From f6fe3912c693daba6eec99b9d8835dcd6b8760e1 Mon Sep 17 00:00:00 2001
From: Hardcore Sushi <hardcore.sushi@disroot.org>
Date: Tue, 31 Aug 2021 12:23:25 +0200
Subject: [PATCH] Add encrypted file layout table in README

---
 README.md | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
diff --git a/README.md b/README.md
index 40d529c..2276f02 100644
--- a/README.md
+++ b/README.md
@@ -154,6 +154,7 @@ let hmac = Hmac::new(
     blake2b, //hash function
 );
 hmac.update(random_salt);
+//integers are encoded in big-endian
 hmac.update(argon2_time_cost);
 hmac.update(argon2_memory_cost);
 hmac.update(argon2_parallelism);
@@ -182,6 +183,41 @@ Once the whole plaintext is encrypted, doby computes and appends the HMAC to the
 output.write(hmac.digest());
 ```
 
+So here is what an encrypted file layout looks like:
+
+<table>
+  <tr>
+    <th align="left">Magic bytes</th>
+    <td>4 bytes</td>
+  </tr>
+  <tr>
+    <th align="left">Salt</th>
+    <td>64 bytes</td>
+  </tr>
+  <tr>
+    <th align="left" rowspan="3">Argon2 parameters</th>
+    <td>Time cost: 4 bytes</td>
+  </tr>
+  <tr>
+    <td>Memory cost: 4 bytes</td>
+  </tr>
+  <tr>
+    <td>Parallelism cost: 1 byte</td>
+  </tr>
+  <tr>
+    <th align="left">Encryption cipher</th>
+    <td>1 byte</td>
+  </tr>
+  <tr>
+    <th align="left">Ciphertext</th>
+    <td>Exact same size as the plaintext</td>
+  </tr>
+  <tr>
+    <th align="left">HMAC</th>
+    <td>64 bytes</td>
+  </tr>
+</table>
+
 ### Decryption
 
 doby reads the public encryption values from the input header to get all parameters needed to re-derive the `master_key` from the password with Argon2.

Magic bytes	4 bytes
Salt	64 bytes
Argon2 parameters	Time cost: 4 bytes
	Memory cost: 4 bytes
	Parallelism cost: 1 byte
Encryption cipher	1 byte
Ciphertext	Exact same size as the plaintext
HMAC	64 bytes