release of v10.0.0

Author: juliansteenbakker

.github/workflows/stale-issues.yaml

@@ -6,11 +6,11 @@ on:
       days-before-issue-stale:
         description: "Days before marking an issue as stale"
         required: false
-        default: "60"
+        default: "120"
       days-before-issue-close:
         description: "Days before closing a stale issue"
         required: false
-        default: "60"
+        default: "120"
   schedule:
     - cron: "30 1 * * *"  # Runs daily at 1:30 AM UTC
 

README.md

@@ -11,17 +11,21 @@ A Flutter plugin to securely store sensitive data in a key-value pair format usi
 
 ## Features
 
-- **Secure Data Storage**: Uses Keychain for iOS, Encrypted Shared Preferences via Tink for Android, and secure mechanisms on other supported platforms.
-- **Encryption**: Encrypts data before storing it in the underlying storage system.
-- **Cross-Platform**: Works seamlessly across multiple platforms.
-- **Customizable Options**: Set accessibility attributes, key expiration, and more.
+- **Secure Data Storage**: Uses Keychain for iOS/macOS, custom secure ciphers with optional biometric authentication for Android, and platform-specific secure mechanisms for Windows, Linux, and Web.
+- **Encryption**: Encrypts data before storing it using platform-specific encryption (RSA OAEP + AES-GCM on Android by default).
+- **Cross-Platform**: Works seamlessly across Android, iOS, macOS, Windows, Linux, and Web.
+- **Biometric Authentication**: Optional biometric authentication support on Android (API 23+) and iOS/macOS.
+- **Customizable Options**: Configure encryption algorithms, accessibility attributes, biometric requirements, and more.
 
 ## Important notice for Android
-Beginning with version 10, all data will be transitioned to encryptedSharedPreferences. As a result, the useEncryptedSharedPreferences option will be deprecated.
+Version 10.0.0 introduces a major security update with custom cipher implementations. The deprecated Jetpack Security library's `encryptedSharedPreferences` is no longer recommended.
 
-In version 11, the migration tool will no longer be available. To ensure users retain their data, it is essential to first upgrade to version 10 before proceeding to version 11.
-
-Due to this update, the minimum required Android SDK will be 23.
+**Key Changes:**
+- New default ciphers: RSA OAEP (key cipher) + AES-GCM (storage cipher)
+- New `AndroidOptions()` and `AndroidOptions.biometric()` constructors
+- Automatic migration from old ciphers via `migrateOnAlgorithmChange` (enabled by default)
+- Minimum Android SDK is now 23 (Android 6.0+)
+- Enhanced biometric authentication with graceful degradation
 
 ## Important notice for Web
 flutter_secure_storage only works on HTTPS or localhost environments. [Please see this issue for more information.](https://github.com/juliansteenbakker/flutter_secure_storage/issues/320#issuecomment-976308930)
@@ -50,7 +54,31 @@ Then run:
 
 ### Create an Instance
 
-`final storage = FlutterSecureStorage();`
+```dart
+// Default secure storage - Uses RSA OAEP + AES-GCM (recommended)
+final storage = FlutterSecureStorage();
+
+// Or with explicit Android options
+final storage = FlutterSecureStorage(
+  aOptions: AndroidOptions(),
+);
+
+// Biometric storage with graceful degradation
+final storage = FlutterSecureStorage(
+  aOptions: AndroidOptions.biometric(
+    enforceBiometrics: false, // Works without biometrics
+    biometricPromptTitle: 'Authenticate to access data',
+  ),
+);
+
+// Strict biometric enforcement (requires device security)
+final storage = FlutterSecureStorage(
+  aOptions: AndroidOptions.biometric(
+    enforceBiometrics: true, // Requires biometric/PIN/pattern
+    biometricPromptTitle: 'Authentication Required',
+  ),
+);
+```
 
 ### Write Data
 
@@ -95,21 +123,51 @@ By setting `accessibility`, you can control when secure values are accessible, e
 
 #### Disabling Auto Backup
 
-_Note_ By default Android backups data on Google Drive. It can cause exception java.security.InvalidKeyException:Failed to unwrap key.
-You need to
+_Note_ By default Android backups data on Google Drive. It can cause exception `java.security.InvalidKeyException: Failed to unwrap key`.
+You need to:
 
