Cryptomator offers multi-platform transparent client-side encryption of your files in the cloud.
Cryptomator for Android is currently available in the following distribution channels:
- Using Google Play
- Using Cryptomator's Website
- Using Cryptomator's F-Droid Repository
- Using F-Droid's Main Repository
- Building from source using Gradle (instructions below)
Building
Dependencies
- Git
- JDK 11
- Gradle
Run Git and Gradle
git submodule init && git submodule update // (not necessary if cloned using --recurse-submodules)
./gradlew assembleApkstoreDebug
Before connecting to Dropbox, OneDrive or pCloud you have to provide valid API keys using environment variables: For build type
- release:
DROPBOX_API_KEY
,ONEDRIVE_API_KEY
andONEDRIVE_API_REDIRCT_URI
orPCLOUD_CLIENT_ID
- debug:
DROPBOX_API_KEY_DEBUG
,ONEDRIVE_API_KEY_DEBUG
andONEDRIVE_API_REDIRCT_URI_DEBUG
orPCLOUD_CLIENT_ID_DEBUG
Before connecting to Google Drive you have to create a new project in Google Cloud Platform with Google Drive API, credentials including Google Drive scopes (read, write, delete,..) and the fingerprint of the key you use to build the app.
Reproducible Build Cryptomator Lite
Use the Docker image to verify the build of the 'lite' flavor:
- Clone this repository (don't forget
--recurse-submodules
) - Checkout the tag you want to build, e.g. 1.8.0
- Build the image using
docker build -t cryptomator-android .
in thebuildsystem/
directory - Build Cryptomator using
docker run --rm -u $(id -u):$(id -g) -v $(pwd):/project -w /project cryptomator-android ./gradlew clean assembleLiteRelease
in the root of this folder - Compare the build APK with the release version, using e.g.
apksigcopier compare --unsigned apk1 apk2
Verify downloaded APK
The published APKs are signed using a certificate with the following SHA-256 fingerprint f7c3ec3b0d588d3cb52983e9eb1a7421c93d4339a286398e71d7b651e8d8ecdd
You can verify the fingerprint of the signing key used e.g. with apksigner verify --print-certs Cryptomator.apk
, which should report
Signer #1 certificate DN: O=Skymatic, L=Bonn, ST=North Rhine-Westphalia, C=DE
Signer #1 certificate SHA-256 digest: f7c3ec3b0d588d3cb52983e9eb1a7421c93d4339a286398e71d7b651e8d8ecdd
Signer #1 certificate SHA-1 digest: fcc234014be39e980ebca5c477922f2312e80cdd
Signer #1 certificate MD5 digest: a34b0b5af30529bf5b096d0e00acefe2
Contributing to Cryptomator for Android
Please read our contribution guide, if you would like to report a bug, ask a question, translate the app or help us with coding.
Please make sure before creating a PR, to apply the code style by executing reformat code with optimize imports and rearrange code enabled. The best way to do this is to create a macro for it in android studio and set it to the save shortcut.
Code of Conduct
Help us keep Cryptomator open and inclusive. Please read and follow our Code of Conduct.
License
This project is dual-licensed under the GPLv3 for FOSS projects as well as a commercial license for independent software vendors and resellers. If you want to modify this application under different conditions, feel free to contact our support team.