Class Overview
This class provides APIs to control device security settings.
Summary
|
[Expand]
Inherited Methods |
|---|
From class
java.lang.Object
|
Object
|
clone()
|
|
boolean
|
equals(Object arg0)
|
|
void
|
finalize()
|
|
final
Class<?>
|
getClass()
|
|
int
|
hashCode()
|
|
final
void
|
notify()
|
|
final
void
|
notifyAll()
|
|
String
|
toString()
|
|
final
void
|
wait(long arg0, int arg1)
|
|
final
void
|
wait(long arg0)
|
|
final
void
|
wait()
|
|
Constants
public
static
final
int
WIPE_EXTERNAL_MEMORY
Since: API level 2
Flag to wipe external memory
Constant Value:
2
(0x00000002)
public
static
final
int
WIPE_INTERNAL_EXTERNAL_MEMORY
Since: API level 2
Flag to wipe internal and external memory
Constant Value:
3
(0x00000003)
public
static
final
int
WIPE_INTERNAL_MEMORY
Since: API level 2
Flag to wipe internal memory
Constant Value:
1
(0x00000001)
Public Methods
public
boolean
addClipboardTextData
(String clip)
Deprecated
in API level 33
API to add text data to the device clipboard.
Parameters
| clip
| text data to be added to the device clipboard |
Returns
true if clipboard string was successfully added, else false
.
Usage
| An administrator can use this API to add new text data on the device clipboard.
|
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_CLIPBOARD" permission which has a protection level
of signature. |
public
boolean
clearClipboardData
()
Deprecated
in API level 33
NOTE: This API is not available since Android 12.
API to clear the device clipboard.
Returns
- Returns
true if the clipboard was cleared successfully, else
false.
Usage
An administrator can use this API to clear the data from the device clipboard. The
return is true if the device clipboard is cleared or false if the
clipboard is not cleared. This API will clear all the clipboard content from device, even the
locked ones.
|
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_CLIPBOARD" permission which has a protection level
of signature. |
public
String
getClipboardTextData
()
Deprecated
in API level 33
API to read text data from the device clipboard.
Returns
- text data from the device clipboard.
Usage
An administrator can use this API to read text data from the device clipboard. The
return is null if the device clipboard contains no data or the data cannot be
read.
|
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_CLIPBOARD" permission which has a protection level
of signature. |
public
boolean
getRequireDeviceEncryption
(ComponentName admin)
Deprecated
in API level 33
API to determine whether device encryption is required.
Parameters
| admin
| The component name of the administrator |
Returns
true if device encryption is enabled, false otherwise.
Usage
| An administrator can use this API to check whether a given administrator has requested
device encryption and take appropriate action based on applied policy. |
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. |
public
boolean
getRequireStorageCardEncryption
(ComponentName admin)
Deprecated
in API level 35
API to determine whether storage card encryption is required.
Parameters
| admin
| The component Name of the administrator |
Returns
true if device encryption is enabled, false otherwise.
Usage
| An administrator can use this API to check whether a given administrator has requested
SD card encryption and take appropriate action based on applied policy. |
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. |
public
boolean
isExternalStorageEncrypted
()
API to check the state of external storage encryption.
Returns
true if external storage is encrypted, else
false
Usage
| An administrator can use this API to check whether external storage encryption is
enabled and take appropriate action based on applied policy. |
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. |
public
boolean
isInternalStorageEncrypted
()
Deprecated
in API level 33
API to check the state of internal storage encryption.
Returns
true if internal storage is encrypted, else
false
Usage
An administrator can use this API to check whether internal storage encryption is
enabled and take appropriate action based on applied policy. For
devices with Android 3.0 onward, this API returns true only if encryption is
completed. |
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. |
public
void
setExternalStorageEncryption
(boolean isEncrypt)
API to encrypt external storage.
Parameters
| isEncrypt
| true if encryption is required, false if
decryption is required |
Usage
| An administrator can use this API to enable external Secure Digital (SD) card
encryption if available. Before calling this API, the administrator must ensure that the
device password is set to alphanumeric quality. The administrator can set an alphanumeric
quality password by using the Android API setPasswordQuality(ComponentName, int).
