General structure

The TeaSafe header and it following structure is composed of several byte sequences:

The first 8 IV bytes are used to salt the password hash generated during key generation. All 32 IV bytes are used as the IV in cipher initialization

The rounds variable, which is stored in a single byte, was used in legacy code whereby the cipher adopted was XTEA. Since XTEA is no longer used, this byte is basically obsolete and is just defaulted to '64'. It remains in place for both legacy considerations and in case XTEA or other ciphers requiring a 'number of rounds' parameter are future-introduced.

In a similar vein, the 'future' 6 bytes are there for future extensibility in case other parameters need to be header-encoded. Presently they are set to the same value as the cipher byte (but could in practice be set to any value).

The cipher byte -- since it is a single byte -- can encode a maximum of 256 values (i.e., 0 to 255). Presently, only six ciphers are supported by TeaSafe, hence in practice this value is only ever within the range [1-6]. A given integer is directly mapped to the cipher that will be used for encryption / decryption.

The encrypted password hash is used to check that the correct password was entered. If incorrect, the program can be terminated before attempting any decryption.