make non-root mountable encrypted disk shares
Java C++ C Other
Latest commit 480b646 Jan 31, 2017 @eighthave eighthave compare-to-official-release checks the AAR now
But really, this should all be ported to diffoscope...
Failed to load latest commit information.
androidTest convert tests to JUnit4 exception catching Jan 18, 2017
external ship from android-database-sqlcipher-3.5.4.aar Dec 30, 2016
gradle/wrapper include gradle wrapper for CI builds Jan 18, 2017
jni statically link STLport into lib, sqlcipher no longer provides it Jan 31, 2017
res include empty res/ folder to make Eclipse/Android ADT happy Feb 17, 2015
src/info/guardianproject statically link STLport into lib, sqlcipher no longer provides it Jan 31, 2017
.classpath Eclipse ADT wants to update .classpath again... Aug 22, 2014
.cproject run ${ANDROID_NDK}/ndk-build as part of the Eclipse build process Sep 3, 2014
.gitignore convert gradle to modern NDK building Jan 18, 2017
.gitlab-ci.yml gitlab-ci: install Debian's libqt5widgets5 for emulator64-x86 Jan 18, 2017
.gitmodules remove defunct openssl git submodule Jan 18, 2017
.project run ${ANDROID_NDK}/ndk-build as part of the Eclipse build process Sep 3, 2014
AndroidManifest.xml build with NDK r13b, which has a min supported platform on android-9 Jan 17, 2017 add CHANGELOG for 0.4 release Jan 18, 2017
IOCipher.pom generate .pom file for maven repos like jCenter and mavenCentral Sep 18, 2015
LICENSE.txt add LGPLv3 license and explain the details of the licenses for all th… Mar 28, 2012 update build instructions in README Jan 18, 2017
build.gradle make gradle call `make -C external` for a complete build Jan 18, 2017
compare-to-official-release compare-to-official-release checks the AAR now Jan 31, 2017
custom_rules.xml set Java source and target to 1.6 (1.5 is deprecated) Jan 18, 2017
gradlew include gradle wrapper for CI builds Jan 18, 2017
gradlew.bat include gradle wrapper for CI builds Jan 18, 2017
lint.xml ignore AllowBackup lint warning, this is a library project Sep 3, 2014
make-release-build make-release-build: remove faketime, it just breaks ant Jan 18, 2017 build with NDK r13b, which has a min supported platform on android-9 Jan 17, 2017
setup-ant create standard ./setup-ant script Jan 16, 2017

IOCipher: Encrypted Virtual Disk

IOCipher is a virtual encrypted disk for apps without requiring the device to be rooted. It uses a clone of the standard API for working with files. Just password handling & opening the virtual disk are what stand between developers and fully encrypted file storage. It is based on libsqlfs and SQLCipher.

If you are using this in your app, we'd love to hear about it! Please send us an email at

Adding to your project

If you are using gradle, then add this to your project:

compile 'info.guardianproject.iocipher:IOCipherStandalone:0.4',

Apps that are also using SQLCipher-for-Android should use the version that only includes IOCipher itself. The standlone version includes and, and they will conflict with SQLCipher-for-Android. Then include this in your gradle:

compile 'info.guardianproject.iocipher:IOCipher:0.4'

Getting Supporting Libraries

IOCipher is built upon SQLCipher, which is required in order to use this library. You can get SQLCipher-for-Android here:

With gradle or Android Studio, you can get it from mavenCentral() or jcenter() by adding this to your gradle dependencies:

compile 'net.zetetic:android-database-sqlcipher:3.5.4'

Or via direct download, including PGP signature:

The releases should be signed by this key:

$ gpg --recv-keys D1FA3A2A97ED25C2
$ gpg --fingerprint
pub   4096R/97ED25C2 2014-04-22 [expires: 2017-04-21]
      Key fingerprint = D83F 5F9E B811 D6E6 B4A0  D9C5 D1FA 3A2A 97ED 25C2
uid                  Zetetic LLC <>
sub   3072R/67FD0322 2014-04-22 [expires: 2015-04-22]
sub   3072R/D4DFEDA7 2014-04-22 [expires: 2015-04-22]
sub   3072R/B1C49DF6 2014-04-22 [expires: 2015-04-22]


This app relies on OpenSSL libcrypto, sqlcipher, and libsqlfs, which are all "native" C code that needs to be built before working with the Java. First, make sure you have the build prerequisites:

apt-get install tcl libtool automake autoconf gawk libssl-dev

Point the build to where your Android SDK and NDK are installed, either by setting sdk.dir and ndk.dir in your or setting the environment variables:

export ANDROID_HOME=/opt/android-sdk export ANDROID_NDK_HOME=/opt/android-ndk

With gradle, just run gradle build and it will run all the steps.

Using ant, build everything like this:

git clone git submodule update --init --recursive ./setup-ant make -C external/ $ANDROID_NDK_HOME/ndk-build ant clean debug

The official releases are built using ant using a script that fully resets the git repo, then runs the whole build:


Building Native Bits for Eclipse

If you are using Eclipse with this library, you can have the NDK parts built as part of the Eclipse build process. You just need to set ANDROID_NDK in the "String Substitution" section of your Eclipse's workspace preferences.

Otherwise, you can build the native bits from the Terminal using:

make -C external ndk-build


When taken as a whole, this project is under the the LGPLv3 license since it is the only license that is compatible with the licenses of all the components. The source code for this comes from a few different places, so there are a number of licenses for different chunks.

  • Apache 2.0 (Android Internals): Much of the code here is taken from the Android internals, so it has an Apache 2.0 license.

  • OpenSSL License: It is linked to the OpenSSL that is provided with Android, so it should be covered under Android's handling of the advertisement clause.

  • LGPL 2.1 (libsqlfs)

  • BSD-style (sqlcipher)

We believe the LGPLv3 is compatible with all reasonable uses, including proprietary software, but let us know if it provides difficulties for you. For more info on how that works with Java, see:

Included shared library files

In external/libs are some binary .so files, these are all binaries pulled from other sources so that the C code can have something link against. comes from Android emulators. They are included here so that the C code can link against openssl's libcrypto, which Android includes but does not expose in the NDK. If you want to build this library from source, then do this:

git clone
cd openssl-android
ndk-build -j4

These shared libraries must not be included in any real app. Android provides /system/lib/ and you should get SQLCipher directly from the source, listed above.