NHN AppGuard Gradle Plugin supports build automation so that protection operations can be included in Android Gradle build steps. If you are using ProGuard and Firebase Crashlytics, you can read and apply ProGuard mapping files to use with NHN AppGuard obfuscation.
Android Gradle Plugin (AGP) 3.0.1 or higher
firebase-crashlytics-gradle 2.2.0~2.8.0
The Gradle Plugin method is not supported in the Unity environment.
Add the NHN AppGuard Gradle Plugin as a buildscript dependency to your project-level build.gradle file.
buildscript {
repositories {
mavenCentral()
}
dependencies {
// ...
// Add the NHN Cloud AppGuard Gradle Plugin
classpath 'com.nhncloud.android:appguard-gradle-plugin:1.2.2'
}
}
Apply the NHN AppGuard Gradle Plugin to your app-level build.gradle file.
apply plugin: 'com.nhncloud.android.appguard'
To use the plugin functions, you must specify the Appkey and NHN AppGuard version.
You can specify the folder of SDK downloaded from the console. If the NHN AppGuard SDK is not installed in that path, download and unzip the NHN AppGuard SDK to the specified folder path. If no option is specified, install the NHN AppGuard SDK in the appguard folder relative to your project root.
If you do not specify a download path for protected files, the built Android app files will be overwritten.
You can also set whether to apply the app bundle, whether to apply NHN AppGuard obfuscation, the level of obfuscation, and other options. The options are as follows:
Option | Description | Required |
---|---|---|
enabled | Whether to apply NHN AppGuard Griddle plugin | Y |
appBundle | Whether to apply the app bundle | Y |
obfuscate | Whether to apply NHN AppGuard obfuscation | N |
plan | Protection plans (Business, Enterprise, Game) | Y |
appKey | Appkey that can be found in the console | Y |
version | NHN AppGuard version | Y |
certificateFingerprintEnabled | Enable certificate fingerprinting for app signature verification (Enabled by default) |
N |
certificateFingerprints | Certificate fingerprinting (SHA-256) for app signature verification (Up to 10 can be registered) |
N (Required when certificateFingerprintEnabled is enabled) |
appGuardSDKFolderPath | NHN AppGuard SDK folder path | N |
overrideOutputFile | Whether to overwrite protected files | N |
extraOptions | Add options used in CLI (contact us if necessary) | N |
outputFilePath | Storage path for the protected file (variants scope) | N |
Write appguard options in your app-level build.gradle file.
Options that are not required can be omitted.
appguard {
enabled = true
appBundle = true
obfuscate = false
plan = "game"
appKey = "Appkey issued from the web console"
version = "Protector version"
certificateFingerprintEnabled = true // optional, true by default
certificateFingerprints = [
"xx:xx:xx..",
"xx:xx:xx..",
...
] // optional, required when setting certificateFingerprintEnabled = true
/*
appGuardSDKFolderPath = "NHN AppGuard SDK folder path" // optional
overrideOutputFile = false // optional
extraOptions = "" // optional
variants {
alphaRelease {
outputFilePath = "~/A/B/C/example.apk"
}
}
*/
}
From version 1.0.1, you can set a protected file storage location for each variants.
(It cannot be set in root, buildTypes, and productFlavors scope.)
For variants with outputFilePath unset, the original file will be overwritten or the protected file is saved as a file with _protected
appended, depending on the value of the overrideOutputFile option.
def outputFolderPath = "~~/A/B/C/"
appguard{
// ...
variants {
AlphaRelease {
outputFilePath = outputFolderPath + "alpha-release.apk"
}
BetaRelease {
outputFilePath = outputFolderPath + "beta-release.apk"
}
}
}
You must be using NHN AppGuard obfuscation in your project.
You must be using Proguard in your Android project.
You must be using the FireBase Crashlytics upload feature. Obfuscation can be applied even if the feature is not used.
Write the appguard options in your app-level build.gradle file like the following:
appguard {
// ...
enabled = true
obfuscate = true
}
Starting with version 1.2.0, you can add whether to enable certificate fingerprinting and which certificate fingerprint (SHA-256) will be used for verification.
Certificate fingerprinting for app signature verification defaults to Enabled, and you must enter a certificate fingerprint upon activation.
Write the appguard options in your app-level build.gradle file like the following:
appguard {
certificateFingerprintEnabled = true
certificateFingerprints = [
"xx:xx:xx..",
"xx:xx:xx..",
...
]
}
appguard {
certificateFingerprintEnabled = false
}