Apple Encrypted Archive is a proprietary archive format that can compress, encrypt, and/or sign a file.
Its magic number is the 4 ASCII characters "AEA1".
macOS Monterey ships an aea command line tool that can create and extract (decrypt) these archives (see aea manpage).
They can also be handled with public Swift API and private C API in libAppleArchive.dylib.
It's notably used since iOS 15 for signed .shortcut files created in Shortcuts.
Signed shortcuts are AEA files but they are actually not encrypted. The 32bit size for the AEA context can be found at location 0x8-0xB in the file, and the size plus 0x495c will be the starting location of an LZFSE compressed Apple Archive. (For an example of this, take a look at libshortcutsign's extract_aa_from_aea function. After decompression, the magic number is the 4 ASCII characters "AA01".
 | This software article is a stub. Please add more content to this article and remove this tag. |