-
Notifications
You must be signed in to change notification settings - Fork 74
Support for Java 11 & other changes #35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Changed Entry field return types to better help protect passwords and other (potentially) sensitive information in memory.
Changed Entry field return types to better help protect passwords and other (potentially) sensitive information in memory.
Updated to support change in return type of Entry's getProperty() method from String-->char[].
Changed KdbEntry field return types to better help protect passwords and other (potentially) sensitive information in memory.
Updated to support change in return type of Entry's getProperty() method from String-->char[].
Updated to support change in return type of SimpleEntry's getProperty() method from String-->char[].
Updated/added dependency versions.
Added dependency to support javax.annotation on newer Java versions.
Updated/added dependency versions, excluded a dependency that could cause issues on newer Java versions.
Updated/added dependency versions.
Added latest dependency version for JetBrains Java Annotations.
Updated to support change in return type of Entry's getProperty() method from String-->char[].
Updated to support change in return type of DomHelper's getElementContent() method from String-->char[].
Updated to support change in return type of DomHelper's getElementContent() method from String-->char[].
Changed getElementContent() field return type to better help protect passwords and other (potentially) sensitive information in memory.
Updated to support change in return type of DomHelper's getElementContent() method from String-->char[].
Replaced spongycastle with bouncycastle.
Replaced spongycastle with bouncycastle.
Replaced spongycastle with bouncycastle.
Replaced spongycastle with bouncycastle.
Replaced spongycastle with bouncycastle.
Changed Google Guava to Android version.
Replaced simple-xml with simple-xml-safe.
Default iterations/rounds for AES is 60000, not 6000.
Default iterations/rounds for AES is 60000, not 6000.
Hi
Thanks for this PR and sorry to have taken a little time to acknowledge it.
The original reason for using spongy castle was for Android compatibility, wondering if that is still a problem with the latest bouncy castle?
I think there is a problem with the non-backwards compatible change to char[] from String for passwords. I don't disagree with the motivation, though. Possibly the way forward on that is to deprecate the String interface and introduce a new one. As you mention, I don't see the need to change all the methods to return char[].
I continue to hope that I will find some time soon to look at this.
Meanwhile, there is a branch with KeePass V4 support you might want to review.
@jorabin I'll have to test the Android compatibility of BouncyCastle, I shouldn't have assumed it would just work.
As for the char[] changes, while it will absolutely make the API non-backwards compatible, I think it is the right way to go, especially considering that not just passwords can be marked as protected in memory by KeePass. If KeePass permits marking Entry fields like title and notes as protected, that indicates to me that they could hold information worth hiding and (by my logic at least) are therefore worth wiping from memory. I do agree, though, that adding a new interface and deprecating the old one would be better than just changing existing methods like I did, that way existing API implementations won't break and new ones can use the new interface.
Changes
Notes