I'm currently trying to understand how the iOS On-Disk Encryption works. I've read Protecting Data Using On-Disk Encryption in the iOS App Programming Guide. It says that user must have an active passcode lock set for the device.
But some things are still unclear for me:
Will application still be able to decrypt previously encrypted file if...
- user will disable passcode?
- user will disable passcode and then enable it back with the same value?
- user will change passcode?
Yes. There really isn't much more to the answer. The OS manages all of this for you.
If you want all the gory details, they're explained in the iOS Security Guide. It's not trivial to explain because there are multiple keys wrapped in keys, and various keys may be unwrapped and rewrapped when the user changes things. But the short version is "yes."