2018-01-03 12:15:58 -05:00
|
|
|
From 2206aff4757e0f1094861f0e9505d1b5ddbf3236 Mon Sep 17 00:00:00 2001
|
2018-01-01 14:49:15 -05:00
|
|
|
From: Tad <tad@spotco.us>
|
2018-01-03 12:15:58 -05:00
|
|
|
Date: Wed, 3 Jan 2018 11:55:06 -0500
|
2018-01-01 14:49:15 -05:00
|
|
|
Subject: [PATCH] Build time variable for AES-256 encryption
|
|
|
|
|
2018-01-03 12:15:58 -05:00
|
|
|
Change-Id: Ib2d53a1d22e935ef0fa5f0f91e3bf5308d9c6459
|
2018-01-01 14:49:15 -05:00
|
|
|
---
|
2018-01-03 12:15:58 -05:00
|
|
|
Android.mk | 4 ++++
|
|
|
|
cryptfs.c | 11 +++++++++--
|
|
|
|
2 files changed, 13 insertions(+), 2 deletions(-)
|
2018-01-01 14:49:15 -05:00
|
|
|
|
2018-01-03 12:15:58 -05:00
|
|
|
diff --git a/Android.mk b/Android.mk
|
|
|
|
index e645574..7112dce 100644
|
|
|
|
--- a/Android.mk
|
|
|
|
+++ b/Android.mk
|
|
|
|
@@ -115,6 +115,10 @@ LOCAL_C_INCLUDES += $(TARGET_CRYPTFS_HW_PATH)
|
|
|
|
LOCAL_CFLAGS += -DCONFIG_HW_DISK_ENCRYPTION
|
|
|
|
endif
|
|
|
|
|
|
|
|
+ifeq ($(TARGET_WANTS_STRONG_ENCRYPTION),true)
|
|
|
|
+LOCAL_CFLAGS += -DCONFIG_STRONG_ENCRYPTION
|
|
|
|
+endif
|
|
|
|
+
|
|
|
|
include $(BUILD_STATIC_LIBRARY)
|
|
|
|
|
|
|
|
include $(CLEAR_VARS)
|
2018-01-01 14:49:15 -05:00
|
|
|
diff --git a/cryptfs.c b/cryptfs.c
|
|
|
|
index b25510f..86ffac3 100644
|
|
|
|
--- a/cryptfs.c
|
|
|
|
+++ b/cryptfs.c
|
|
|
|
@@ -76,9 +76,17 @@
|
|
|
|
|
|
|
|
#define DM_CRYPT_BUF_SIZE 4096
|
|
|
|
|
|
|
|
+#ifdef CONFIG_STRONG_ENCRYPTION
|
|
|
|
+#define HASH_COUNT 6000
|
|
|
|
+#define KEY_LEN_BYTES 32
|
|
|
|
+#define IV_LEN_BYTES 32
|
|
|
|
+#define RSA_KEY_SIZE 4096
|
|
|
|
+#else
|
|
|
|
#define HASH_COUNT 2000
|
|
|
|
#define KEY_LEN_BYTES 16
|
|
|
|
#define IV_LEN_BYTES 16
|
|
|
|
+#define RSA_KEY_SIZE 2048
|
|
|
|
+#endif
|
|
|
|
|
|
|
|
#define KEY_IN_FOOTER "footer"
|
|
|
|
|
|
|
|
@@ -94,13 +102,12 @@
|
|
|
|
|
|
|
|
#define TABLE_LOAD_RETRIES 10
|
|
|
|
|
|
|
|
-#define RSA_KEY_SIZE 2048
|
|
|
|
#define RSA_KEY_SIZE_BYTES (RSA_KEY_SIZE / 8)
|
|
|
|
#define RSA_EXPONENT 0x10001
|
|
|
|
#define KEYMASTER_CRYPTFS_RATE_LIMIT 1 // Maximum one try per second
|
|
|
|
|
|
|
|
#define RETRY_MOUNT_ATTEMPTS 20
|
|
|
|
-#define RETRY_MOUNT_DELAY_SECONDS 1
|
|
|
|
+#define RETRY_MOUNT_DELAY_SECONDS 3
|
|
|
|
|
|
|
|
char *me = "cryptfs";
|
|
|
|
|
|
|
|
--
|
|
|
|
2.15.1
|
|
|
|
|