Compiling AFF4-CPP-Lite for Ubuntu 22.0.4
What is AFF4
The Advanced Forensics File format 4 was originally designed and published in “Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow” M.I. Cohen, Simson Garfinkel and Bradley Schatz, digital investigation 6 (2009) S57–S68.
The format is an open source format used for the storage of digital evidence and data.
The original paper was released with an earlier implementation written in python. This project is a complete open source re-implementation for a general purpose AFF4 library. ~ http://www2.aff4.org
Environment
Ubuntu 22.0.4 ARM distro
(optional) - I did this on an M1 Macbook and utilized docker for this distro. At the time of this writing (2023.02.23) this image (22.0.4) was simply invoked by:
docker pull ubuntu
Compile Walkthrough
Install the necessary* dependencies
*dependency list can be reduced (example: build-essential is too broad but includes gcc)
apt update apt install build-essential libsnappy-dev libssl-dev automake autoconf libtool zlib1g-dev libcppunit-dev libraptor2-dev liblz4-dev git
Clone the 'aff4-cpp-lite' repository from GitHub https://github.com/aff4
git clone https://github.com/aff4/aff4-cpp-lite.gitchange the directory to the 'aff4-cpp-lite' folder
cd aff4-cpp-lite
Build the source code
autoconf
autoreconf --install
./configure
make
make install
Compiled Tools
aff4-digest
aff4-extract
aff4-info