You can specify a rules list in the App Shielding configuration. This list determines how App Shielding will modify the Android application, especially with regards to shielding and obfuscation.
Find below information about how the rules list can be used to match classes, fields, and methods to resolve issues with shielding or obfuscation.
Supported operations
At a high level, rules files support the following operations:
Operation(s) | Description |
|---|---|
| Include the specified rules file. |
| Select classes or members to bind or exclude from binding. For more information, see Binding rules. |
| Specify the percentage of pull bindings to keep in a Least Recently Used cache. For more information, see Least Recently Used Cache |
| Select classes or members to obfuscate or exclude from obfuscation. See Obfuscation rules for more details. |
| Specify file paths to include or exclude from integrity checks. For more information, see File integrity rules. |
| Exclude an activity from screenshot blocking, where the activity is referenced by its fully qualified class name. For more information, see the entry for Block screenshots in Configuration Options for Android. |
| Select classes to include in the first classes.dex file. |
| Select classes to include in the secondary classes.dex file. |
| Select classes or members as a grouping for other operations. |
If conflicting operations are applied to the same file or class (e.g., obfuscate and preserve), the later rules have priority.
Syntax
class_op+ [[!]@annotation] [[!]access] [[!]flag]* [[!]class_spec] class_name [[!]extension class_name] (; | {
[member_op]* [[!]@annotation] [[!]access] [[!]flag]* [member_type]
[return_type] member_name [method_arguments];
})This pattern consists of the following components:
Component | Description |
|---|---|
class_name | Fully qualified name of Java class. Supports wildcards. |
member_name | Name of class field(s) and/or method(s). Supports wildcards and the following special keywords:
|
annotation | The annotation starting with |
access | Can be one of |
class_spec | Can be one of |
extension | Can be |
flag | Can be one of |
member_type | Can be |
return_type | Can be |
For example, the following rule applies obfuscation to all classes within the com.example.app package:
obfuscate class com.example.app.*;Using the match operation, this can be expanded in the following manner to only obfuscate the members in those classes:
match class com.example.app.* {
obfuscate <members>;
}Negating
For the rules, most class specifiers can be negated by adding an exclamation mark (!) in front of them.
Wildcards
Wildcards can be used as follows:
*matches zero or more characters.+matches one or more characters.?matches exactly one character.
*TestmatchesMyTestOneandTestbut notTestTwo.
Method parameters and comments
Three dots (...) can be used to denote "any parameters". For example: myMethod(...). Comments are prefixed with #.
You can specify as many rules as needed, and the rules are matched from top to bottom.
When configuring rules, you can use one line per rule, or, for better readability, you can use multiple lines for one rule.
Troubleshooting
For detailed information about troubleshooting, see the Troubleshooting Guide.
Troubleshooting the shielding of an app
If you experience issues (e.g. the application does not start properly), you may need to exclude certain classes from the binding process. For detailed information, see Binding.