DivestOS/Patches/LineageOS-14.1/android_system_vold/0001-StrongAES.patch

From 2a36c9678050564b7378a39262f8c58c8eef51ab Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sat, 28 Apr 2018 13:50:21 -0400
Subject: [PATCH] Build time variable for AES 192/256 encryption

Change-Id: Icd16a3fac203ac2e070d548a7c2ce001035addd9
---
 Android.mk |  8 ++++++++
 cryptfs.c  | 16 ++++++++++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/Android.mk b/Android.mk
index e645574..19645f0 100644
--- a/Android.mk
+++ b/Android.mk
@@ -115,6 +115,14 @@ LOCAL_C_INCLUDES += $(TARGET_CRYPTFS_HW_PATH)
 LOCAL_CFLAGS += -DCONFIG_HW_DISK_ENCRYPTION
 endif
 
+ifeq ($(TARGET_WANTS_AES192_ENCRYPTION),true)
+LOCAL_CFLAGS += -DCONFIG_AES192_ENCRYPTION
+endif
+
+ifeq ($(TARGET_WANTS_AES256_ENCRYPTION),true)
+LOCAL_CFLAGS += -DCONFIG_AES256_ENCRYPTION
+endif
+
 include $(BUILD_STATIC_LIBRARY)
 
 include $(CLEAR_VARS)
diff --git a/cryptfs.c b/cryptfs.c
index b25510f..a6dd9fa 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -76,9 +76,22 @@
 
 #define DM_CRYPT_BUF_SIZE 4096
 
+#ifdef CONFIG_AES256_ENCRYPTION
+#define HASH_COUNT 6000
+#define KEY_LEN_BYTES 32
+#define IV_LEN_BYTES 32
+#define RSA_KEY_SIZE 4096
+#else ifdef CONFIG_AES192_ENCRYPTION
+#define HASH_COUNT 6000
+#define KEY_LEN_BYTES 24
+#define IV_LEN_BYTES 24
+#define RSA_KEY_SIZE 4096
+#else
 #define HASH_COUNT 2000
 #define KEY_LEN_BYTES 16
 #define IV_LEN_BYTES 16
+#define RSA_KEY_SIZE 2048
+#endif
 
 #define KEY_IN_FOOTER  "footer"
 
@@ -94,13 +107,12 @@
 
 #define TABLE_LOAD_RETRIES 10
 
-#define RSA_KEY_SIZE 2048
 #define RSA_KEY_SIZE_BYTES (RSA_KEY_SIZE / 8)
 #define RSA_EXPONENT 0x10001
 #define KEYMASTER_CRYPTFS_RATE_LIMIT 1  // Maximum one try per second
 
 #define RETRY_MOUNT_ATTEMPTS 20
-#define RETRY_MOUNT_DELAY_SECONDS 1
+#define RETRY_MOUNT_DELAY_SECONDS 3
 
 char *me = "cryptfs";
 
-- 
2.17.0