I don't know of any GUI solutions that fit your needs but can share something about working CLI solutions.
DISK ENCRYPTION:
external microSD card is not merged with the internal storage
You are talking about Android's Adoptable Storage. Actually it's not merged (like in case of LVM), it's just decrypted and mounted as a separate filesystem. Android starts emulating /sdcard from /mnt/expand/[UUID] which otherwise is from /data/media/. Additionally some apps are also movable to this newly adopted storage. In case of FDE (based on dm-crypt), key is stored at /data/misc/vold/expand_*.key, which can be used to mount the SD card on any OS running Linux kernel (including Android). All that you need is dmsetup. See this answer for details.
content of an encrypted microSD card can be viewed in another Android device and Windows/Linux PC
In case of Adaptable Storage you can backup the master key to some safe location so that it could possibly be used in case device is wiped or no more bootable. Or if you don't want to go with Android's native encryption, you can manually setup dm-crypt FDE (plain / LUKS) on SD card using cryptsetup.
FILESYSTEM ENCRYPTION:
Recent versions of Android mostly use FBE which is based on Linux filesystem-level encryption (for ext4 and f2fs). It doesn't use a single key, instead the master key generates per file keys on the go. On Android encrypted master keys are saved to /data/misc/vold/user_keys/. Device Encrypted (DE) and Credential Encrypted (CE) storages make it further complicated. Also FBE with Adoptable Storage doesn't work on Nougat and Oreo, and doesn't look very stable on Pie. So it's not a very reliable option at the moment.
It's also possible to manually setup FBE using fscrypt (or e4crypt/f2fscrypt) tool provided that your kernel supports it. But again there are multiple issues with the implementation in userspace as well as in kernel space particularly related to key management. So it's again not a very feasible option.
fscrypt is most probably going to replace ecryptfs; another Linux kernel's native feature. It's a stacked filesystem which can encrypt any other filesystem. But fscrypt (per-file encryption) “is more memory efficient since it avoids caching the encrypted and decrypted pages in the page cacheâ€. You can use ecryptfs too on Android if kernel is built with CONFIG_ECRYPT_FS.
FUSE-BASED ENCRYPTION:
All of the options discussed above are native to Linux kernel, so won't (or at least very badly) work on Windows (sorry I have no experience with Mac). However you can go for FUSE-based solutions which have more or less support on Windows as well. E.g. encfs and gocryptfs are stackable cryptographic filesystems; more useful in situations like incremental backups.
If you want to stick with veracrypt, that also works perfect, performs even better than on Windows if combined with dmsetup to make use of Linux kernel's native cryptographic services.
Another FUSE-based solution dislocker can decrypt Bitlocker. But FUSE over FUSE may exert performance penalty, so should be avoided with right choice of filesystem drivers.
encrypted external microSD is mounted upon booting automatically
You won't find an option with graceful GUI interactions to enter a password upon booting because unlike Linux there is no terminal login or crypttab or PAM. User interaction is only possible by developing an auto-starting app, which won't be up before zygote/system_server and all (native / Java) services are fully running. Or you may try to hack Android framework's SystemUI package to get the same credentials asked through UI (in case of FDE/FBE).
A simple approach would be to put an init.d script or create an init service. This should work with any of the methods described above. This answer can be helpful. I have been using EncFS to extend my external storage on K and L devices (details here). SD card was mounted by an init service, password was saved to /data partition which was in turn FDE encrypted.
NOTES:
- Encryption methods described above cover all commonly used filesystems including
FAT, exFAT, NTFS, ext4, f2fs etc.
- If not using Adoptable Storage, better create two partitions on SD card to let
vold service mount first partition on boot. First partition can be of a few hundreds of MBs. Use second partition for encryption.
- Command line applications used for encryption are available here for Android.
RELATED: