參考資料：
https://mp.weixin.qq.com/s?src=11&timestamp=1559011203&ver=1633&signature=cJ77-Tq4Ff7D8XgEXRUv3VE8L4t-LKfYRenM69nV72taW15NmYFeP7U8aKmRgJqQ7ZvOFrMBk4lpLfGexuEOjThCHZ62IZU91aEVU5ZFCVUp6gj01xmp-I0ybOfRffD9&new=1
https://www.zhihu.com/question/24027474/answer/370741770
https://www.zhihu.com/question/33184477#answer-17942697

• Android官網(wǎng)
  The ProGuard tool shrinks, optimizes, and obfuscates your code by removing unused code and renaming classes, fields, and methods with semantically obscure names. The result is a smaller sized .apk file that is more difficult to reverse engineer.
  Proguard通過移除無用的代碼、使用語義學(xué)上晦澀的名字去重命名類、方法、變量來壓縮、優(yōu)化以及混淆代碼。然后就可以得到一個更小的apk文件同時它更難被逆向（破解）。

• Proguard官網(wǎng)
  ProGuard is a Java class file shrinker, optimizer, obfuscator, and preverifier. The shrinking step detects and removes unused classes, fields, methods, and attributes. The optimization step analyzes and optimizes the bytecode of the methods. The obfuscation step renames the remaining classes, fields, and methods using short meaningless names. These first steps make the code base smaller, more efficient, and harder to reverse-engineer.
  Proguard是一個Java類文件壓縮器、優(yōu)化器、混淆器、預(yù)校驗器。壓縮環(huán)節(jié)會檢測以及移除沒有用到的類、字段、方法以及屬性。優(yōu)化環(huán)節(jié)會分析以及優(yōu)化方法的字節(jié)碼?；煜h(huán)節(jié)會用無意義的短變量去重命名類、變量、方法。這些步驟讓代碼更精簡，更高效，也更難被逆向（破解）。

• 四個步驟（預(yù)檢驗是針對J2ME以及Java 6的，對Android無用）

image.png

• android混淆文件放置
  編輯項目下的build.gradle文件

    buildTypes {
        release {
            minifyEnabled true
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
            signingConfig signingConfigs.eros
            manifestPlaceholders = [
                    GETUI_APP_ID    : GETUI_APPID,
                    GETUI_APP_KEY   : GETUI_APPKEY,
                    GETUI_APP_SECRET: GETTUI_APPSECRET,
                    APP_ID          : APPLICATION_ID
            ]
        }

        debug {
            minifyEnabled true
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
            signingConfig signingConfigs.eros
            manifestPlaceholders = [
                    GETUI_APP_ID    : GETUI_APPID,
                    GETUI_APP_KEY   : GETUI_APPKEY,
                    GETUI_APP_SECRET: GETTUI_APPSECRET,
                    APP_ID          : APPLICATION_ID
            ]
        }

    }

混淆內(nèi)容

• 避免混淆泛型 –keepattributes Signature
• 排除反射、序列化（Parcelable，Serializable）相關(guān)的類
• JNI 方法
• AndroidManifest.xml 中配置的類（Application、Activity、Service、ContentProvider、BroadcastReceiver等）

這些類的名字不能混淆，混淆后xml文件中相關(guān)的類找不到它們了。類里面的一些方法，變量是可以混淆的。

• R文件
  -keep class **.R$* { *; }
• 自定義view

-keep public class * extends android.view.View {
    *** get*();
    void set*(***);
    public <init>(android.content.Context);
    public <init>(android.content.Context, android.util.AttributeSet);
    public <init>(android.content.Context, android.util.AttributeSet, int);
}

• 保留行號的等信息方便崩潰之后還原日志，-renamesourcefileattribute SourceFile與-keepattributes SourceFile,LineNumberTable #輸出錯誤信息行號等
• 第三方包需要按配置說明做相應(yīng)混淆
  （PUSH，登錄，分享，網(wǎng)絡(luò)庫，圖片庫等）

混淆文件

• 默認(rèn)混淆文件
  proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt
  該路徑下的proguard-android.txt已經(jīng)包含了Parcelable，JNI，R文件AndroidManifest.xml 中配置的類，自定義view。

• 自定義混淆文件
  一般再增加范型、反射相關(guān)的類、Serializable等

• -keep class XXX**{*;}
  保留XXX開頭的所有類不被混淆
  單個*表示匹配除.外的所有字符（個數(shù)不限制），兩個**表示匹配含.的所有字符。

比如xx*匹配xx222、xx2，但是不匹配xx2.2，而xx**則匹配

• -dontwarn [class_filter]
  聲明不輸出那些未找到的引用和一些錯誤，但續(xù)混淆。配置中的class_filter 是一串正則表達(dá)式，被匹配到的類名相關(guān)的警告都不會被輸出出來。

• -optimizationpasses n
  指定執(zhí)行幾次優(yōu)化，默認(rèn)情況下，只執(zhí)行一次優(yōu)化。執(zhí)行多次優(yōu)化可以提高優(yōu)化的效果，但是，如果執(zhí)行過一次優(yōu)化之后沒有效果，就會停止優(yōu)化，剩下的設(shè)置次數(shù)不再執(zhí)行。這個選項只在 optimizate 階段有效

# This is a configuration file for ProGuard.
# http://proguard.sourceforge.net/index.html#manual/usage.html
#
# This file is no longer maintained and is not used by new (2.2+) versions of the
# Android plugin for Gradle. Instead, the Android plugin for Gradle generates the
# default rules at build time and stores them in the build directory.

-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-verbose

# Optimization is turned off by default. Dex does not like code run
# through the ProGuard optimize and preverify steps (and performs some
# of these optimizations on its own).
-dontoptimize
-dontpreverify
# Note that if you want to enable optimization, you cannot just
# include optimization flags in your own project configuration file;
# instead you will need to point to the
# "proguard-android-optimize.txt" file instead of this one from your
# project.properties file.

-keepattributes *Annotation*
-keep public class com.google.vending.licensing.ILicensingService
-keep public class com.android.vending.licensing.ILicensingService

# For native methods, see http://proguard.sourceforge.net/manual/examples.html#native
-keepclasseswithmembernames class * {
    native <methods>;
}

# keep setters in Views so that animations can still work.
# see http://proguard.sourceforge.net/manual/examples.html#beans
-keepclassmembers public class * extends android.view.View {
   void set*(***);
   *** get*();
}

# We want to keep methods in Activity that could be used in the XML attribute onClick
-keepclassmembers class * extends android.app.Activity {
   public void *(android.view.View);
}

# For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations
-keepclassmembers enum * {
    public static **[] values();
    public static ** valueOf(java.lang.String);
}

-keepclassmembers class * implements android.os.Parcelable {
  public static final android.os.Parcelable$Creator CREATOR;
}

-keepclassmembers class **.R$* {
    public static <fields>;
}

# The support library contains references to newer platform versions.
# Don't warn about those in case this app is linking against an older
# platform version.  We know about them, and they are safe.
-dontwarn android.support.**

# Understand the @Keep support annotation.
-keep class android.support.annotation.Keep

-keep @android.support.annotation.Keep class * {*;}

-keepclasseswithmembers class * {
    @android.support.annotation.Keep <methods>;
}

-keepclasseswithmembers class * {
    @android.support.annotation.Keep <fields>;
}

-keepclasseswithmembers class * {
    @android.support.annotation.Keep <init>(...);
}