How can I find out if the iPhone user currently has a passcode set and encryption enabled?
I'm writing an iPhone application that requires its data to be encrypted. I've learned how to turn on encryption for files by setting the NSFileProtectionComplete attribute. I also know how to check the iPhone version to make sure they are running iOS 4.0 or better.
What I've realized though, that if the user has not chosen a passcode and has not specifically enabled data protection on the Settings > General > Passcade Lock screen then the data isn't actually protected at all.
I'd like to pop up a warning and tell the user that they must enable a passcode and turn on data protection (which requires a backup and restore on pre-4 iPhones), and then exit the application if they do not have a passcode and data protection enabled. I can't figure out anyway to find out the state of these settings though. All of the APIs I've found, such as "protectedDataAvailable" in UIApplication all pass with success if data protection is disabled.
Answer
Disclaimer: This answer was valid until ios 4.3.3
If data protection is turned on, a newly created file will have a nil NSFileProtectionKey by default.
If data protection is turned off, a newly created file will have a NSFileProtectionNone NSFileProtectionKey by default.
Thus, you could detect the presence of file protection with the following code:
NSString *tmpDirectoryPath =
[NSHomeDirectory() stringByAppendingPathComponent:@"tmp"];
NSString *testFilePath =
[tmpDirectoryPath stringByAppendingPathComponent:@"testFile"];
[@"" writeToFile:testFilePath
atomically:YES
encoding:NSUTF8StringEncoding
error:NULL]; // obviously, do better error handling
NSDictionary *testFileAttributes =
[[NSFileManager defaultManager] attributesOfItemAtPath:testFile1Path
error:NULL];
BOOL fileProtectionEnabled =
[NSFileProtectionNone isEqualToString:[testFile1Attributes objectForKey:NSFileProtectionKey]];