diff options
| -rw-r--r-- | core/java/android/app/ContextImpl.java | 4 | ||||
| -rw-r--r-- | core/java/android/content/Context.java | 12 |
2 files changed, 10 insertions, 6 deletions
diff --git a/core/java/android/app/ContextImpl.java b/core/java/android/app/ContextImpl.java index 569ab1116b5b..fab3740610e6 100644 --- a/core/java/android/app/ContextImpl.java +++ b/core/java/android/app/ContextImpl.java @@ -1762,10 +1762,6 @@ class ContextImpl extends Context { @Override public Context createDeviceEncryptedStorageContext() { - if (!StorageManager.isFileBasedEncryptionEnabled()) { - return null; - } - final int flags = (mFlags & ~Context.CONTEXT_CREDENTIAL_ENCRYPTED_STORAGE) | Context.CONTEXT_DEVICE_ENCRYPTED_STORAGE; return new ContextImpl(this, mMainThread, mPackageInfo, mActivityToken, diff --git a/core/java/android/content/Context.java b/core/java/android/content/Context.java index a6036bb87861..84f6f3da3edb 100644 --- a/core/java/android/content/Context.java +++ b/core/java/android/content/Context.java @@ -4021,13 +4021,16 @@ public abstract class Context { * Because device-encrypted data is available before user authentication, * you should carefully consider what data you store using this Context. * <p> + * If the underlying device does not have the ability to store + * device-encrypted and credential-encrypted data using different keys, then + * both storage areas will become available at the same time. They remain + * two distinct storage areas, and only the window of availability changes. + * <p> * Each call to this method returns a new instance of a Context object; * Context objects are not shared, however common state (ClassLoader, other * Resources for the same configuration) may be so the Context itself can be * fairly lightweight. * - * @return new Context or {@code null} if device-encrypted storage is not - * supported or available on this device. * @see #isDeviceEncryptedStorage() */ public abstract Context createDeviceEncryptedStorageContext(); @@ -4041,6 +4044,11 @@ public abstract class Context { * <em>only after</em> the user has entered their credentials (such as a * lock pattern or PIN). * <p> + * If the underlying device does not have the ability to store + * device-encrypted and credential-encrypted data using different keys, then + * both storage areas will become available at the same time. They remain + * two distinct storage areas, and only the window of availability changes. + * <p> * Each call to this method returns a new instance of a Context object; * Context objects are not shared, however common state (ClassLoader, other * Resources for the same configuration) may be so the Context itself can be |