Skip to content

Commit 8f2dc92

Browse files
developernotesdevelopernotes
authored
Merge pull request #489 from sqlcipher/issue-488
Improve Documentation for androidx.sqlite API
2 parents bdf9fa7 + f66d788 commit 8f2dc92

File tree

1 file changed

+21
-11
lines changed

1 file changed

+21
-11
lines changed

README.md

Lines changed: 21 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -68,17 +68,27 @@ implementation "androidx.sqlite:sqlite:2.0.1"
6868
SQLCipher for Android has a `SupportFactory` class in the `net.sqlcipher.database` package
6969
that can be used to configure Room to use SQLCipher for Android.
7070

71-
There are two `SupportFactory` constructors:
72-
73-
- Both take a `byte[]` to use as the passphrase (if you have a `char[]`, use
74-
`SQLiteDatabase.getBytes()` to get a suitable `byte[]` to use)
75-
76-
- One constructor has a second parameter: a `SQLiteDatabaseHook` that you can use
77-
for executing SQL statements before or after the passphrase is used to decrypt
78-
the database
79-
80-
- One constructor option includes a boolean parameter to opt out of the clearing
81-
the passphrase used to access the SQLCipher database.
71+
There are three `SupportFactory` constructors:
72+
73+
- `SupportFactory(byte[] passphrase)`
74+
- `SupportFactory(byte[] passphrase, SQLiteDatabaseHook hook)`
75+
- `SupportFactory(byte[] passphrase, SQLiteDatabaseHook hook, boolean clearPassphrase)`
76+
77+
All three take a `byte[]` to use as the passphrase (if you have a `char[]`, use
78+
`SQLiteDatabase.getBytes()` to get a suitable `byte[]` to use).
79+
80+
Two offer a `SQLiteDatabaseHook` parameter that you can use
81+
for executing SQL statements before or after the passphrase is used to key
82+
the database.
83+
84+
The three-parameter constructor also offers `clearPassphrase`, which defaults
85+
to `true` in the other two constructors. If `clearPassphrase` is set to `true`,
86+
this will zero out the bytes of the `byte[]` after we open the database. This
87+
is safest from a security standpoint, but it does mean that the `SupportFactory`
88+
instance is a single-use object. Attempting to reuse the `SupportFactory`
89+
instance later will result in being unable to open the database, because the
90+
passphrase will be wrong. If you think that you might need to reuse the
91+
`SupportFactory` instance, pass `false` for `clearPassphrase`.
8292

8393
Then, pass your `SupportFactory` to `openHelperFactory()` on your `RoomDatabase.Builder`:
8494

0 commit comments

Comments
 (0)