Frequently Asked Questions
- What is shrinking?
- What is obfuscation?
- What is preverification?
- What kind of optimizations does ProGuard support?
- Can I use ProGuard to process my commercial application?
- Does ProGuard work with Java 2? Java 5? Java 6?
- Does ProGuard work with Java Micro Edition?
- Does ProGuard work for Google Android code?
- Does ProGuard work for Blackberry code?
- Does ProGuard have support for Ant?
- Does ProGuard come with a GUI?
- Does ProGuard handle
- Does ProGuard handle resource files?
- Does ProGuard encrypt strings constants?
- Does ProGuard perform control flow obfuscation?
- Does ProGuard support incremental obfuscation?
- Can ProGuard obfuscate using reserved keywords?
- Can ProGuard reconstruct obfuscated stack traces?
What is shrinking?Java source code (.java files) is typically compiled to bytecode (.class files). Bytecode is more compact than Java source code, but it may still contain a lot of unused code, especially if it includes program libraries. Shrinking programs such as ProGuard can analyze bytecode and remove unused classes, fields, and methods. The program remains functionally equivalent, including the information given in exception stack traces.
What is obfuscation?By default, compiled bytecode still contains a lot of debugging information: source file names, line numbers, field names, method names, argument names, variable names, etc. This information makes it straightforward to decompile the bytecode and reverse-engineer entire programs. Sometimes, this is not desirable. Obfuscators such as ProGuard can remove the debugging information and replace all names by meaningless character sequences, making it much harder to reverse-engineer the code. It further compacts the code as a bonus. The program remains functionally equivalent, except for the class names, method names, and line numbers given in exception stack traces.
What is preverification?When loading class files, the class loader performs some sophisticated verification of the byte code. This analysis makes sure the code can't accidentally or intentionally break out of the sandbox of the virtual machine. Java Micro Edition and Java 6 introduced split verification. This means that the JME preverifier and the Java 6 compiler add preverification information to the class files (StackMap and StackMapTable attributes, respectively), in order to simplify the actual verification step for the class loader. Class files can then be loaded faster and in a more memory-efficient way. ProGuard can perform the preverification step too, for instance allowing to retarget older class files at Java 6.
What kind of optimizations does ProGuard support?Apart from removing unused classes, fields, and methods in the shrinking step, ProGuard can also perform optimizations at the bytecode level, inside and across methods. Thanks to techniques like control flow analysis, data flow analysis, partial evaluation, static single assignment, global value numbering, and liveness analysis, ProGuard can:
Some notable optimizations that aren't supported yet:
ProGuard also comes with an obfuscator plug-in for the JME Wireless Toolkit.
dxcompiler converts ordinary jar files into files that run on Android devices. By preprocessing the original jar files, ProGuard can significantly reduce the file sizes and boost the run-time performance of the code.
rapccompiler converts ordinary JME jar files into cod files that run on Blackberry devices. The compiler performs quite a few optimizations, but preprocessing the jar files with ProGuard can generally still reduce the final code size by a few percent. However, the
rapccompiler also seems to contain some bugs. It sometimes fails on obfuscated code that is valid and accepted by other JME tools and VMs. Your mileage may therefore vary.
SomeClass.class. The referenced classes are preserved in the shrinking phase, and the string arguments are properly replaced in the obfuscation phase.
With variable string arguments, it's generally not possible to determine their
possible values. They might be read from a configuration file, for instance.
However, ProGuard will note a number of constructs like
(SomeClass)Class.forName(variable).newInstance()". These might
be an indication that the class or interface
SomeClass and/or its
implementations may need to be preserved. The user can adapt his configuration