Amazon Developer Blogs
Showing posts tagged with obfuscation
What is code obfuscation?
If you are ready to submit your app to the Amazon Appstore for Android, you might consider obfuscating your code. Obfuscating your code modifies your source and machine code to be difficult for a human to understand if your app gets decompiled. If you are concerned about your app being reverse engineered, using a tool to obfuscate your code can help a great deal.
Caveat
Not all of your source can be obfuscated, however. If you are implementing In-App Purchasing for your app, the Amazon Appstore relies on certain methods being available to call and provide you with information about a purchase request. If these methods get obfuscated and renamed, the Appstore will not be able to send information to your app. This post is a brief walkthrough on adding code obfuscation to your project.
Proguard
For android apps, Proguard is a code obfuscation tool that is provided to you once you download the Android SDK. The program shrinks and obfuscates your source code.
Setting Up Code Obfuscation for your Project
Prerequisites
This walkthrough assumes you have the Android SDK and Amazon In-App Purchasing API installed and your project already completed.
For help on installing the Android SDK, please refer to their website at http://www.developer.android.com/sdk/installing.html. Download the Amazon In-App Purchasing API by going to http://developer.amazon.com/
Enabling Proguard for your App
To enable Proguard for your Android app, refer to the following documentation from the Android SDK: http://developer.android.com/guide/developing/tools/proguard.html
Edit the build.properties file inside of your project, and add the following line (if you don’t have this file in your project directory, make one):
| proguard.config = <relative or absolute path to proguard.cfg file> |
‘Keeping’ the In-App Framework Intact
When incorporating the in-app framework into your library, you will need to specify classes to ‘keep’ and not obfuscate. Add the following lines anywhere in your proguard.cfg file.
| -dontwarn com.amazon.** -keep class com.amazon.** {*;} -keepattributes *Annotation* -dontoptimize |
Finalizing and Releasing Your App
Now that you’ve fully set up your proguard.cfg and build.properties file, you can run Proguard through the ant build script for your project.
Obfuscation with another Program
If you are using another program for code obfuscation, to ensure that in-app functionality is preserved, make sure your program does not obfuscate any class under the com.amazon.* namespace, including method names and identifiers. Your obfuscation program must also preserve annotations.
Conclusion and Additional Resources
The code in this article serves as a walkthrough for enabling and using Proguard for release candidates of your app. Sample apps that include the code from this article are provided in the In-App Purchasing API. Again, you can download the SDK by logging into http://developer.amazon.com/