-- [disable autobackup](https://developer.android.com/guide/topics/data/autobackup#EnablingAutoBackup), [details](https://github.com/juliansteenbakker/flutter_secure_storage/issues/13#issuecomment-421083742)
-- [exclude sharedprefs](https://developer.android.com/guide/topics/data/autobackup#IncludingFiles) `FlutterSecureStorage` used by the plugin, [details](https://github.com/juliansteenbakker/flutter_secure_storage/issues/43#issuecomment-471642126)
+- [Disable autobackup](https://developer.android.com/guide/topics/data/autobackup#EnablingAutoBackup), [details](https://github.com/juliansteenbakker/flutter_secure_storage/issues/13#issuecomment-421083742)
+- [Exclude sharedprefs](https://developer.android.com/guide/topics/data/autobackup#IncludingFiles) used by `FlutterSecureStorage`, [details](https://github.com/juliansteenbakker/flutter_secure_storage/issues/43#issuecomment-471642126)
 
 Add the following to your `android/app/src/main/AndroidManifest.xml`:
 
 ```xml
 <application
-android:allowBackup="false"
-...>
+  android:allowBackup="false"
+  ...>
 </application>
 ```
 
+#### Encryption Options (Version 10.0.0+)
+
+Version 10 introduces new cipher options and biometric support. Choose the configuration that fits your security requirements:
+
+| Constructor                                          | Key Cipher                            | Storage Cipher    | Biometric Support | Description                                                                                                                                          |
+|------------------------------------------------------|---------------------------------------|-------------------|-------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `AndroidOptions()`                                   | RSA/ECB/OAEPWithSHA-256AndMGF1Padding | AES/GCM/NoPadding | No                | **Default.** Standard secure storage with RSA OAEP key wrapping. Strong authenticated encryption without biometrics. Recommended for most use cases. |
+| `AndroidOptions.biometric(enforceBiometrics: false)` | AES/GCM/NoPadding                     | AES/GCM/NoPadding | Optional          | KeyStore-based with optional biometric authentication. Gracefully degrades if biometrics unavailable.                                                |
+| `AndroidOptions.biometric(enforceBiometrics: true)`  | AES/GCM/NoPadding                     | AES/GCM/NoPadding | Required          | KeyStore-based requiring biometric/PIN authentication. Throws error if device security not available. Requires API 28+ for biometric enforcement.    |
+
+#### Custom Cipher Combinations (Advanced)
+
+For advanced users, all combinations below are supported using the `AndroidOptions()` constructor with custom parameters:
+
+| Key Cipher Algorithm                    | Storage Cipher Algorithm | Implementation  | Biometric Support                  |
+|-----------------------------------------|--------------------------|-----------------|------------------------------------|
+| `RSA_ECB_PKCS1Padding`                  | `AES_CBC_PKCS7Padding`   | RSA-wrapped AES | No                                 |
+| `RSA_ECB_PKCS1Padding`                  | `AES_GCM_NoPadding`      | RSA-wrapped AES | No                                 |
+| `RSA_ECB_OAEPwithSHA_256andMGF1Padding` | `AES_CBC_PKCS7Padding`   | RSA-wrapped AES | No                                 |
+| `RSA_ECB_OAEPwithSHA_256andMGF1Padding` | `AES_GCM_NoPadding`      | RSA-wrapped AES | No                                 |
+| `AES_GCM_NoPadding`                     | `AES_CBC_PKCS7Padding`   | KeyStore AES    | Optional (via `enforceBiometrics`) |
+| `AES_GCM_NoPadding`                     | `AES_GCM_NoPadding`      | KeyStore AES    | Optional (via `enforceBiometrics`) |
+
+**Notes:**
+- **RSA key ciphers** wrap the AES encryption key with RSA. No biometric support.
+- **AES key cipher** stores the key directly in Android KeyStore. Supports optional biometric authentication.
+- **`enforceBiometrics` parameter** (default: `false`):
+  - `false`: Gracefully degrades if biometrics unavailable
+  - `true`: Strictly requires device security (PIN/pattern/biometric), throws exception if unavailable
+
 #### Biometric Authentication
 
