Skip to content

AAR (.aar)

.aar file signature | application/java-archive

AAR (Android Archive) is a package format used by Google’s Android ecosystem to distribute Android library modules. It is used by Android Studio and Gradle for sharing compiled code, resources, manifests, and assets between Android projects. Because it is based on the ZIP container, AAR files should be treated like other archives and opened only from trusted sources, although the format itself is generally considered safe.

Safe

Magic Bytes

Offset 0
50 4B 03 04

Sources: Wikipedia

All Known Signatures

3 signature variants are documented for .aar files across multiple sources.

Hex Signature Offset Sources
50 4B 03 04 0 Wikipedia
50 4B 05 06 0 Wikipedia
50 4B 07 08 0 Wikipedia

Extension

.aar

MIME Type

application/java-archive

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .aar files in Python

Python 
def is_aar(file_path: str) -> bool:
    """Check if file is a valid AAR by magic bytes."""
    signature = bytes([0x50, 0x4B, 0x03, 0x04])
    with open(file_path, "rb") as f:
        return f.read(4) == signature

How to validate .aar files in Node.js

Node.js 
function isAAR(buffer: Buffer): boolean {
  const signature = Buffer.from([0x50, 0x4B, 0x03, 0x04]);
  return buffer.subarray(0, 4).equals(signature);
}

How to validate .aar files in Go

Go 
func IsAAR(data []byte) bool {
    signature := []byte{0x50, 0x4B, 0x03, 0x04}
    if len(data) < 4 {
        return false
    }
    return bytes.Equal(data[:4], signature)
}

API Endpoint

GET /api/v1/aar
curl https://filesignature.org/api/v1/aar

See the full API documentation for all endpoints and parameters.

Related Formats

.jar .apk .class .dex

Frequently Asked Questions

What is a .aar file?

A .aar file is identified by the magic bytes 50 4B 03 04 at byte offset 0. AAR (Android Archive) is a package format used by Google’s Android ecosystem to distribute Android library modules. It is used by Android Studio and Gradle for sharing compiled code, resources, manifests, and assets between Android projects. Because it is based on the ZIP container, AAR files should be treated like other archives and opened only from trusted sources, although the format itself is generally considered safe.

What are the magic bytes for .aar files?

The magic bytes for AAR files are 50 4B 03 04 at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.

How do I validate a .aar file?

To validate a .aar file, read the first bytes of the file and compare them against the known magic bytes (50 4B 03 04) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.

What is the MIME type for .aar files?

The primary MIME type for .aar files is application/java-archive.

Is it safe to open .aar files?

AAR (.aar) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.