Geek Answers Handbook

Find out if the device is encrypted with an encrypted drive and what encryption was used?

Since Android 3.0 full disk encryption is supported, but I do not see any API for this ability. I need to know two specific things:

  • Is the device encrypted?
  • What encryption is used.

I found a low level explanation here and it seems that 128 AES encryption is used with CBC and ESSIV: SHA256, but it does not talk about how to determine if the device is encrypted.

So, is there a way my application can ask if the device uses the full disk encryption feature, or do I need to use hacker solutions like Runtime.exec calls?

+4
source share
2 answers

As @Mikle mentions, you can simply call DevicePolicyManager and set its status

 @SuppressLint("NewApi") private boolean isEncrypted(Context context) { DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context .getSystemService(Context.DEVICE_POLICY_SERVICE); if (Build.VERSION.SDK_INT > Build.VERSION_CODES.HONEYCOMB) { int status = devicePolicyManager.getStorageEncryptionStatus(); if (DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE == status) { return true; } } return false; }
+9
source

I think the API you are looking for is part of the Device Administration APIs . In particular, you need to configure DeviceAdminReceiver, and in the "uses-policies" section of device_admin.xml add the "encrypted-storage" element. You can then call setStorageEncryption to indicate what type of encryption should be used. DeviceAdminSample.java should provide you with most of the code you need. This is a kind of indirect way to find out if the device is encrypted, but this is the only public API that I know of.

It also will not tell you which encryption is used ... I could not find an API for this.

+3
source

More articles:


All Articles