense, it looks like b4a automatically changes the name to _CheckLicense. Thus, even though my sub didn't have an underscore originally, it sill is filtered out. Is that correct, or have things changed in this regard?
 
Top