Thursday, November 11, 2010

obfuscation : how to use the obfuscation in the android app development cycle

This post deals with how the new obfuscation step modifies the app development cycle.

I use Eclipse to develop my app (Track Site). After some upgrade, when the app is ready to go live, I usually do the following tasks in order to publish it on the Android Market :
  1. adjust the version number
  2. export an unsigned version of the app from Eclipse
  3. sign it using the standard jarsigner tool
  4. align it using the standard zipalign tool

Obfuscation, as explained in Proguard, Android, and the Licensing Server, involves additional steps that replace the former 2) to 4) steps :
  1. adjust the version number the same way you've done it before
  2. obfuscation is performed using ant (not Eclipse) by issuing a command on the terminal

    mac:TrackSites $ ant release
    Buildfile: ~/workspace/TrackSites/build.xml

    As indicated in the Proguard, Android, and the Licensing Server post, the file has been modified to perform the signing step [3)] automatically (it still asks you for the passwords though), as well as the alignment one [4)].

    You end up with a signed, aligned and obfuscated app file in the bin/ sub-directory : the app is named SiteListActivity-release.apk. Exporting the unsigned app from Eclipse generates an app file named TrackSite.apk.

    It's interesting to note that the obfuscation process is done in another hierarchy (bin/classes) than the one used by Eclipse (bin/).

  3. as the obfuscation may have broken things, there is another quality assurance phase of the obfuscated app (SiteListActivity-release.apk), not of the non-obfuscated app that has already been tested from Eclipse (TrackSite.apk)

    This should be done :
    a) on the emulator :
    • start the emulator in the background with an AVD as a parameter
      mac:TrackSites $ emulator -avd a8w480 -wipe-data &
      [1] 536
      2010-11-11 10:14:15.172 emulator[491:903] Warning once: This application, or a library it uses, is using NSQuickDrawView, which has been deprecated. Apps should cease use of QuickDraw and move to Quartz.

      The -wipe-data option in the command line allows to « Reset the current user-data disk image (that is, the file specified by -datadir and -data, or the default file). The emulator deletes all data from the user data image file, then copies the contents of the file at -inidata data to the image file before starting. ».

      Here is the emulator state when it is started without the -wipe-data option
      And it's state with the -wipe-data option

      The list of devices + emulators connected to the computer is obtained with
      mac:~ $ adb devices
      List of devices attached
      HTxxxxxxxxxx device <----- the real device emulator-5554 device <----- the emulator

    • install the obfuscated app (SiteListActivity-release.apk) on the emulator using adb command line tool
      mac:TrackSites $ cd bin
      mac:bin $ ls Site*
      SiteListActivity-release.apk SiteListActivity-unsigned.apk
      SiteListActivity-unaligned.apk SiteListActivity.ap_
      mac:bin $ adb -e install SiteListActivity-release.apk
      1340 KB/s (94595 bytes in 0.068s)
      pkg: /data/local/tmp/SiteListActivity-release.apk
      mac:bin $

      The -e option in the command line « direct an adb command to the only running emulator instance. ».

      The app is now installed in the emulator where it can be tested :

    b) on a real device : it's pretty much the same process as above but on a real device instead of an emulator.

    When installing the app on the device, you may encounter an error if a previous version of the app has been installed from the market :
    mac:bin $ adb -d install SiteListActivity-release.apk
    821 KB/s (94595 bytes in 0.112s)
    pkg: /data/local/tmp/SiteListActivity-release.apk
    mac:bin $

    By the way, please take note of the -d option in the command line « direct an adb command to the only attached USB device. ».

    The solution here is to remove the app on the device : Menu -> Settings -> Applications -> Manage applications then select the application to uninstall, click on the "Uninstall" button, confim ... it works ! But there's a better solution using adb :
    mac:bin $ adb -d uninstall fr.androidtobe
    mac:bin $

    You can now try to install just like before :
    mac:bin $ adb -d install SiteListActivity-release.apk
    839 KB/s (94595 bytes in 0.110s)
    pkg: /data/local/tmp/SiteListActivity-release.apk
    mac:bin $

  4. Ensure everything works and that the obfuscation has not broke anything. Then publish the obfuscated app (SiteListActivity-release.apk).

    If something has been broken during the obfuscation step, look for clues in the « But Wait, My App is Crashing Now » part of the Proguard, Android, and the Licensing Server post

No comments: