How To – Obfuscate code in a BlackBerry application [1]

Unlike traditional compilers, the compiler for the BlackBerry platform is highly optimized for a constrained mobile environment where the goal is to minimize the size of the application. The resulting COD file provides a significant amount of obfuscation-like services similar to other true obfuscation packages in an effort to reduce the size of the COD file. For example, the following information is removed from a COD file:

  • All debug information
  • Local variable names
  • Source Line Numbers
  • Private Method and Members names

Support for obfuscation via third-party tools is not integrated into the JDE. As such, a command line procedure is required to obfuscate COD files for use on BlackBerry wireless devices. This article provides the steps and techniques required to obfuscate a COD file and have it execute properly on the BlackBerry device.

  1. Create an application in the JDE. You should place the project file in a separate directory for ease of use during this process.
  2. Create a temporary directory.
  3. Copy the associated JAR file created by the BlackBerry JDE to the temporary directory.
  4. Extract the contents of the JAR file into the temporary directory using the following command: jar xvf SampleApplication.jar
  5. Delete the COD file (that was extracted as part of the JAR file) and the JAR file. You will replace these files in the following steps.
  6. Obfuscate the class files that are contained in the temporary directory.
  7. Run the pre-verify tool on the contents of the temporary directory using the following command: preverify.exe -verbose -d . -classpath..\lib\net_rim_api.jar;
  8. Run rapc on the obfuscated (and pre-verified) class files to create a COD file. Use the following command:
  9. rapc.exe -verbose import=..\lib\net_rim_api.jar codename=SampleApplication SampleApplication.rapc C:\yourTempDir\SampleApplication.class

This produces a COD file that will work on a device that has its contents obfuscated.