Closed XandrMaster closed 9 years ago
Can you supply your proguard.cfg?
Yes, of course:
-dontwarn * -dontshrink -dontoptimize -keep class com.google.* { ; } -keep class android.* { ; } -keep class org.apache.* { ; } -keep class com.activeandroid.* { ; } -keep class com.squareup.* { ; } -keep class retrofit.* { ; } -keep class rx.* { ; } -keep class com.facebook.* { ; } -keep class pl.charmas.* { ; } -keep class com.orhanobut.* { ; } -keep class com.tozny.* { ; } -keep class com.securepreferences.* { ; } -keep class com.scottyab.* { ; } -keep class java.security.* { ; } -keep class javax.crypto.* { ; } -keep class org.acra.* { ; } -keep class okio.* { ; } -keep class bolts.* { ; } -keep class pl.charmas.* { _; }
-keepattributes Signature
-keep class sun.misc.* { ; } -keep class com.google.gson.stream._* { *; }
-printmapping classes-processed-proguard.map
I had the same problem in a project using Secure-preferences. Adding the following to the Proguard config file worked in my case:
-keep class com.tozny.crypto.android.** { *; }
-keep class com.securepreferences.** { *; }
@scottyab do you see any issue with that?
@danybony that'll work. Of course you're excluding all the library code so it's not obfuscated. It would be better security (even if security by obscurity) to have that obfuscated too. I'll add to the issues, I'm sure it's only a small part that needs excluding.
See issue #29
This issue has been fixed as part of v0.1.4 - also please note unlike previous versions from 0.1.4+ no specific ProGuard config is need to get working. Just waiting for maven central to propagate dependancy.
Also please note there is specific DexGuard config supplied with DexGuard 7+ located <dexgaurd root>/samples/advanced/SecurePreferences
08-02 05:00:41.356 1533-1533/erparchitector.findwork.app.android E/AndroidRuntime﹕ FATAL EXCEPTION: main java.lang.SecurityException: new SecureRandom() backed by wrong Provider: class com.tozny.crypto.android.AesCbcWithIntegrity$PrngFixes$LinuxPRNGSecureRandomProvider at com.tozny.crypto.android.AesCbcWithIntegrity$PrngFixes.installLinuxPRNGSecureRandom(Unknown Source) at com.tozny.crypto.android.AesCbcWithIntegrity$PrngFixes.apply(Unknown Source) at com.tozny.crypto.android.AesCbcWithIntegrity.fixPrng(Unknown Source) at com.tozny.crypto.android.AesCbcWithIntegrity.generateKeyFromPassword(Unknown Source) at com.tozny.crypto.android.AesCbcWithIntegrity.generateKeyFromPassword(Unknown Source) at com.securepreferences.SecurePreferences.generateAesKeyName(Unknown Source) at com.securepreferences.SecurePreferences.(Unknown Source)
at com.securepreferences.SecurePreferences.(Unknown Source)
at com.securepreferences.SecurePreferences.(Unknown Source)
at erparchitector.findwork.app.android.utils.Preferences.(Unknown Source)
at erparchitector.findwork.app.android.network.Session.getInstance(Unknown Source)
at erparchitector.findwork.app.android.App.getSession(Unknown Source)
at erparchitector.findwork.app.android.gui.ProfileContainer.onCreate(Unknown Source)
at android.support.v4.app.Fragment.performCreate(Unknown Source)
at android.support.v4.app.FragmentManagerImpl.moveToState(Unknown Source)
at android.support.v4.app.FragmentManagerImpl.moveToState(Unknown Source)
at android.support.v4.app.BackStackRecord.run(Unknown Source)
at android.support.v4.app.FragmentManagerImpl.execPendingActions(Unknown Source)
at android.support.v4.app.FragmentManagerImpl$1.run(Unknown Source)
at android.os.Handler.handleCallback(Handler.java:725)
at android.os.Handler.dispatchMessage(Handler.java:92)
at android.os.Looper.loop(Looper.java:137)
at android.app.ActivityThread.main(ActivityThread.java:5041)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:511)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:793)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:560)
at dalvik.system.NativeStart.main(Native Method)
After proguard obfuscation :(