DexProtector 9.3 Released

The new version of DexProtector officially supports Android Applications Bundles now. Here is the guide that describes how to protect your Android Application Bundles. In this release, we kept our work further in terms of unification of the protection mechanisms for all the target types. Now you can take the advantage of the mechanisms that were early available only for Android Applications (APKs) while protecting your Android Library projects (AARs). The transparent SSL/HPKP Pinning mechanism became available for iOS platform, at the same time you can share your Android's configuration for SSL Pinning when it comes to the protection of iOS applications and iOS Frameworks.

What is new?

IOS PLATFORM

  • The performance of String Encryption and Hide Access mechanisms was optimized
  • Transparent support for SSL/HPKP Pinning for WKWebView and URLSession
  • Added new protection mechanism - Objective-C code obfuscation

TARGET TYPES

  • Official support for Android Application Bundles
  • Android Libraries:
    • Hide Access with Native invokedynamic Engine is now available for AARs
    • Class Encryption with Native Engine is now available for AARs
    • Desugaring support for Java 8 classes

DEVELOPMENT PLATFORM SUPPORT

  • DexProtector Gradle Plugin now is capable of protecting Android Application Bundles

CONTENT PROTECTION

  • Added ability to filter classes for AndroidManifest.xml mangling

CODE PROTECTION

  • Class Encryption mechanism is now capable of working with multiple encrypted containers

ENVIRONMENT CHECKS / INTEGRITY CONTROL

  • It is now possible to obfuscate names of callback methods
  • Added ability to specify a custom list of APK/AAR content's items for Integrity Control's checks

SSL/HPKP PINNING

  • iOS Platform's support is added. The same configuration format works both for Android and iOS platforms
  • Added support for HTTP Tunneling with HTTP CONNECT

UPGRADE NOTES

ENVIRONMENT CHECKS / INTEGRITY CONTROL

  • DexProtector now passes a java.lang.String object which contains JSON data to callback methods (negative/positive) as the data parameter

TARGET TYPES

  • Android Libraries
    • Class Encryption uses Native Engine by default now. That can increase the size of the protected AAR

DEVELOPMENT PLATFORM SUPPORT

  • DexProtector Gradle Plugin uses the new structure of placing logs: build/outputs/dexprotector/<buildType>/<artifactName> instead of build/outputs/dexprotector/<buildType>

Upgrade information: If you have a license for DexProtector 8.x and active support subscription, you can receive the upgrade at no additional cost (Standard->Standard, Enterprise->Enterprise). If your support subscription has been inactive for 1 month and more it is needed to acquire a new license. If you would like to upgrade from the Standard version to the Enterprise, please request an upgrade quote. To renew your support subscription, please contact the support.

How to get the latest version: Please request a link to the latest distribution package via the contact form or email.

Should you have any questions, please email us.