 Flutter Secure Storage supports biometric authentication (fingerprint, face recognition, etc.) on Android API 23+.
@@ -135,22 +193,19 @@ For backward compatibility with devices running Android 6.0 - 8.1 (API 23-27), y
 You can enable biometric authentication using the `AndroidOptions.biometric()` constructor:
 
 ```dart
+// Optional biometric authentication (graceful degradation)
 final storage = FlutterSecureStorage(
   aOptions: AndroidOptions.biometric(
+    enforceBiometrics: false, // Default - works without biometrics
     biometricPromptTitle: 'Unlock to access your data',
     biometricPromptSubtitle: 'Use fingerprint or face unlock',
   ),
 );
-```
-
-##### Enforcing Biometric Authentication
 
-By default, biometric authentication is optional and will gracefully degrade if the device doesn't have biometrics enrolled. To enforce biometric authentication and throw an error if unavailable:
-
-```dart
+// Strict biometric enforcement (requires device security)
 final storage = FlutterSecureStorage(
   aOptions: AndroidOptions.biometric(
-    enforceBiometrics: true,  // Throw error if biometrics unavailable
+    enforceBiometrics: true, // Requires biometric/PIN/pattern
     biometricPromptTitle: 'Biometric authentication required',
   ),
 );
@@ -161,10 +216,24 @@ final storage = FlutterSecureStorage(
 ##### Requirements
 
 - **API Level**: Android 6.0 (API 23) minimum for basic encryption
-- **API Level**: Android 9.0 (API 28) minimum for biometric authentication
+- **API Level**: Android 9.0 (API 28) minimum for enforced biometric authentication
 - **Device Security**: Device must have a PIN, pattern, password, or biometric enrolled (when using `enforceBiometrics: true`)
 - **Permissions**: `USE_BIOMETRIC` permission in AndroidManifest.xml
 
+#### Migration from Version 9.x
+
+Version 10 automatically migrates data from older cipher algorithms when `migrateOnAlgorithmChange: true` (enabled by default). If you were using `encryptedSharedPreferences` in version 9, the data will be automatically migrated to the new cipher implementation.
+
+To disable automatic migration:
+
+```dart
+final storage = FlutterSecureStorage(
+  aOptions: AndroidOptions(
+    migrateOnAlgorithmChange: false,
+  ),
+);
+```
+
 ### macOS & iOS
 
 You also need to add Keychain Sharing as capability to your macOS runner. To achieve this, please add the following in *both* your `macos/Runner/DebugProfile.entitlements` *and* `macos/Runner/Release.entitlements` for macOS or for iOS `ios/Runner/DebugProfile.entitlements` *and* `ios/Runner/Release.entitlements`.

flutter_secure_storage/CHANGELOG.md

@@ -1,3 +1,91 @@
+## 10.0.0
+This major release brings significant security improvements, platform updates, and modernization across all supported platforms.
+
+### Android
+Due to the deprecation of Jetpack Security library, the Android implementation has been largely rewritten with custom secure ciphers, enhanced biometrics support, and migration tools.
+
+**Breaking Changes:**
+- `AndroidOptions().encryptedSharedPreferences` is now deprecated due to Jetpack Crypto package deprecation
+  - Migration will automatically happen due to `migrateOnAlgorithmChange: true`, which can also be set to false if not wanted.
+- ResetOnError will now automatically be true, because most errors are unrecoverable due to key storage problems. It can still be disabled with `resetOnError: false`
+- Default key cipher changed to `RSA_ECB_OAEPwithSHA_256andMGF1Padding`
+- Default storage cipher changed to `AES_GCM_NoPadding`
+- Minimum Android SDK changed from 19 to 23
+- Target SDK updated to 36
+- Migrated from deprecated Jetpack Crypto library to custom cipher implementation (Tink doesn't support biometrics)
+- Migrated to Java Version 17
+
+**New Features:**
+- New named constructors: `AndroidOptions()`, `AndroidOptions.biometric()`
+- `AndroidOptions().migrateOnAlgorithmChange` automatically migrates data to new ciphers when enabled
+- Improved biometric authentication with graceful degradation when device has no security setup
+- Migration tools for transitioning from deprecated encryptedSharedPreferences
