What is the recommended way to generate an encryption key for Android by Couchbase?

The AndroidX Security library was last updated September 1, 2021. Should we still use that?

I hope you provide an established way on how do we generate an encryption key for Couchbase database in Android.

Do you mean a Couchbase Lite Encryption Key object? You can pass a password directly to the constructor in this case. If you prefer not to do this then there is no official recommendation on what you should use for generation the encryption key data to pass to the other (byte[]) constructor.

I think this depends on your security requirements. There is no one good way to do it, and most companies will have rules around handling security. I’ve seen everything from an end-user pin salted (which I used to use a lot at the previous company I worked for as the only person that knows the encryption password then is the owner of the device) to pull the password from a vault manager like Azure Vault or AWS Secrete Manager.

As @borrrden said, the CBL library generates the key, from a password. Just give the password to the EncryptionKey object, used by the database. You will never have to touch the actual key.