divestos-build/Patches/LineageOS-15.1/android_system_vold/0001-StrongAES.patch

From 2865dba2a7b981a275b183c1c47079cc88044e15 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sat, 28 Apr 2018 13:45:42 -0400
Subject: [PATCH] Build time variable for AES 192/256 encryption

Change-Id: I194deffbabbfb3dadd3d1af90924b99e7fd54552
---
 Android.mk  |  8 ++++++++
 cryptfs.cpp | 14 +++++++++++++-
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/Android.mk b/Android.mk
index 2beae28..4f310c1 100644
--- a/Android.mk
+++ b/Android.mk
@@ -115,6 +115,14 @@ ifeq ($(TARGET_HW_DISK_ENCRYPTION),true)
   vold_cflags += -DCONFIG_HW_DISK_ENCRYPTION
 endif
 
+ifeq ($(TARGET_WANTS_AES192_ENCRYPTION),true)
+LOCAL_CFLAGS += -DCONFIG_AES192_ENCRYPTION
+endif
+
+ifeq ($(TARGET_WANTS_AES256_ENCRYPTION),true)
+LOCAL_CFLAGS += -DCONFIG_AES256_ENCRYPTION
+endif
+
 ifneq ($(TARGET_EXFAT_DRIVER),)
   vold_cflags += -DCONFIG_EXFAT_DRIVER=\"$(TARGET_EXFAT_DRIVER)\"
   mini_src_files += fs/Exfat.cpp
diff --git a/cryptfs.cpp b/cryptfs.cpp
index f01929a..af65601 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -75,9 +75,22 @@ extern "C" {
 
 #define DM_CRYPT_BUF_SIZE 4096
 
+#ifdef CONFIG_AES256_ENCRYPTION
+#define HASH_COUNT 6000
+#define KEY_LEN_BYTES 32
+#define IV_LEN_BYTES 32
+#define RSA_KEY_SIZE 4096
+#else ifdef CONFIG_AES192_ENCRYPTION
+#define HASH_COUNT 6000
+#define KEY_LEN_BYTES 24
+#define IV_LEN_BYTES 24
+#define RSA_KEY_SIZE 4096
+#else
 #define HASH_COUNT 2000
 #define KEY_LEN_BYTES 16
 #define IV_LEN_BYTES 16
+#define RSA_KEY_SIZE 2048
+#endif
 
 #define KEY_IN_FOOTER  "footer"
 
@@ -93,7 +106,6 @@ extern "C" {
 
 #define TABLE_LOAD_RETRIES 10
 
-#define RSA_KEY_SIZE 2048
 #define RSA_KEY_SIZE_BYTES (RSA_KEY_SIZE / 8)
 #define RSA_EXPONENT 0x10001
 #define KEYMASTER_CRYPTFS_RATE_LIMIT 1  // Maximum one try per second
-- 
2.17.0