Security
This table lists all the artifacts in the androidx.security
group.
Artifact | Stable Release | Release Candidate | Beta Release | Alpha Release |
---|---|---|---|---|
security-crypto | 1.0.0 | - | - | 1.1.0-alpha06 |
security-app-authenticator | - | - | 1.0.0-beta01 | - |
security-identity-credential | - | - | - | 1.0.0-alpha03 |
Declaring dependencies
To add a dependency on Security, you must add the Google Maven repository to your project. Read Google's Maven repository for more information.
Add the dependencies for the artifacts you need in the build.gradle
file for
your app or module:
For more information about dependencies, see Add build dependencies.
Feedback
Your feedback helps make Jetpack better. Let us know if you discover new issues or have ideas for improving this library. Please take a look at the existing issues in this library before you create a new one. You can add your vote to an existing issue by clicking the star button.
See the Issue Tracker documentation for more information.
Security-State Version 1.0
Version 1.0.0-alpha04
August 7, 2024
androidx.security:security-state:1.0.0-alpha04
is released. Version 1.0.0-alpha04 contains these commits.
Note
- Update
compileSdk
to 35 5dc41be
API Changes
- Breaking change: Component enum was replaced with string constants for extensibility. (Ia3283)
Version 1.0.0-alpha03
July 10, 2024
androidx.security:security-state:1.0.0-alpha03
is released. Version 1.0.0-alpha03 contains these commits.
Bug Fixes
- Fixing ASB-A- pattern for Android security bulletin bugs, JSON parsing for additional components, and
Webview
packaged retrieval. (Ide86a)
Version 1.0.0-alpha02
June 26, 2024
androidx.security:security-state:1.0.0-alpha02
is released. Version 1.0.0-alpha02 contains these commits.
Bug Fixes
- Fixed logic of getting kernel version. (I5602a)
Version 1.0.0-alpha01
June 12, 2024
androidx.security:security-state:1.0.0-alpha01
is released. Version 1.0.0-alpha01 contains these commits.
New Features
- Security State is a new library developers can use to get actionable data about versions of updateable system components, security updates and applied fixes.
Security-App-Authenticator-Testing Version 1.0
Version 1.0.0-beta01
March 6, 2024
androidx.security:security-app-authenticator:1.0.0-beta01
and androidx.security:security-app-authenticator-testing:1.0.0-beta01
are released. Version 1.0.0-beta01 contains these commits.
Version 1.0.0-alpha02
December 13, 2023
androidx.security:security-app-authenticator-testing:1.0.0-alpha02
is released. Version 1.0.0-alpha02 contains these commits.
Bug Fixes
- Updated test for new API behavior that no longer assumes
Binder#getCalling[Uid|Pid]
when not provided to the[check|enforce]CallingAppIdentity
APIs. (I1851b)
Version 1.0.0-alpha01
June 2, 2021
androidx.security:security-app-authenticator-testing:1.0.0-alpha01
is released. Version 1.0.0-alpha01 contains these commits.
New Features
This testing library provides a builder that can be used to configure an injectable AppAuthenticator to meet the requirements of the test. This library supports several methods to configure the AppAuthenticator:
- A generic test policy can be specified that reports a signature match for all packages declared in the configuration.
- Individual packages can be specified to return a signature match with all other packages reporting no match.
- Explicit signing identities can be set for each package; the resulting AppAuthenticator will then only report a signature match if the provided identity matches the declaration in the configuration file.
- Packages can also be treated as not installed or having an explicit uid.
Security-App-Authenticator Version 1.0.0
Version 1.0.0-alpha03
December 13, 2023
androidx.security:security-app-authenticator:1.0.0-alpha03
is released. Version 1.0.0-alpha03 contains these commits.
API Changes
- Added support for use cases where the UID / PID of the package to be verified is not available; the APIs now support cases such as
startActivityForResult
and activities / receivers where the calling app's identity is shared via[Activity|Broadcast]Options#setShareIdentityEnabled
. - The behavior of
[check|enforce]CallingAppIdentity(String, String)
has been updated to support these new use cases; these methods will no longer default to usingBinder#getCalling[Uid|Pid]
but will instead skip verification of the calling package's UID if it is not explicitly provided. (I1851b)
Version 1.0.0-alpha02
June 2, 2021
androidx.security:security-app-authenticator:1.0.0-alpha02
is released. Version 1.0.0-alpha02 contains these commits.
API Changes
- In preparation to support the new
knownSigner
permission protection flag introduced in Android 12, the digestAlgorithm attribute can no longer be specified in the configuration; instead all certificate digests should be computed using SHA-256.
