Remove hardcoded KEY constant and accept key via CLI arguments.
Add Argon2id KDF (Bouncy Castle) with parameters matching Rust impl,
salt reading for password-derived archives, and hex/key-file parsing.
- Pack signature accepts optional salt, writes 16-byte salt between header and TOC
- Set flags bit 4 and adjust toc_offset to 56 when salt present
- read_archive_metadata returns salt alongside header and TOC entries
- Add read_archive_salt() public helper for pre-unpack salt reading
- main.rs uses resolve_key_for_pack/resolve_key_for_unpack for two-phase password flow
- Add 5 new integration tests: password roundtrip, wrong password rejection,
salt flag presence, no-salt flag for key archives, directory password roundtrip
- All 52 tests pass (25 unit + 7 golden + 20 integration)
- Add argon2 0.5 and rpassword 7.4 dependencies
- Implement derive_key_from_password() using Argon2id with 16-byte salt
- Implement prompt_password() with optional confirmation for pack
- Add resolve_key_for_pack() (generates random salt) and resolve_key_for_unpack() (reads salt from archive)
- Add FLAG_KDF_SALT (bit 4), SALT_SIZE constant, read_salt/write_salt functions to format.rs
- Relax flags validation to allow bit 4 (bits 5-7 must be zero)
- Add hex dependency for --key hex decoding
- Add KeyArgs (--key, --key-file, --password) as clap arg group on top-level CLI
- Replace hardcoded KEY constant with resolve_key() supporting hex and file sources
- Refactor pack/unpack to require key parameter, inspect accepts optional key
- Wire CLI key resolution to archive functions in main.rs
- Inspect works without key (header only) or with key (full TOC listing)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Pack changes:
- Split into path-collection (sequential) + crypto-processing (parallel)
- Introduce CollectedEntry enum to separate directory walk from file processing
- process_file() now creates thread-local RNG instead of taking &mut Rng
- File entries processed via rayon into_par_iter(), preserving deterministic order
Unpack changes:
- Phase 1: Sequential read of all ciphertexts from archive (single file handle)
- Phase 2: Create all directories sequentially (parent-before-child ordering)
- Phase 3: Parallel verify/decrypt/decompress/write via rayon par_iter
- Phase 4: Sequential result reporting for deterministic output
- Collect results into Vec<UnpackResult> to avoid interleaved stdout/stderr
- Test 6: nested directory extraction (3+ levels deep, 4 files)
- Test 7: empty directory creation without decryption errors
- Test 8: mixed standalone files + directory pack/unpack
- All 5 original test cases preserved unchanged
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add entryType and permissions fields to TocEntry data class
- Parse entry_type (1 byte) and permissions (2 bytes LE) in parseTocEntry
- Update version check from 1 to 2 for v1.1 format
- Handle directory entries: create dirs without decryption
- Create parent directories for files with relative paths
- Add applyPermissions() using Java File API (owner vs everyone)
- Update entry size formula comment to 104 + name_length
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- test_roundtrip_directory: full directory tree with permissions verification
- test_roundtrip_mixed_files_and_dirs: mixed file + directory pack/unpack
- test_inspect_shows_directory_info: inspect output contains dir/file types and permissions
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Bump VERSION constant from 1 to 2
- Add entry_type (u8) and permissions (u16) fields to TocEntry struct
- Update write_toc_entry/read_toc_entry for new field order after name
- Update entry_size formula from 101 to 104 + name_length
- Update all unit tests for v1.1 layout (new fields, version 2, sizes)
- Add placeholder entry_type/permissions to archive.rs ProcessedFile for compilation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add XOR_KEY_HEX constant and hex_to_bin() helper (xxd + od fallback)
- Replace magic check with XOR bootstrapping: read 40 bytes, XOR if mismatch
- Write de-XORed header to temp file for field parsing
- Add TOC decryption via openssl enc when flags bit 1 is set
- Switch TOC parsing loop from $ARCHIVE to $TOC_FILE variable
- Update HMAC verification to construct IV from parsed hex (not archive position)
- All 7 cross-validation tests pass (Rust pack -> Shell decode -> SHA-256 match)
- Add XOR_KEY constant matching FORMAT.md Section 9.1
- Add xorHeader() function with signed byte masking (and 0xFF)
- Update decode() with XOR bootstrapping: check magic, XOR if mismatch
- Update decode() with TOC decryption: decrypt when flags bit 1 is set
- Backward compatible: plain headers and unencrypted TOC still work
- pack(): generate decoy padding (64-4096 random bytes per file)
- pack(): encrypt serialized TOC with AES-256-CBC using random toc_iv
- pack(): XOR header buffer before writing (8-byte cyclic key)
- pack(): set flags bits 1-3 (0x0E) for all obfuscation features
- unpack(): XOR bootstrapping via read_header_auto()
- unpack(): decrypt TOC when flags bit 1 is set
- inspect(): full de-obfuscation via shared read_archive_metadata()
- Factor out read_archive_metadata() helper for unpack/inspect reuse
- All existing tests pass (unit, golden, round-trip integration)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- 6 test cases: single text, multiple files, no-compress, empty, large file, Cyrillic filename
- Uses Rust archiver to create archives, sh decode.sh to extract, SHA-256 to verify
- Follows same pattern as kotlin/test_decoder.sh
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
