NikitolProject/android-encrypted-archiver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: create milestone v1.1 roadmap (5 phases)

Browse Source
This commit is contained in:
NikitolProject
2026-02-25 04:10:09 +03:00
parent d787e05794
commit a716d09178
3 changed files with 135 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
.planning/ROADMAP.md
View File

@@ -1,8 +1,13 @@
# Roadmap: Encrypted Archive
## Milestones
- **v1.0 Core Archive** - Phases 1-6 (shipped 2026-02-25)
- **v1.1 Directory Support** - Phases 7-11 (in progress)
## Overview
Build a custom encrypted archive format that standard tools cannot recognize or extract. The format spec comes first (it governs all three implementations), then the Rust archiver with full crypto pipeline, then round-trip verification to catch format bugs early, then Kotlin decoder (primary extraction on Android), then shell decoder (busybox fallback), and finally obfuscation hardening to defeat binwalk/file/strings analysis.
Build a custom encrypted archive format that standard tools cannot recognize or extract. v1.0 delivered the complete pipeline: format spec, Rust archiver with crypto, round-trip tests, Kotlin decoder, shell decoder, and obfuscation hardening. v1.1 adds recursive directory archival with path preservation, Unix permissions, and empty directory support across all three decoders.
## Phases
@@ -12,6 +17,9 @@ Build a custom encrypted archive format that standard tools cannot recognize or
Decimal phases appear between their surrounding integers in numeric order.
<details>
<summary>v1.0 Core Archive (Phases 1-6) - SHIPPED 2026-02-25</summary>
- [x] **Phase 1: Format Specification** - Document the complete binary format before writing any code (completed 2026-02-24)
- [x] **Phase 2: Core Archiver** - Rust CLI that compresses, encrypts, and packs files into the custom format (completed 2026-02-24)
- [x] **Phase 3: Round-Trip Verification** - Rust unpack command + golden test vectors + unit tests proving byte-identical round-trips (completed 2026-02-24)
@@ -19,8 +27,21 @@ Decimal phases appear between their surrounding integers in numeric order.
- [x] **Phase 5: Shell Decoder** - Busybox shell script decoder using dd/xxd/openssl/gunzip (fallback extraction) (completed 2026-02-25)
- [x] **Phase 6: Obfuscation Hardening** - XOR-obfuscated headers, encrypted file table, decoy padding to defeat casual analysis (completed 2026-02-25)
</details>
### v1.1 Directory Support (In Progress)
- [ ] **Phase 7: Format Spec Update** - Extend FORMAT.md with entry type, permission bits, and relative path fields in TOC
- [ ] **Phase 8: Rust Directory Archiver** - Recursive directory traversal, path-preserving pack/unpack, empty dirs, and mode bits in Rust CLI
- [ ] **Phase 9: Kotlin Decoder Update** - Kotlin decoder parses new TOC, creates directory hierarchy, and sets permissions
- [ ] **Phase 10: Shell Decoder Update** - Shell decoder parses new TOC, mkdir -p for hierarchy, chmod for permissions
- [ ] **Phase 11: Directory Cross-Validation** - Round-trip tests with nested dirs, empty dirs, mode bits, and cross-decoder verification
## Phase Details
<details>
<summary>v1.0 Core Archive (Phases 1-6) - SHIPPED 2026-02-25</summary>
### Phase 1: Format Specification
**Goal**: A complete, unambiguous binary format document that all three implementations can build against
**Depends on**: Nothing (first phase)
@@ -33,7 +54,7 @@ Decimal phases appear between their surrounding integers in numeric order.
**Plans**: 1 plan
Plans:
- [ ] 01-01-PLAN.md -- Write complete binary format specification with byte-level field definitions, worked example, and shell reference appendix
- [x] 01-01-PLAN.md -- Write complete binary format specification with byte-level field definitions, worked example, and shell reference appendix
### Phase 2: Core Archiver
**Goal**: A working Rust CLI that takes input files and produces a valid encrypted archive
@@ -109,16 +130,80 @@ Plans:
- [x] 06-01-PLAN.md -- Rust archiver/unpacker obfuscation (XOR header + encrypted TOC + decoy padding + updated tests)
- [x] 06-02-PLAN.md -- Kotlin and Shell decoder obfuscation support + cross-validation tests
</details>
### Phase 7: Format Spec Update
**Goal**: FORMAT.md fully documents the v1.1 TOC entry layout with entry type, permission bits, and relative path semantics -- all three decoders can build against it
**Depends on**: Phase 6 (v1.0 complete)
**Requirements**: FMT-09, FMT-10, FMT-11, FMT-12
**Success Criteria** (what must be TRUE):
1. FORMAT.md defines the entry type field (1 byte) in TOC entries, distinguishing files from directories
2. FORMAT.md defines the Unix permissions field (2 bytes, u16 little-endian) in TOC entries with bit layout matching POSIX mode_t lower 12 bits
3. FORMAT.md specifies that entry names are relative paths using `/` as separator (e.g., `dir/subdir/file.txt`), replacing the previous filename-only convention
