This release focuses on a slimmer crypto stack, a new helper for non-Prefs use cases, and API cleanup.
⚠️ Breaking changes ⚠️
- Removed
SafeBox.create(...)overloads that acceptedkeyAliasandvalueKeyStoreAlias. Use the simplified factory without aliases. (#111, #103)
Migration note: If you previously passed a customvalueKeyStoreAlias, re-encrypt stored data or migrate to the default; custom aliases are no longer honored.
Highlights
-
New crypto-only module (
:safebox-crypto)
Extracts all cryptography into its own artifact so apps that don't needSharedPreferencescan still use SafeBox's cipher stack. (#110) -
SafeBoxCryptohelper
A simple text encryption with one-liner secret and encryption/decryption. Uses the same cipher as SafeBox and keeps key management in your hands. (#121) -
API cleanup and removals
Alias-based creation removed from the public API (previously deprecated). Internal rotation/destruction hooks on key providers eliminated to avoid accidental data loss. (#111, #103) -
R8 shrink: ~9.5× smaller vs v1.2.0
Switch tobcprov-jdk15onand targeted keep rules for ChaCha20-Poly1305 drastically reduce APK size under minify, while fixing missing-class warnings. (#115) -
Concurrency and correctness
Cross-cipher contention reduced by isolating ChaCha providers. This ensures exactly one DEK per file even when two providers are used. (#117, #119)
Dependency notes
- BouncyCastle updated to
bcprov-jdk15on:1.70and consumer ProGuard rules narrowed to the minimal ChaCha20-Poly1305 classes, eliminating broad keeps andjavax.naming.*warnings. (#115)
If you are evaluating or contributing to SafeBox, we would love your feedback!