hardcoresushi
/
DroidFS
2
2
Fork 1
Code Issues 10 Pull Requests 2 Releases 23 Activity
DroidFS/BUILD.md

3.7 KiB
Raw Blame History

Introduction

DroidFS relies on modified versions of the original encrypted filesystems programs to open volumes. CryFS is written in C++ while gocryptfs is written in Go. Thus, building DroidFS requires the compilation of native code. However, for the sake of simplicity, the application has been designed in a modular way: you can build a version of DroidFS that supports both Gocryptfs and CryFS, or only one of the two.

Setup

Install required packages:

$ sudo apt-get install openjdk-11-jdk-headless build-essential pkg-config git gnupg2 wget apksigner

You also need to manually install the Android SDK and the Android Native Development Kit (NDK) (r23 versions are recommended).

If you want a support for Gocryptfs volumes, you must install Go and libssl:

$ sudo apt-get install golang-go libssl-dev

For CryFS support, you need Python:

$ sudo apt-get install python3

The code should be authenticated before being built. To verify the signatures, you will need my PGP key:

$ gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys AFE384344A45E13A

Fingerprint: B64E FE86 CEE1 D054 F082 1711 AFE3 8434 4A45 E13A
Email: Hardcore Sushi <hardcore.sushi@disroot.org>

Download sources

Download DroidFS source code:

$ git clone --depth=1 https://github.com/hardcore-sushi/DroidFS.git

Verify sources:

$ cd DroidFS
$ git verify-commit HEAD

Don't continue if the verification fails!

Initialize submodules:

$ git submodule update --depth=1 --init

FFmpeg is needed to record encrypted video:

$ cd app/ffmpeg
$ git clone --depth=1 https://git.ffmpeg.org/ffmpeg.git

If you want Gocryptfs support, you need to download OpenSSL:

$ cd ../libgocryptfs
$ wget https://www.openssl.org/source/openssl-1.1.1p.tar.gz

Verify OpenSSL signature:

$ wget https://www.openssl.org/source/openssl-1.1.1p.tar.gz.asc
$ gpg --verify openssl-1.1.1p.tar.gz.asc openssl-1.1.1p.tar.gz

Continue ONLY if the signature is VALID.

$ tar -xzf openssl-1.1.1p.tar.gz

If you want CryFS support, initialize libcryfs:

$ cd app/libcryfs
$ git submodule update --depth=1 --init

Build

Retrieve your Android NDK installation path, usually something like /home/\<user\>/Android/SDK/ndk/\<NDK version\>. Then, make it available in your shell:

$ export ANDROID_NDK_HOME="<your ndk path>"

Start by compiling FFmpeg:

$ cd app/ffmpeg
$ ./build.sh ffmpeg

libgocryptfs

This step is only required if you want Gocryptfs support.

$ cd app/libgocryptfs
$ OPENSSL_PATH="./openssl-1.1.1p" ./build.sh

Compile APKs

Gradle build libgocryptfs and libcryfs by default.

To build DroidFS without Gocryptfs support, run:

$ ./gradlew assembleRelease -PdisableGocryptfs=true

To build DroidFS without CryFS support, run:

$ ./gradlew assembleRelease -PdisableCryFS=true

If you want to build DroidFS with support for both Gocryptfs and CryFS, just run:

$ ./gradlew assembleRelease

Sign APKs

If the build succeeds, you will find the unsigned APKs in app/build/outputs/apk/release/. These APKs need to be signed in order to be installed on an Android device.

If you don't already have a keystore, you can create a new one by running:

$ keytool -genkey -keystore <output file> -alias <key alias> -keyalg EC -validity 10000

Then, sign the APK with:

$ apksigner sign --out droidfs.apk -v --ks <keystore> app/build/outputs/apk/release/<unsigned apk file>

Now you can install droidfs.apk on your device.