4. FORMAT.md includes an updated worked example showing a directory archive with at least one nested directory, one file, and one empty directory
**Plans**: TBD
### Phase 8: Rust Directory Archiver
**Goal**: `pack` accepts directories and recursively archives them with full path hierarchy and permissions; `unpack` restores the complete directory tree
**Depends on**: Phase 7
**Requirements**: DIR-01, DIR-02, DIR-03, DIR-04, DIR-05
**Success Criteria** (what must be TRUE):
1. Running `encrypted_archive pack mydir/ -o archive.bin` recursively includes all files and subdirectories, preserving relative paths from the given root
2. Running `encrypted_archive pack file.txt mydir/ another.apk -o archive.bin` handles mixed file and directory arguments in a single invocation
3. Empty directories within the input are stored as TOC entries of type "directory" with zero-length data and are recreated on unpack
4. Running `encrypted_archive unpack archive.bin -o output/` creates the full directory hierarchy and restores Unix mode bits (e.g., a file packed with 0755 is extracted with 0755)
5. Running `encrypted_archive inspect archive.bin` shows entry type (file/dir), relative paths, and permissions for each TOC entry
**Plans**: TBD
### Phase 9: Kotlin Decoder Update
**Goal**: Kotlin decoder extracts directory archives created by the updated Rust archiver, preserving hierarchy and permissions on Android
**Depends on**: Phase 8
**Requirements**: KOT-05, KOT-06, KOT-07
**Success Criteria** (what must be TRUE):
1. Kotlin decoder parses the updated TOC format including entry type and permission fields without errors
2. Kotlin decoder creates the full directory hierarchy (nested directories) before extracting files into them
3. Kotlin decoder restores permissions on extracted files and directories using File.setReadable/setWritable/setExecutable
4. Kotlin decoder handles empty directory entries by creating the directory without attempting to decrypt data
**Plans**: TBD
### Phase 10: Shell Decoder Update
**Goal**: Shell decoder extracts directory archives, creating hierarchy with mkdir -p and restoring permissions with chmod
**Depends on**: Phase 8
**Requirements**: SHL-04, SHL-05, SHL-06
**Success Criteria** (what must be TRUE):
1. Shell decoder parses the updated TOC format including entry type byte and permission field
2. Shell decoder uses `mkdir -p` to create the full directory hierarchy (including empty directories) before extracting files
3. Shell decoder applies `chmod` with the octal mode from the TOC to every extracted file and directory
4. Shell decoder handles entries with relative paths containing `/` separators correctly (no path traversal issues)
**Plans**: TBD
### Phase 11: Directory Cross-Validation
**Goal**: All three decoders produce identical output for directory archives, verified by automated tests covering edge cases
**Depends on**: Phase 9, Phase 10
**Requirements**: TST-04, TST-05, TST-06, TST-07
**Success Criteria** (what must be TRUE):
1. Round-trip test passes with 3+ levels of nested directories (e.g., `a/b/c/file.txt`) -- Rust pack then Rust unpack produces byte-identical files
2. Round-trip test passes with empty directories at multiple levels -- they exist in the unpacked output
3. Mode bits survive the round-trip: a file packed with mode 0755 is extracted with mode 0755; a file with 0644 is extracted with 0644
4. Cross-decoder test: archive created by Rust is extracted identically by Kotlin decoder and Shell decoder (same file contents, same directory structure)
**Plans**: TBD
## Progress
**Execution Order:**
Phases execute in numeric order: 1 -> 2 -> 3 -> 4 -> 5 -> 6
Phases execute in numeric order: 1 -> 2 -> 3 -> 4 -> 5 -> 6 -> 7 -> 8 -> 9 -> 10 -> 11
(Phases 9 and 10 can execute in parallel after Phase 8)
| Phase | Plans Complete | Status | Completed |
|-------|----------------|--------|-----------|
| 1. Format Specification | 1/1 | Complete | 2026-02-24 |
| 2. Core Archiver | 2/2 | Complete | 2026-02-24 |
| 3. Round-Trip Verification | 2/2 | Complete | 2026-02-24 |
| 4. Kotlin Decoder | 1/1 | Complete | 2026-02-24 |
| 5. Shell Decoder | 2/2 | Complete | 2026-02-24 |
| 6. Obfuscation Hardening | 2/2 | Complete | 2026-02-24 |
| Phase | Milestone | Plans Complete | Status | Completed |
|-------|-----------|----------------|--------|-----------|
| 1. Format Specification | v1.0 | 1/1 | Complete | 2026-02-24 |
| 2. Core Archiver | v1.0 | 2/2 | Complete | 2026-02-24 |
| 3. Round-Trip Verification | v1.0 | 2/2 | Complete | 2026-02-24 |
| 4. Kotlin Decoder | v1.0 | 1/1 | Complete | 2026-02-25 |
| 5. Shell Decoder | v1.0 | 2/2 | Complete | 2026-02-25 |
| 6. Obfuscation Hardening | v1.0 | 2/2 | Complete | 2026-02-25 |
| 7. Format Spec Update | v1.1 | 0/TBD | Not started | - |
| 8. Rust Directory Archiver | v1.1 | 0/TBD | Not started | - |
| 9. Kotlin Decoder Update | v1.1 | 0/TBD | Not started | - |
| 10. Shell Decoder Update | v1.1 | 0/TBD | Not started | - |
| 11. Directory Cross-Validation | v1.1 | 0/TBD | Not started | - |