Bug Fixes
- All certificate digests provided in the configuration are now normalized to ensure a successful signature match can be reported both when the digest is computed at runtime as well as when an explicit signing identity is defined when using the testing library.
Version 1.0.0-alpha01
May 5, 2021
androidx.security:security-app-authenticator:1.0.0-alpha01
is released. Version 1.0.0-alpha01 contains these commits.
New Features
AppAuthenticator is a new library aimed at simplifying verification of app trust based on signing identity. An app just needs to specify an XML configuration file containing the package names and signing identities of trusted apps, and the library will take care of verifying the signing identity of apps at runtime.
Version 1.1.0
Version 1.1.0-alpha06
April 19, 2023
androidx.security:security-crypto:1.1.0-alpha06
and androidx.security:security-crypto-ktx:1.1.0-alpha06
are released. Version 1.1.0-alpha06 contains these commits.
New Features
- Updated Tink dependency to 1.8.0
Version 1.1.0-alpha05
February 22, 2023
androidx.security:security-crypto:1.1.0-alpha05
and androidx.security:security-crypto-ktx:1.1.0-alpha05
are released. Version 1.1.0-alpha05 contains these commits.
Bug Fixes
- Fixed a race condition in
MasterKeys.getOrCreate
(I3391e, b/268572037)
Version 1.1.0-alpha04
November 9, 2022
androidx.security:security-crypto:1.1.0-alpha04
and androidx.security:security-crypto-ktx:1.1.0-alpha04
are released. Version 1.1.0-alpha04 contains these commits.
New Features
- Removed log message “keyset not found, will generate a new one” on first app launch. (b/185219606)
- Upgraded Tink dependency to version 1.7.0.
API Changes
- Changes
EncryptedFile#openFileInput()
to throw aFileNotFoundException
, rather than a genericIOException
when the requested file doesn't exist. (I80e41, b/148804719) - Updated 'MasterKeys' class to require Android M rather than each of its methods. (I8b4b8)
- Changes all preference getters on
EncryptedSharedPreferences
(ex#getString
,#getInt
) to throwSecurityException
in rare circumstances where the type of a value can not be matched with one of the defined enum variants. (b/241699427)
Bug Fixes
- Synchronized security-crypto-ktx library’s minimum SDK version with security-crypto by lowering it to v21 (b/193550375)
- Fixed concurrency bug when building multiple
EncryptedFile
s (b/136590547)
External Contribution
- Received a fix for
EncryptedSharedPreferences.Editor#remove
from [email protected] (b/224994760, b/134197835, f44d44d)
Security-Crypto-Ktx Version 1.1.0-alpha03
May 18, 2021
androidx.security:security-crypto-ktx:1.1.0-alpha03
is released. Version 1.1.0-alpha03 contains these commits.
Updated to match androidx.security:security-crypto:1.1.0-alpha03
.
Version 1.1.0-alpha03
December 2, 2020
androidx.security:security-crypto:1.1.0-alpha03
is released. Version 1.1.0-alpha03 contains these commits.
New Features
- Updated Tink to stable release
1.5.0
Version 1.1.0-alpha02
August 5, 2020
androidx.security:security-crypto:1.1.0-alpha02
and androidx.security:security-crypto-ktx:1.1.0-alpha02
are released. Version 1.1.0-alpha02 contains these commits.
New Features
- Updated Tink to stable release
1.4.0
Bug Fixes
- Tink update should fix R8 and Proguard issues with shaded Protobuf dependency.
- Tink update should gracefully handle AndroidKeyStore concurrency failures.
External Contribution
- clear
mKeysChanged
on apply, fix for EncryptedSharedPreferences (aosp/1323026)
Version 1.1.0-alpha01
June 10, 2020
androidx.security:security-crypto:1.1.0-alpha01
is released. Version 1.1.0-alpha01 contains these commits.
New Features
- Lollipop (API Level 21+) is now supported. Please note that the AndroidKeyStore is not used for API 21 and 22. (I7c12d, b/132325342)
- New MasterKey class provides more options for keys, also deprecating MasterKeys to support new features and versions of Android that do not have KeyGenParamSpec.
Security-Identity-Credential Version 1.0.0
Version 1.0.0-alpha03
September 1, 2021
androidx.security:security-identity-credential:1.0.0-alpha03
is released. Version 1.0.0-alpha03 contains these commits.
New Features
- Added support for hardware-backed Identity Credential features in Android 12.
