Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3795fb0a authored by Robin Lee's avatar Robin Lee
Browse files

Recognise insecure encryption with a new constant 

This is the default state on some devices which ship with encrypted key
storage set up already but no initial password.

Bug: 18048558
Change-Id: I055527fde21298bae2dbdca8c3a145f19b045aad
parent 3ef69833

api/current.txt

+1 −0
Original line number Diff line number Diff line
@@ -5539,6 +5539,7 @@ package android.app.admin { 
    field public static final java.lang.String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final int ENCRYPTION_STATUS_ACTIVATING = 2; // 0x2

    field public static final int ENCRYPTION_STATUS_ACTIVE = 3; // 0x3

    field public static final int ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY = 4; // 0x4

    field public static final int ENCRYPTION_STATUS_INACTIVE = 1; // 0x1

    field public static final int ENCRYPTION_STATUS_UNSUPPORTED = 0; // 0x0

    field public static final java.lang.String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION";

api/system-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -5641,6 +5641,7 @@ package android.app.admin { 
    field public static final java.lang.String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final int ENCRYPTION_STATUS_ACTIVATING = 2; // 0x2

    field public static final int ENCRYPTION_STATUS_ACTIVE = 3; // 0x3

    field public static final int ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY = 4; // 0x4

    field public static final int ENCRYPTION_STATUS_INACTIVE = 1; // 0x1

    field public static final int ENCRYPTION_STATUS_UNSUPPORTED = 0; // 0x0

    field public static final java.lang.String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION";

core/java/android/app/admin/DevicePolicyManager.java

+13 −3
Original line number Diff line number Diff line
@@ -1683,7 +1683,7 @@ public class DevicePolicyManager { 
    public static final int ENCRYPTION_STATUS_INACTIVE = 1;



    /**

     * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}:

     * Result code for {@link #getStorageEncryptionStatus}:

     * indicating that encryption is not currently active, but is currently

     * being activated.  This is only reported by devices that support

     * encryption of data and only when the storage is currently
@@ -1698,6 +1698,13 @@ public class DevicePolicyManager { 
     */

    public static final int ENCRYPTION_STATUS_ACTIVE = 3;



    /**

     * Result code for {@link #getStorageEncryptionStatus}:

     * indicating that encryption is active, but an encryption key has not

     * been set by the user.

     */

    public static final int ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY = 4;



    /**

     * Activity action: begin the process of encrypting data on the device.  This activity should

     * be launched after using {@link #setStorageEncryption} to request encryption be activated.
@@ -1822,12 +1829,15 @@ public class DevicePolicyManager { 
     * storage system does not support encryption.  If the

     * result is {@link #ENCRYPTION_STATUS_INACTIVE}, use {@link

     * #ACTION_START_ENCRYPTION} to begin the process of encrypting or decrypting the

     * storage.  If the result is {@link #ENCRYPTION_STATUS_ACTIVATING} or

     * storage.  If the result is {@link #ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY}, the

     * storage system has enabled encryption but no password is set so further action

     * may be required.  If the result is {@link #ENCRYPTION_STATUS_ACTIVATING} or

     * {@link #ENCRYPTION_STATUS_ACTIVE}, no further action is required.

     *

     * @return current status of encryption. The value will be one of

     * {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE},

     * {@link #ENCRYPTION_STATUS_ACTIVATING}, or{@link #ENCRYPTION_STATUS_ACTIVE}.

     * {@link #ENCRYPTION_STATUS_ACTIVATING}, {@link #ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY},

     * or {@link #ENCRYPTION_STATUS_ACTIVE}.

     */

    public int getStorageEncryptionStatus() {

        return getStorageEncryptionStatus(UserHandle.myUserId());

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+4 −3
Original line number Diff line number Diff line
@@ -3504,8 +3504,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 


    /**

     * Hook to low-levels:  Reporting the current status of encryption.

     * @return A value such as {@link DevicePolicyManager#ENCRYPTION_STATUS_UNSUPPORTED} or

     * {@link DevicePolicyManager#ENCRYPTION_STATUS_INACTIVE} or

     * @return A value such as {@link DevicePolicyManager#ENCRYPTION_STATUS_UNSUPPORTED},

     * {@link DevicePolicyManager#ENCRYPTION_STATUS_INACTIVE},

     * {@link DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY}, or

     * {@link DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE}.

     */

    private int getEncryptionStatus() {
@@ -3515,7 +3516,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
            try {

                return LockPatternUtils.isDeviceEncrypted()

                        ? DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE

                        : DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE;

                        : DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY;

            } finally {

                Binder.restoreCallingIdentity(token);

            }