Google is committed to advancing racial equity for Black communities. See how.

Security

Safely manage keys and encrypt files and sharedpreferences.
Latest Update Current Stable Release Next Release Candidate Beta Release Alpha Release
August 19, 2020 - 1.0.0-rc03 - 1.1.0-alpha02

Declaring dependencies

To add a dependency on Security, you must add the Google Maven repository to your project. Read Google's Maven repository for more information.

Add the dependencies for the artifacts you need in the build.gradle file for your app or module:

dependencies {
    implementation "androidx.security:security-crypto:1.0.0-rc03"

    // For Identity Credential APIs
    implementation "androidx.security:security-identity-credential:1.0.0-alpha01"
}

For more information about dependencies, see Add build dependencies.

Feedback

Your feedback helps make Jetpack better. Let us know if you discover new issues or have ideas for improving this library. Please take a look at the existing issues in this library before you create a new one. You can add your vote to an existing issue by clicking the star button.

Create a new issue

See the Issue Tracker documentation for more information.

Version 1.1.0

Version 1.1.0-alpha02

August 5, 2020

androidx.security:security-crypto:1.1.0-alpha02 and androidx.security:security-crypto-ktx:1.1.0-alpha02 are released. Version 1.1.0-alpha02 contains these commits.

New Features

  • Updated Tink to stable release 1.4.0

Bug Fixes

  • Tink update should fix R8 and Proguard issues with shaded Protobuf dependency.
  • Tink update should gracefully handle AndroidKeyStore concurrency failures.

External Contribution

  • clear mKeysChanged on apply, fix for EncryptedSharedPreferences (aosp/1323026)

Version 1.1.0-alpha01

June 10, 2020

androidx.security:security-crypto:1.1.0-alpha01 is released. Version 1.1.0-alpha01 contains these commits.

New Features

  • Lollipop (API Level 21+) is now supported. Please note that the AndroidKeyStore is not used for API 21 and 22. (I7c12d, b/132325342)
  • New MasterKey class provides more options for keys, also deprecating MasterKeys to support new features and versions of Android that do not have KeyGenParamSpec.

Security-Identity-Credential Version 1.0.0

Security-Identity-Credential Version 1.0.0-alpha01

August 19, 2020

androidx.security:security-identity-credential:1.0.0-alpha01 is released. Version 1.0.0-alpha01 contains these commits.

New Features

This Jetpack release features a Jetpack version of the Identity Credential APIs which was added to Android 11 and API level 30. If running on Android 11 and the device has hardware-backed Identity Credential support then this Jetpack simply forwards calls to the platform API. Otherwise, an Android Keystore-backed implementation will be used. While the Android Keystore-backed implementation does not provide the same level of security and privacy it is perfectly adequate for both holders and issuers in cases where all data is issuer-signed. This library requires API level 24 or later.

The Identity Credential APIs provide an interface to a secure store for user identity documents. These APIs are deliberately fairly general and abstract. To the extent possible, specification of the message formats and semantics of communication with credential verification devices and Issuing Authorities (IAs) is out of scope for these APIs. The data structures that the APIs do depend on are compatible with the data structures in the soon to be released ISO/IEC IS 18013-5 Personal identification — ISO-compliant driving licence — Part 5: Mobile driving licence (mDL) application standard.

API Changes

  • Added Identity Credential Jetpack. (Icf90b)

Version 1.0.0

Version 1.0.0-rc03

August 5, 2020

androidx.security:security-crypto:1.0.0-rc03 is released. Version 1.0.0-rc03 contains these commits.

New Features

  • Updated Tink to stable release 1.4.0

Bug Fixes

  • Tink update should fix R8 and Proguard issues with shaded Protobuf dependency.
  • Tink update should gracefully handle AndroidKeyStore concurrency failures.

External Contribution

  • clear mKeysChanged on apply, fix for EncryptedSharedPreferences (aosp/1323026)

Version 1.0.0-rc02

May 20, 2020

androidx.security:security-crypto:1.0.0-rc02 is released. Version 1.0.0-rc02 contains these commits.

Bug Fixes

  • Updated to Tink version 1.4.0-rc2, which shades the proto buf lite dep. This solves the widely reported issue of clashing with other android sdks. (I8a831)
  • Fixed apply() in EncryptedSharedPreferences. (I29069, b/154366606)

Version 1.0.0-rc01

April 15, 2020

androidx.security:security-crypto:1.0.0-rc01 is released. Version 1.0.0-rc01 contains these commits.

Bug Fixes

  • Added checks to ensure that if a KeyGenParamSpec is passed in to MasterKeys.getOrCreate that if getUserAuthenticationRequired returns true that getUserAuthenticationValidityDurationSeconds returns a value >0. (I911f5) (b/152644939)

Version 1.0.0-beta01

March 18, 2020

androidx.security:security-crypto:1.0.0-beta01 is released with no changes since 1.0.0-alpha02. Version 1.0.0-beta01 contains these commits.

Version 1.0.0-alpha02

May 23, 2019

androidx.security:security-crypto:1.0.0-alpha02 is released. The commits included in this version can be found in this commit log.

Bug fixes

  • Fixed issue retrieving key/values associated with shared preferences from getAll().
  • Blocked usage of restricted preference keys.
  • Minor Javadoc updates.

Version 1.0.0-alpha01

May 7, 2019

androidx.security:security-crypto:1.0.0-alpha01 is released. The commits included in this version can be found here.

New feature highlights

  • EncryptedFile, provides encrypted input and output streams to read/write encrypted data to a File.
  • EncryptedSharedPreferences, provides an implementation of SharedPreferences that automatically encrypts/decrypts all keys and values.
  • Provides simple key generation via MasterKeys.