- The user is prompted to start/cancel encryption/decryption.
- If the user chooses to start encryption/decryption:
- The user is prompted to enter the device password, and encryption/decryption starts.
- Once completed the SD card remounts.
- If the user chooses to cancel encryption/decryption:
- The administrator can configure device behavior (for example, unmount SD card).
- On the next SD card mount the SD card is forced to start the encryption/decryption
process.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
DevicePolicyManager dpm = (DevicePolicyManager) getSystemService(
Context.DEVICE_POLICY_SERVICE);
DeviceSecurityPolicy deviceSecurityPolicy = edm.getDeviceSecurityPolicy();
try {
// Check first if password is enabled with sufficient strength
if (dpm.isActivePasswordSufficient()) {
// First apply policy
deviceSecurityPolicy.setRequireStorageCardEncryption(true);
// Initiate encryption
deviceSecurityPolicy.setExternalStorageEncryption(true);
}
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. |
public
void
setInternalStorageEncryption
(boolean isEncrypt)
Deprecated
in API level 33
API to encrypt internal storage.
Parameters
| isEncrypt
| true if encryption is required, false if
decryption is required |
Usage
| An administrator can use this API to enable full device encryption, which includes
device memory and an internal Secure Digital (SD) card. Before calling this API, the
administrator must ensure that the device password is set to alphanumeric quality. The
administrator can set an alphanumeric quality password by using the Android API setPasswordQuality(ComponentName, int).
- The user is prompted to start/cancel encryption/decryption; see
ACTION_START_ENCRYPTION.
- Device must reboot.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
DevicePolicyManager dpm = (DevicePolicyManager) getSystemService(
Context.DEVICE_POLICY_SERVICE);
DeviceSecurityPolicy deviceSecurityPolicy = edm.getDeviceSecurityPolicy();
try {
// Check first if password is enabled with sufficient strength
if (dpm.isActivePasswordSufficient()) {
// First apply policy
deviceSecurityPolicy.setRequireDeviceEncryption(true);
// Initiate encryption
deviceSecurityPolicy.setInternalStorageEncryption(true);
}
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. |
public
void
setRequireDeviceEncryption
(ComponentName admin, boolean value)
Deprecated
in API level 33
API to set whether device encryption is required.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
DeviceSecurityPolicy deviceSecurityPolicy = edm.getDeviceSecurityPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
deviceSecurityPolicy.setRequireDeviceEncryption(enterpriseDeviceAdmin, true);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
Parameters
| admin
| The component name of the administrator |
| value
| true to enable encryption, false to disable. |
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. Moreover, the device administrator must have a 'encrypted-storage' tag for
Android version 3.0 onward in the 'uses-policies' section of its meta-data; if the tag does not exist, a security
exception is thrown. |
public
void
setRequireStorageCardEncryption
(ComponentName admin, boolean value)
API to set whether storage card encryption is required.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
DeviceSecurityPolicy deviceSecurityPolicy = edm.getDeviceSecurityPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context,
EDMTestsAdmin.class);
deviceSecurityPolicy.setRequireStorageCardEncryption(enterpriseDeviceAdmin, true);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
Parameters
| admin
| The component Name of the administrator |
| value
| true to enable encryption, false to disable. |
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. Moreover, the device administrator must have a 'require-storagecard-encryption'
tag in the 'uses-policies' section of its meta-data. |
public
boolean
wipeDevice
(int flags)
Deprecated
in API level 35
API to selectively wipe external memory, internal memory, or both.
Returns
- For external memory wipe, returns
true on success and
false if the device doesn't support external memory slots or fails. For other
cases, device reboots to complete wipe operation.
Usage
| An administrator can use this API to wipe both SD card data as well as application
data. Internal formatting may require rebooting the device.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
DeviceSecurityPolicy deviceSecurityPolicy = edm.getDeviceSecurityPolicy();
try {
boolean result = deviceSecurityPolicy
.wipeDevice(DeviceSecurityPolicy.WIPE_EXTERNAL_MEMORY);
if (true == result) {
// SD card memory successfully wiped
}
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
Permission
| The use of this API requires the caller to have the
"com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level
of signature. |
