Obfuscation will help to an extent. what I can think of this something like this:
Create your library in 2 parts. 1. an Executor - this will bridge calls to a JAR 2. the libary itself. downloadable from a URL. The code is loaded via DexClassLoader, but whenever the file is on disk, the bytecode is encrypted. Have a wrapper around DexClassLoader that will decrypt the bytecode on the fly in memory and then loaded. -Earlence On May 9, 10:08 pm, ColorTheorist <colortheorydevelo...@gmail.com> wrote: > If we are working with a development team on an Android application > and we would like to design an API for another company to use that > library to enhance their capabilities, I don’t see too many options > for keeping our ‘secret’ code components to ourselves. Can we even > obfuscate the code that we are giving them? After all, they > essentially get the jar file that they can include in their project. > From what I can find from resources online, it almost sounds as though > the source code cannot be kept from a user who wants to easily > decompile it. Aren’t the Google API libraries kept secret somehow > from users? Can’t we use those same principles to secure our own? -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to android-security-discuss@googlegroups.com. To unsubscribe from this group, send email to android-security-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
