setStorageEncryption produces no effect

Question

I've played with Device Administration API on my Pandaboard and it seems that setStorageEncryption method produces no effect, despite status returned by getStorageEncryption is TRUE.

In case of Panda board the application internal storage is physically placed somewhere on the removable flash card (it doesn't have any other flash storage). So i did the following:

1. Call setStorageEncryption(true) (DeviceAdminSample.java from ApiDemos example).
2. Verify that the encryption is active by calling getStorageEncryption, getStorageEncryptionStatus and save an example file on internal storage.

if (mDPM.getStorageEncryption(mDeviceAdminSample)) {
        string = "TRUE Encryption";
}

FileOutputStream fos = null;

fos = openFileOutput("hello_file.txt", Context.MODE_PRIVATE);
fos.write(string.getBytes());
fos.close();

1. Extract the SD card from the Pandaboard, put it into the card-reader and copy the whole content to my PC

   sudo dd if=/dev/sdc of=~/workspace/flash_card.bin

2. try to find the string:

   $ grep -Ubo --binary-files=text 'TRUE Encryption' ~/workspace/flash_card.bin

   583576877:TRUE Encryption

As it found the string i make a conclusion that no encryption is in place.

Does actually setStorageEncryption enables the encryption or it only requests encryption or in other words "declares your intent" to have the storage encrypted?

Answer 1

I believe you have to call following code additionally:

// Launch the activity to activate encryption.  May or may not return!
Intent intent = new Intent(DevicePolicyManager.ACTION_START_ENCRYPTION);
startActivityForResult(intent, REQUEST_CODE_START_ENCRYPTION);

It's taken from device admin sample.