Allow SupportFactory and SupportHelper to clear passphrase storage

Author: developernotes

android-database-sqlcipher/src/main/java/net/sqlcipher/database/SupportFactory.java

@@ -21,18 +21,25 @@
 public class SupportFactory implements SupportSQLiteOpenHelper.Factory {
     private final byte[] passphrase;
     private final SQLiteDatabaseHook hook;
+    private final boolean clearPassphrase;
 
     public SupportFactory(byte[] passphrase) {
         this(passphrase, (SQLiteDatabaseHook)null);
     }
 
     public SupportFactory(byte[] passphrase, SQLiteDatabaseHook hook) {
+        this(passphrase, hook, true);
+    }
+
+    public SupportFactory(byte[] passphrase, SQLiteDatabaseHook hook,
+                          boolean clearPassphrase) {
         this.passphrase = passphrase;
         this.hook = hook;
+        this.clearPassphrase = clearPassphrase;
     }
 
     @Override
     public SupportSQLiteOpenHelper create(SupportSQLiteOpenHelper.Configuration configuration) {
-        return new SupportHelper(configuration, passphrase, hook);
+        return new SupportHelper(configuration, passphrase, hook, clearPassphrase);
     }
 }

android-database-sqlcipher/src/main/java/net/sqlcipher/database/SupportHelper.java

@@ -1,4 +1,4 @@
-/*
+ /*
  * Copyright (C) 2019 Mark L. Murphy
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,17 +16,21 @@
 
 package net.sqlcipher.database;
 
+import net.sqlcipher.database.SQLiteException;
 import androidx.sqlite.db.SupportSQLiteDatabase;
 import androidx.sqlite.db.SupportSQLiteOpenHelper;
 
 public class SupportHelper implements SupportSQLiteOpenHelper {
     private SQLiteOpenHelper standardHelper;
     private byte[] passphrase;
+    private final boolean clearPassphrase;
 
     SupportHelper(final SupportSQLiteOpenHelper.Configuration configuration,
-                  byte[] passphrase, final SQLiteDatabaseHook hook) {
+                  byte[] passphrase, final SQLiteDatabaseHook hook,
+                  boolean clearPassphrase) {
         SQLiteDatabase.loadLibs(configuration.context);
         this.passphrase = passphrase;
+        this.clearPassphrase = clearPassphrase;
 
         standardHelper =
             new SQLiteOpenHelper(configuration.context, configuration.name,
@@ -74,8 +78,27 @@ public void setWriteAheadLoggingEnabled(boolean enabled) {
 
     @Override
     public SupportSQLiteDatabase getWritableDatabase() {
-        SQLiteDatabase result = standardHelper.getWritableDatabase(passphrase);
-        if(passphrase != null) {
+        SQLiteDatabase result;
+        try {
+            result = standardHelper.getWritableDatabase(passphrase);
+        } catch (SQLiteException ex){
+            if(passphrase != null){
+                boolean isCleared = true;
+                for(byte b : passphrase){
+                  isCleared = isCleared && (b == (byte)0);
+                }
+                if (isCleared) {
+                  throw new IllegalStateException("The passphrase appears to be cleared. This happens by" +
+                                                  "default the first time you use the factory to open a database, so we can remove the" +
+                                                  "cleartext passphrase from memory. If you close the database yourself, please use a" +
+                                                  "fresh SupportFactory to reopen it. If something else (e.g., Room) closed the" +
+                                                  "database, and you cannot control that, use SupportFactory boolean constructor option " +
+                                                  "to opt out of the automatic password clearing step. See the project README for more information.", ex);
+                }
+            }
+            throw ex;
+        }
+        if(clearPassphrase && passphrase != null) {
             for (int i = 0; i < passphrase.length; i++) {
               passphrase[i] = (byte)0;
             }