From a740f4f2065a382f2466bac575327ad4ec3407dd Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 12 Feb 2018 03:34:43 -0500
Subject: [PATCH] Build time variable for AES-256 encryption

Change-Id: I3c826025bf98a180ddd17f47e8bf9e13b5252f3d
---
 Android.mk  |  4 ++++
 cryptfs.cpp | 11 +++++++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/Android.mk b/Android.mk
index 29a7852..2962180 100644
--- a/Android.mk
+++ b/Android.mk
@@ -114,6 +114,10 @@ ifeq ($(TARGET_HW_DISK_ENCRYPTION),true)
   vold_cflags += -DCONFIG_HW_DISK_ENCRYPTION
 endif
 
+ifeq ($(TARGET_WANTS_STRONG_ENCRYPTION),true)
+LOCAL_CFLAGS += -DCONFIG_STRONG_ENCRYPTION
+endif
+
 ifeq ($(TARGET_KERNEL_HAVE_EXFAT),true)
   vold_cflags += -DCONFIG_KERNEL_HAVE_EXFAT
 endif
diff --git a/cryptfs.cpp b/cryptfs.cpp
index f01929a..22ae3b6 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -75,9 +75,17 @@ extern "C" {
 
 #define DM_CRYPT_BUF_SIZE 4096
 
+#ifdef CONFIG_STRONG_ENCRYPTION
+#define HASH_COUNT 6000
+#define KEY_LEN_BYTES 32
+#define IV_LEN_BYTES 32
+#define RSA_KEY_SIZE 4096
+#else
 #define HASH_COUNT 2000
 #define KEY_LEN_BYTES 16
 #define IV_LEN_BYTES 16
+#define RSA_KEY_SIZE 2048
+#endif
 
 #define KEY_IN_FOOTER  "footer"
 
@@ -93,13 +101,12 @@ extern "C" {
 
 #define TABLE_LOAD_RETRIES 10
 
-#define RSA_KEY_SIZE 2048
 #define RSA_KEY_SIZE_BYTES (RSA_KEY_SIZE / 8)
 #define RSA_EXPONENT 0x10001
 #define KEYMASTER_CRYPTFS_RATE_LIMIT 1  // Maximum one try per second
 
 #define RETRY_MOUNT_ATTEMPTS 10
-#define RETRY_MOUNT_DELAY_SECONDS 1
+#define RETRY_MOUNT_DELAY_SECONDS 3
 
 static unsigned char saved_master_key[KEY_LEN_BYTES];
 static char *saved_mount_point;
-- 
2.16.1