+- Enhanced error handling with proper exception messages for biometric unavailability
+
+**Fixes:**
+- Fixed biometric authentication on devices without security (PIN/pattern/password) - now gracefully degrades when `enforceBiometrics=false`
+- Fixed storage cipher and key cipher pairing validation
+- Fixed migration checks for encrypted shared preferences
+- Fixed biometric permission handling
+- Fixed exception when reading data after boot
+
+**Other Changes:**
+- Updated Gradle, Kotlin, and Tink dependencies
+- Refactored custom cipher implementations for better maintainability
+- Added delete key functions for proper reset handling
+- Migrated to new analyzer and code cleanup
+
+### iOS / macOS (darwin)
+- Merged iOS and macOS implementations into unified `flutter_secure_storage_darwin` package
+- Added support for Swift Package Manager
+- Remove keys regardless of synchronizable state or accessibility constraints
+- Change minimum iOS version from 9 to 12
+- Change minimum macOS version to 10.14
+- Use serial queue for execution of keychain operations
+- Added privacy manifest
+- Refactored code and added missing options to IOSOptions and MacOSOptions
+- Fixed warnings with Privacy Manifest
+- Fixed delete and deleteAll when synchronizable is set
+- Fixed migration when value is saved while key already exists with different accessibility option
+- Use accessibility option for all operations
+- Migrated to new analyzer and code cleanup
+
+### Web
+- Web is now compatible with WASM
+- Updated code style and migrated to very_good_analysis
+- Add check for secure context (operations only allowed with secure context)
+- Remove dart:io to support WASM build
+- Migrated away from `html` to `web` package
+- Removed `js` in favor of using js-interop
+- Added `useSessionStorage` parameter to WebOptions for saving in session storage instead of local storage
+- Updated web dependency support to <2.0.0
+- Migrated to new analyzer and code cleanup
+
+### Windows
+- Upgrades deprecated member usage of win32
+- Migrated to `win32` version 5.5.4 to support Dart 3.4 / Flutter 3.22.0
+- Migrated to new analyzer and code cleanup
+- Write encrypted data to files instead of the Windows credential system
+
+### Linux
+- Fixed whitespace deprecation warning
+- Reverted json.dump with indentations due to problems
+- Fixed search with schemas fails in cold keyrings
+- Fixed erase called on null
+- Fixed memory management issue
+- Remove and replace libjsoncpp1 dependency
+- Migrated to new analyzer and code cleanup
+
+### Platform Interface
+- Remove dart:io to support WASM build of web
+- Migrated to new analyzer and code cleanup
+
+### General Improvements
+- Listener functionality via `FlutterSecureStorage().registerListener()`
+- All platforms updated to support Dart SDK <4.0.0
+- Comprehensive test coverage improvements
+- Documentation updates across all platforms
+
 ## 10.0.0-beta.5
 Due to security issues regarding the handling of biometrics in v10.0.0-beta.4, together with the deprecation
 of Jetpack Security library, it took me some time to find a secure alternative. My apologies for the delay.

flutter_secure_storage/pubspec.yaml

@@ -1,6 +1,6 @@
 name: flutter_secure_storage
 description: A Flutter plugin for securely storing sensitive data using encrypted storage.
-version: 10.0.0-beta.5
+version: 10.0.0
 repository: https://github.com/mogol/flutter_secure_storage/tree/develop/flutter_secure_storage
 
 environment:
@@ -31,11 +31,11 @@ dependencies:
   # implementation constraints as "any". We cannot do it right now as it fails pub publish
   # validation, so we set a ^ constraint.
   # https://github.com/flutter/flutter/issues/46264
-  flutter_secure_storage_darwin: ^0.1.0
-  flutter_secure_storage_linux: ^2.0.0
+  flutter_secure_storage_darwin: ^0.2.0
+  flutter_secure_storage_linux: ^3.0.0
   flutter_secure_storage_platform_interface: ^2.0.1
-  flutter_secure_storage_web: ^2.0.0
-  flutter_secure_storage_windows: ^4.0.0
+  flutter_secure_storage_web: ^2.1.0
+  flutter_secure_storage_windows: ^4.1.0
   meta: ^1.3.0
 
 dev_dependencies: