Open AndroidDeveloperLB opened 2 years ago
@AndroidDeveloperLB Just test in my project and is working fine. Did you apply the plugin on your gradle module ?
apply plugin: 'com.android.application'
apply plugin: 'io.michaelrocks.paranoid'
@AndroidDeveloperLB I think the string isn't obfuscated in your case because you apply @Obfuscate
annotation to the Keys
class. But the compiler inlines the string into the MainActivity
class, which isn't obfuscated. I know about this issue but I don't have a good idea how to fix it because on the bytecode level the Keys
class isn't used in MainActivity
.
@cesarsicas The entire code is in the sample. It already uses the plugin
@MichaelRocks I don't understand. What did I do wrong? It doesn't work even on this basic case... What should I do? Why was it closed if you confirm it's a real issue?
BTW, it doesn't matter where it's used. Wherever I use it, it becomes hard-coded values.
It's an unwanted but expected behavior. Obfuscation should work if the @Obfuscate
annotation is applied to MainActivity
. If it doesn't work reopen the issue please and I'll check why it can happen.
@MichaelRocks I can't reopen the issue. I can only comment once the owner of the repository has closed it.
See attached after the change you wanted (works fine this way) :
Why only this way it works? Shouldn't it be used in the place that has the keys? After all, the keys can be used in more than one place... What if inside the class of keys, I would have a function to return one of the keys? Would you still say it won't work? And why did it work in the past this way, just fine?
What if I have multiple keys? Having each one spread on various files, it makes it quite annoying to use, and it's not managed well this way...
It will work if the key isn't a compile time constant which is inlined by the compiler. So you can fix it by removing const
or by converting the variable to a function. And it always worked this way.
@MichaelRocks How come const will work in the example you showed though? I suggest you to mention these restrictions on the main page of the repository, showing examples of the workarounds you've mentioned (in actual snippets). I'm also sure it worked fine with constants in the past though.
I've tried to build your project and as far as I can see it's obfuscated properly.
@MichaelRocks Which one? I already wrote that for the new one it works fine, because that's what you told me to try...
The second one which I expected to work properly. OK, let's keep this issue open and I'll think what I can do with it.
@MichaelRocks Thank you! Please for now write about this though. I didn't expect it to fail in this case, and I remember it worked fine in the past.
@MichaelRocks BTW the workaround of using just "val" instead of "const val" seems to work well.
Not working even with val
instead of const val
Where does it stores obfuscated Strings???
@humaimam123 Just try to de-obfuscate the APK, and search for one of the strings in case you think it doesn't change them. If you can't find, it means it did the job. You can disable it and search again, and then see where the strings are located.
I've noticed that the strings I was sure that this library obfuscate actually appear as they are, not obfuscated at all.
Steps:
http://www.javadecompilers.com/apk
The bug is that it's still there as it is, hard-coded:
ParanoidTest.zip
For a moment I thought this is because I use Kotlin, but it happens on Java too....
How could it be? I remember it worked fine in the past, no?