ARJ TECHNICAL INFORMATION April 1993 ** IMPORTANT NEWS **************************************************** Some archiver support programs have incorporated ARJ archive identification schemes that are not reliable. At ARJ 2.39 and above, there are now two versions of the large self-extraction module. The 17K byte ARJSFX module supports ARJ-SECURITY. The standard 15K byte ARJSFX module does NOT support ARJ-SECURITY. For the first time, the ARJ-SECURITY fields in the main ARJ header are publicly defined. ARJ has used the same ARJ archive identification scheme since ARJ 1.0. The following is the algorithm: (1) find the ARJ header id bytes 0x60, 0xEA, (2) read the next two bytes as the header record size in bytes, (3) if the record size is greater than 2600, go back to the header id file position, increment the file position, and go back to step (1), (4) read the header record based upon the previous byte count, (5) calculate the 32 bit CRC of the header record data, (6) read the next four bytes as the actual header record CRC, (7) if the actual CRC does not equal the calculated CRC, go back to the header id file position, increment the file position, and go back to step (1). This algorithm is fully demonstrated in the UNARJ C source code. When using listfiles with ARJ, ARJ support programs should use the "-p" option to ensure that ARJ will only extract the selected files from an ARJ archive. This is important for ARJ archives that have pathname information stored. There is an extended header bug in older versions of ARJ, AV.C and UNARJ.C. The extended header processing in read_header() should skip 4 bytes for the extended header CRC and not 2. This is NOT a current problem as no versions of ARJ use the extended header. ********************************************************************** Modification history: Date Description of modification: -------- ------------------------------------------------------------ 02/17/93 Added description of ARJ security fields. Added archive date-modified field. 12/03/91 Added BACKUP flag to header arj flags. 11/21/91 Described the two types of headers separately. 11/11/91 Added information about the change in text mode processing. 06/28/91 Added several new HOST OS numbers. 05/19/91 Improved the description of extended header processing. 05/11/91 Simplified this document. Added volume label type. 03/11/91 Added directory file type. 02/23/91 Added more comments. 01/10/91 Corrected timestamp description and header order of file mode. 10/30/90 Corrected values of flags in ARJ flags. ARJ archives contains two types of header blocks: Archive main header - This is located at the head of the archive Local file header - This is located before each archived file Structure of main header (low order byte first): Bytes Description ----- ------------------------------------------------------------------- 2 header id (main and local file) = 0x60 0xEA 2 basic header size (from 'first_hdr_size' thru 'comment' below) = first_hdr_size + strlen(filename) + 1 + strlen(comment) + 1 = 0 if end of archive maximum header size is 2600 1 first_hdr_size (size up to and including 'extra data') 1 archiver version number 1 minimum archiver version to extract 1 host OS (0 = MSDOS, 1 = PRIMOS, 2 = UNIX, 3 = AMIGA, 4 = MAC-OS) (5 = OS/2, 6 = APPLE GS, 7 = ATARI ST, 8 = NEXT) (9 = VAX VMS) 1 arj flags (0x01 = NOT USED) (0x02 = OLD_SECURED_FLAG) (0x04 = VOLUME_FLAG) indicates presence of succeeding volume (0x08 = NOT USED) (0x10 = PATHSYM_FLAG) indicates archive name translated ("\" changed to "/") (0x20 = BACKUP_FLAG) indicates backup type archive (0x40 = SECURED_FLAG) 1 security version (2 = current) 1 file type (must equal 2) 1 reserved 4 date time when original archive was created 4 date time when archive was last modified 4 archive size (currently used only for secured archives) 4 security envelope file position 2 filespec position in filename 2 length in bytes of security envelope data 2 (currently not used) ? (currently none) ? filename of archive when created (null-terminated string) ? archive comment (null-terminated string) 4 basic header CRC 2 1st extended header size (0 if none) ? 1st extended header (currently not used) 4 1st extended header's CRC (not present when 0 extended header size) Structure of local file header (low order byte first): Bytes Description ----- ------------------------------------------------------------------- 2 header id (main and local file) = 0x60 0xEA 2 basic header size (from 'first_hdr_size' thru 'comment' below) = first_hdr_size + strlen(filename) + 1 + strlen(comment) + 1 = 0 if end of archive maximum header size is 2600 1 first_hdr_size (size up to and including 'extra data') 1 archiver version number 1 minimum archiver version to extract 1 host OS (0 = MSDOS, 1 = PRIMOS, 2 = UNIX, 3 = AMIGA, 4 = MAC-OS) (5 = OS/2, 6 = APPLE GS, 7 = ATARI ST, 8 = NEXT) (9 = VAX VMS) 1 arj flags (0x01 = GARBLED_FLAG) indicates passworded file (0x02 = NOT USED) (0x04 = VOLUME_FLAG) indicates continued file to next volume (file is split) (0x08 = EXTFILE_FLAG) indicates file starting position field (for split files) (0x10 = PATHSYM_FLAG) indicates filename translated ("\" changed to "/") (0x20 = BACKUP_FLAG) indicates file marked as backup 1 method (0 = stored, 1 = compressed most ... 4 compressed fastest) 1 file type (0 = binary, 1 = 7-bit text) (3 = directory, 4 = volume label) 1 reserved 4 date time modified 4 compressed size 4 original size (this will be different for text mode compression) 4 original file's CRC 2 filespec position in filename 2 file access mode 2 host data (currently not used) ? extra data 4 bytes for extended file starting position when used (these bytes are present when EXTFILE_FLAG is set). 0 bytes otherwise. ? filename (null-terminated string) ? comment (null-terminated string) 4 basic header CRC 2 1st extended header size (0 if none) ? 1st extended header (currently not used) 4 1st extended header's CRC (not present when 0 extended header size) ... ? compressed file Time stamp format: 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 |<---- year-1980 --->|<- month ->|<--- day ---->| 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 |<--- hour --->|<---- minute --->|<- second/2 ->| Compression methods: ARJ methods 1 to 3 use Lempel-Ziv 77 sliding window with static Huffman encoding. ARJ method 4 uses Lempel-Ziv 77 sliding window with pointer/length unary encoding. There is one decoder for methods 1 to 3 and one decoder for method 4. Encryption technology: ARJ does NOT use DES encryption algorithms. It uses a combination of simple exclusive-or operations. Security Envelope technology: ARJ at 2.39 and above uses a new security envelope mechanism. To defend against brute force attacks on the envelope data, the new mechanism uses a 256 bit checksum and takes considerable time to "checksum" the entire contents of a secured archive. This checksum is completely unrelated to any ARJ header fields. The checksum data is appended to the ARJ archive after the end of archive marker. Deleting this checksum data will invalidate the security envelope. Text mode processing: As of ARJ 2.30 and UNARJ 2.30, files archived with the -t1 option will not have the 8th bit stripped unless the file is extracted to a different platform than the original one. Therefore, it is now possible to use ARJ to compress 8-bit text files in text mode and extract them back in 8-bit mode. end of document