CWAC-SafeRoom 1.2.0 Released

CWAC-SafeRoom 1.2.0 is available both for the saferoom.x artifact (for use with AndroidX) and the saferoom artifact (for use with the Architecture Components).

SafeRoom, by default, clears the passphrase that you give SafeHelperFactory after it first opens a database with that passphrase. This gets the passphrase out of memory quickly. It also means, though, that the SafeHelperFactory is a single-use object. Once you open the database, you cannot open it again with the same factory, as we no longer have the passphrase.

In addition to improving the documentation in this area, version 1.2.0 makes two changes:

  1. There is now an option to block that automatic passphrase clearing. This weakens security, as now the cleartext passphrase hangs around in memory indefinitely. However, it may improve compatibility with software that automatically tries closing and reopening the database using the same factory.

  2. If you attempt to open a database and it fails, and the passphrase looks like it has been cleared (it is not null and contains all zeros), then an IllegalStateException is thrown with a detailed error message. Otherwise, the original SQLiteException is re-thrown.

Also, this update moves the project to Gradle 5.4.1 and Android Gradle Plugin 3.5.0.

If you have any questions or feedback, start a fresh topic in the CWAC category here. If you encounter a bug, read the contribution guidelines, then file an issue.