1.2.0 is available both for the
saferoom.x artifact (for use with AndroidX) and the
saferoom artifact (for use with the Architecture Components).
SafeRoom, by default, clears the passphrase that you give
SafeHelperFactory after it first opens a database with that passphrase. This gets the passphrase out of memory quickly. It also means, though, that the
SafeHelperFactory is a single-use object. Once you open the database, you cannot open it again with the same factory, as we no longer have the passphrase.
In addition to improving the documentation in this area, version 1.2.0 makes two changes:
There is now an option to block that automatic passphrase clearing. This weakens security, as now the cleartext passphrase hangs around in memory indefinitely. However, it may improve compatibility with software that automatically tries closing and reopening the database using the same factory.
If you attempt to open a database and it fails, and the passphrase looks like it has been cleared (it is not
nulland contains all zeros), then an
IllegalStateExceptionis thrown with a detailed error message. Otherwise, the original
Also, this update moves the project to Gradle 5.4.1 and Android Gradle Plugin 3.5.0.