c-aff4

The Advanced Forensics File Format 4 (AFF4) is an open-source format specifically designed for the storage of digital evidence and data. This format allows for effective management and preservation of forensic information.

This project implements a C/C++ library designed for creating, reading, and manipulating AFF4 images. It also includes the canonical aff4imager binary, which serves as a versatile standalone imaging tool.

The library and binary are confirmed to function on Linux, Windows, and OSX.

It supports reading and writing ZipFile-style volumes, Directory-style volumes, and AFF4 Image streams. This functionality utilizes either the deflate or snappy compression methods.

It also supports multi-threaded imaging, allowing for efficient utilization on multi-core systems.

However, it does not currently implement Section 6 of the standard, which includes the processes for verifying or generating linear or block hashes.