Patrick Brennan Patrick Brennan - 3 months ago 17
Android Question

Is it me, or is DevicePolicyManager.getStorageEncryptionStatus() broken?

I am trying to determine the storage encryption status of my Android device from within my application. Following the recommendations of the relevant Android Developer page, here is my code:

DevicePolicyManager mDPM = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
int encryptionStatus = mDPM.getStorageEncryptionStatus();
if (DEBUG) Log.v(TAG, "checkSecuritySettingsSufficient: encryptionStatus=" + encryptionStatus);


Here's the trouble: when I run this code on a device (I've tried it on a Motorola Droid Maxx running Android 4.4.4 and a Nexus 7 running Android 5.0.2) which I have previously encrypted,
DevicePolicyManager.getStorageEncryptionStatus()
will always return a value of 1, i.e.
ENCRYPTION_STATUS_INACTIVE
.

Android is therefore reporting that the device is not encrypted, despite the fact that the file system is definitely encrypted (I checked its status from the
Settings > Security
page).

Is this function broken? There doesn't seem to be any mention of that on SO or on other web sources. This leads me to believe that I am not doing something correctly with respect to
DevicePolicyManager
.

UPDATE After running through the encryption steps again with the Motorola device,
DevicePolicyManager.getStorageEncryptionStatus()
is returning the correct value, but it's still failing on the Nexus 7.

Answer

I just ran into this same issue and found out it was happening because the device had disk encryption enabled, but did not require the passcode be entered at startup. Changing the passcode, and forcing the require PIN at startup option to be true made DevicePolicyManager.getStorageEncryptionStatus() correctly return ENCRYPTION_STATUS_ACTIVE.