DivestOS/Patches/LineageOS-15.1/android_system_vold/0001-AES256.patch

From a740f4f2065a382f2466bac575327ad4ec3407dd Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 12 Feb 2018 03:34:43 -0500
Subject: [PATCH] Build time variable for AES-256 encryption

Change-Id: I3c826025bf98a180ddd17f47e8bf9e13b5252f3d
---
 Android.mk  |  4 ++++
 cryptfs.cpp | 11 +++++++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/Android.mk b/Android.mk
index 29a7852..2962180 100644
--- a/Android.mk
+++ b/Android.mk
@@ -114,6 +114,10 @@ ifeq ($(TARGET_HW_DISK_ENCRYPTION),true)
   vold_cflags += -DCONFIG_HW_DISK_ENCRYPTION
 endif
 
+ifeq ($(TARGET_WANTS_STRONG_ENCRYPTION),true)
+LOCAL_CFLAGS += -DCONFIG_STRONG_ENCRYPTION
+endif
+
 ifeq ($(TARGET_KERNEL_HAVE_EXFAT),true)
   vold_cflags += -DCONFIG_KERNEL_HAVE_EXFAT
 endif
diff --git a/cryptfs.cpp b/cryptfs.cpp
index f01929a..22ae3b6 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -75,9 +75,17 @@ extern "C" {
 
 #define DM_CRYPT_BUF_SIZE 4096
 
+#ifdef CONFIG_STRONG_ENCRYPTION
+#define HASH_COUNT 6000
+#define KEY_LEN_BYTES 32
+#define IV_LEN_BYTES 32
+#define RSA_KEY_SIZE 4096
+#else
 #define HASH_COUNT 2000
 #define KEY_LEN_BYTES 16
 #define IV_LEN_BYTES 16
+#define RSA_KEY_SIZE 2048
+#endif
 
 #define KEY_IN_FOOTER  "footer"
 
@@ -93,13 +101,12 @@ extern "C" {
 
 #define TABLE_LOAD_RETRIES 10
 
-#define RSA_KEY_SIZE 2048
 #define RSA_KEY_SIZE_BYTES (RSA_KEY_SIZE / 8)
 #define RSA_EXPONENT 0x10001
 #define KEYMASTER_CRYPTFS_RATE_LIMIT 1  // Maximum one try per second
 
 #define RETRY_MOUNT_ATTEMPTS 10
-#define RETRY_MOUNT_DELAY_SECONDS 1
+#define RETRY_MOUNT_DELAY_SECONDS 3
 
 static unsigned char saved_master_key[KEY_LEN_BYTES];
 static char *saved_mount_point;
-- 
2.16.1
15.1: Much more work on rebase 2018-02-12 03:43:26 -05:00			`From a740f4f2065a382f2466bac575327ad4ec3407dd Mon Sep 17 00:00:00 2001`
			`From: Tad <tad@spotco.us>`
			`Date: Mon, 12 Feb 2018 03:34:43 -0500`
			`Subject: [PATCH] Build time variable for AES-256 encryption`

			`Change-Id: I3c826025bf98a180ddd17f47e8bf9e13b5252f3d`
			`---`
			`Android.mk \| 4 ++++`
			`cryptfs.cpp \| 11 +++++++++--`
			`2 files changed, 13 insertions(+), 2 deletions(-)`

			`diff --git a/Android.mk b/Android.mk`
			`index 29a7852..2962180 100644`
			`--- a/Android.mk`
			`+++ b/Android.mk`
			`@@ -114,6 +114,10 @@ ifeq ($(TARGET_HW_DISK_ENCRYPTION),true)`
			`vold_cflags += -DCONFIG_HW_DISK_ENCRYPTION`
			`endif`

			`+ifeq ($(TARGET_WANTS_STRONG_ENCRYPTION),true)`
			`+LOCAL_CFLAGS += -DCONFIG_STRONG_ENCRYPTION`
			`+endif`
			`+`
			`ifeq ($(TARGET_KERNEL_HAVE_EXFAT),true)`
			`vold_cflags += -DCONFIG_KERNEL_HAVE_EXFAT`
			`endif`
			`diff --git a/cryptfs.cpp b/cryptfs.cpp`
			`index f01929a..22ae3b6 100644`
			`--- a/cryptfs.cpp`
			`+++ b/cryptfs.cpp`
			`@@ -75,9 +75,17 @@ extern "C" {`

			`#define DM_CRYPT_BUF_SIZE 4096`

			`+#ifdef CONFIG_STRONG_ENCRYPTION`
			`+#define HASH_COUNT 6000`
			`+#define KEY_LEN_BYTES 32`
			`+#define IV_LEN_BYTES 32`
			`+#define RSA_KEY_SIZE 4096`
			`+#else`
			`#define HASH_COUNT 2000`
			`#define KEY_LEN_BYTES 16`
			`#define IV_LEN_BYTES 16`
			`+#define RSA_KEY_SIZE 2048`
			`+#endif`

			`#define KEY_IN_FOOTER "footer"`

			`@@ -93,13 +101,12 @@ extern "C" {`

			`#define TABLE_LOAD_RETRIES 10`

			`-#define RSA_KEY_SIZE 2048`
			`#define RSA_KEY_SIZE_BYTES (RSA_KEY_SIZE / 8)`
			`#define RSA_EXPONENT 0x10001`
			`#define KEYMASTER_CRYPTFS_RATE_LIMIT 1 // Maximum one try per second`

			`#define RETRY_MOUNT_ATTEMPTS 10`
			`-#define RETRY_MOUNT_DELAY_SECONDS 1`
			`+#define RETRY_MOUNT_DELAY_SECONDS 3`

			`static unsigned char saved_master_key[KEY_LEN_BYTES];`
			`static char *saved_mount_point;`
			`--`
			`2.16.1`