I am using to DexGuard to process my android applications.
On DexGuard's Homepage they say it features: XML resource obfuscation
I already tested DexGuard and decompiled my output .apks with apktool.
The problem is ALL resource files are decompiled succesffully, so they have not been obfuscated apparently.
Now my question is, does DexGuard automatically obfuscate XML resources or do i have to activate it somehow in my dexguard-project.txt file?
Is it possible to obfuscate XML resources like strings.xml or am I misunderstanding this feature?
I received the following statement from DexGuard:
Resource XML files are obfuscated automatically in release builds, although the differences may be subtle. You can compare the differences with for instance aapt d xmltree application.apk AndroidManifest.xml. We are working on more obfuscation of resources for upcoming versions.
After executing the proposed command
aapt d xmltree application.apk (where application.apk is a simple HelloWorld Application) i finally could see what DexGuard actually obfuscates in XML files:
Each attribute in an XML resource file is identified by a name, but often also by a numeric identifier. In AndroidManifest.xml for example:
android:versionName(0x010102lc) = "1.0"
In the obfuscation step, DexGuard can remove the name of an attribute, but only if this attribute also has a numeric identifier.
After DexGuard obfuscation the above attribute will look like this:
:(0x010102lc) = "1.0"
As XML elements of strings.xml for instance only have a name and no numeric identifier, there won't be any differences in the decompiled XML file.