Version 1.0.0-alpha02
February 24, 2021
androidx.security:security-identity-credential:1.0.0-alpha02
is released. Version 1.0.0-alpha02 contains these commits.
Bug Fixes
- Update Identity Credential API to match Android 12 plans (Iff83e)
Version 1.0.0-alpha01
August 19, 2020
androidx.security:security-identity-credential:1.0.0-alpha01
is released. Version 1.0.0-alpha01 contains these commits.
New Features
This Jetpack release features a Jetpack version of the Identity Credential APIs which was added to Android 11 and API level 30. If running on Android 11 and the device has hardware-backed Identity Credential support then this Jetpack simply forwards calls to the platform API. Otherwise, an Android Keystore-backed implementation will be used. While the Android Keystore-backed implementation does not provide the same level of security and privacy it is perfectly adequate for both holders and issuers in cases where all data is issuer-signed. This library requires API level 24 or later.
The Identity Credential APIs provide an interface to a secure store for user identity documents. These APIs are deliberately fairly general and abstract. To the extent possible, specification of the message formats and semantics of communication with credential verification devices and Issuing Authorities (IAs) is out of scope for these APIs. The data structures that the APIs do depend on are compatible with the data structures in the soon to be released ISO/IEC IS 18013-5 Personal identification — ISO-compliant driving licence — Part 5: Mobile driving licence (mDL) application standard.
API Changes
- Added Identity Credential Jetpack. (Icf90b)
Version 1.0.0
Version 1.0.0
April 21, 2021
androidx.security:security-crypto:1.0.0
is released. Version 1.0.0 contains these commits.
Major features of 1.0.0
Feature highlights
EncryptedFile
, provides encrypted input and output streams to read/write encrypted data to a File.EncryptedSharedPreferences
, provides an implementation of SharedPreferences that automatically encrypts/decrypts all keys and values.- Provides simple key generation via MasterKeys.
- Relies on Tink 1.5.0 for increased stability.
Version 1.0.0-rc04
January 13, 2021
androidx.security:security-crypto:1.0.0-rc04
is released. Version 1.0.0-rc04 contains these commits.
Bug Fixes
- Upgraded Tink to 1.5.0 for increased stability.
Version 1.0.0-rc03
August 5, 2020
androidx.security:security-crypto:1.0.0-rc03
is released. Version 1.0.0-rc03 contains these commits.
New Features
- Updated Tink to stable release
1.4.0
Bug Fixes
- Tink update should fix R8 and Proguard issues with shaded Protobuf dependency.
- Tink update should gracefully handle AndroidKeyStore concurrency failures.
External Contribution
- clear
mKeysChanged
on apply, fix for EncryptedSharedPreferences (aosp/1323026)
Version 1.0.0-rc02
May 20, 2020
androidx.security:security-crypto:1.0.0-rc02
is released. Version 1.0.0-rc02 contains these commits.
Bug Fixes
- Updated to Tink version 1.4.0-rc2, which shades the proto buf lite dep. This solves the widely reported issue of clashing with other android sdks. (I8a831)
- Fixed
apply()
inEncryptedSharedPreferences
. (I29069, b/154366606)
Version 1.0.0-rc01
April 15, 2020
androidx.security:security-crypto:1.0.0-rc01
is released. Version 1.0.0-rc01 contains these commits.
Bug Fixes
- Added checks to ensure that if a
KeyGenParamSpec
is passed in toMasterKeys.getOrCreate
that ifgetUserAuthenticationRequired
returnstrue
thatgetUserAuthenticationValidityDurationSeconds
returns a value >0. (I911f5) (b/152644939)
Version 1.0.0-beta01
March 18, 2020
androidx.security:security-crypto:1.0.0-beta01
is released with no changes since 1.0.0-alpha02
. Version 1.0.0-beta01 contains these commits.
Version 1.0.0-alpha02
May 23, 2019
androidx.security:security-crypto:1.0.0-alpha02
is released.
The commits included in this version can be found in this commit log.
Bug fixes
- Fixed issue retrieving key/values associated with shared preferences from
getAll()
. - Blocked usage of restricted preference keys.
- Minor Javadoc updates.
Version 1.0.0-alpha01
May 7, 2019
androidx.security:security-crypto:1.0.0-alpha01
is released. The commits
included in this version can be found here.
New feature highlights
EncryptedFile
, provides encrypted input and output streams to read/write encrypted data to a File.EncryptedSharedPreferences
, provides an implementation ofSharedPreferences
that automatically encrypts/decrypts all keys and values.- Provides simple key generation via MasterKeys.