Merge "Recognise insecure encryption with a new constant"
diff --git a/api/current.txt b/api/current.txt
index 62bedf1..feae0b7 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -5590,6 +5590,7 @@
field public static final java.lang.String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";
field public static final int ENCRYPTION_STATUS_ACTIVATING = 2; // 0x2
field public static final int ENCRYPTION_STATUS_ACTIVE = 3; // 0x3
+ field public static final int ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY = 4; // 0x4
field public static final int ENCRYPTION_STATUS_INACTIVE = 1; // 0x1
field public static final int ENCRYPTION_STATUS_UNSUPPORTED = 0; // 0x0
field public static final java.lang.String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION";
diff --git a/api/system-current.txt b/api/system-current.txt
index 6716c49..cc47d19 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -5693,6 +5693,7 @@
field public static final java.lang.String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";
field public static final int ENCRYPTION_STATUS_ACTIVATING = 2; // 0x2
field public static final int ENCRYPTION_STATUS_ACTIVE = 3; // 0x3
+ field public static final int ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY = 4; // 0x4
field public static final int ENCRYPTION_STATUS_INACTIVE = 1; // 0x1
field public static final int ENCRYPTION_STATUS_UNSUPPORTED = 0; // 0x0
field public static final java.lang.String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION";
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 245db06d..a659acb5 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -1766,7 +1766,7 @@
public static final int ENCRYPTION_STATUS_INACTIVE = 1;
/**
- * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}:
+ * Result code for {@link #getStorageEncryptionStatus}:
* indicating that encryption is not currently active, but is currently
* being activated. This is only reported by devices that support
* encryption of data and only when the storage is currently
@@ -1782,6 +1782,13 @@
public static final int ENCRYPTION_STATUS_ACTIVE = 3;
/**
+ * Result code for {@link #getStorageEncryptionStatus}:
+ * indicating that encryption is active, but an encryption key has not
+ * been set by the user.
+ */
+ public static final int ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY = 4;
+
+ /**
* Activity action: begin the process of encrypting data on the device. This activity should
* be launched after using {@link #setStorageEncryption} to request encryption be activated.
* After resuming from this activity, use {@link #getStorageEncryption}
@@ -1905,12 +1912,15 @@
* storage system does not support encryption. If the
* result is {@link #ENCRYPTION_STATUS_INACTIVE}, use {@link
* #ACTION_START_ENCRYPTION} to begin the process of encrypting or decrypting the
- * storage. If the result is {@link #ENCRYPTION_STATUS_ACTIVATING} or
+ * storage. If the result is {@link #ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY}, the
+ * storage system has enabled encryption but no password is set so further action
+ * may be required. If the result is {@link #ENCRYPTION_STATUS_ACTIVATING} or
* {@link #ENCRYPTION_STATUS_ACTIVE}, no further action is required.
*
* @return current status of encryption. The value will be one of
* {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE},
- * {@link #ENCRYPTION_STATUS_ACTIVATING}, or{@link #ENCRYPTION_STATUS_ACTIVE}.
+ * {@link #ENCRYPTION_STATUS_ACTIVATING}, {@link #ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY},
+ * or {@link #ENCRYPTION_STATUS_ACTIVE}.
*/
public int getStorageEncryptionStatus() {
return getStorageEncryptionStatus(UserHandle.myUserId());
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 985c93c..0080d9e 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -3527,8 +3527,9 @@
/**
* Hook to low-levels: Reporting the current status of encryption.
- * @return A value such as {@link DevicePolicyManager#ENCRYPTION_STATUS_UNSUPPORTED} or
- * {@link DevicePolicyManager#ENCRYPTION_STATUS_INACTIVE} or
+ * @return A value such as {@link DevicePolicyManager#ENCRYPTION_STATUS_UNSUPPORTED},
+ * {@link DevicePolicyManager#ENCRYPTION_STATUS_INACTIVE},
+ * {@link DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY}, or
* {@link DevicePolicyManager#ENCRYPTION_STATUS_ACTIVE}.
*/
private int getEncryptionStatus() {
@@ -3538,7 +3539,7 @@
try {
return LockPatternUtils.isDeviceEncrypted()
? DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE
- : DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE;
+ : DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY;
} finally {
Binder.restoreCallingIdentity(token);
}