How to encrypt HTML+JS assets in Android Phonegap mobile app?
I have mobile app created using Phonegap basic wrapper and HTML5. My goal is to encrypt files in assets directory (JS and HTML files) so they are unreadable to people, who unzip the APK file and want to see the JS sources.
Ok, i know there is no absolute perfect solution. On my way to this question I've already tried options how to solve copy protection of my sources (JS minification, obfuscation, etc..), but I found out that it's very simple to get to the original code (using JSBeautifier, firebug, including obfuscated scripts, etc...).
So my question is - is there some simple way how to encrypt JS+HTML files (so they are not readable and useful when simply unzipping APK file) and how to implement it in JAVA for Android platform ?
Note: I have no knowledge of JAVA language, so please include working example which I can use.
Edit: I also investigated ProGuard feature when making final APK package, however it is useless for me, because it only deals with JAVA files, but leaves assets directory as it is.
Some time ago I have same problem but on iOS. And the result was only after patching PhoneGap for iOS. I have wrote an article at http://oleksiy.pro/2011/09/20/phonegap-application-encryption/. Also, for Android this method could be weak, because java code could be 99% decompiled, and hacker will see your key.
The best combination I've found is the DojoToolkit and the Closure Compiler in Advanced Mode.
This link for using the Dojo Toolkit with the Closure Compiler in Advanced Mode for mobile applications:
And of course the Dojo Toolkit works well with PhoneGap.
You can use a webview and load a base64 string:
protected String base64Str = "+wL00h2L...."; wv1.loadData(base64Str, "text/html; charset=utf-8", "base64");