From 2e128fcbbdb9686b9595c9938e232b1369b681df Mon Sep 17 00:00:00 2001 From: Ann Priestman Date: Wed, 1 Nov 2017 13:19:42 -0400 Subject: [PATCH] Cleanup --- .../ingestmodule/IngestModule.java | 37 ------- .../HashDbImportDatabaseDialog.java | 17 +-- .../modules/hashdatabase/HashDbManager.java | 104 +----------------- .../HashLookupModuleSettingsPanel.java | 8 +- .../hashdatabase/HashLookupSettings.java | 6 +- .../ImportCentralRepoDbProgressDialog.java | 2 +- 6 files changed, 21 insertions(+), 153 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/centralrepository/ingestmodule/IngestModule.java b/Core/src/org/sleuthkit/autopsy/centralrepository/ingestmodule/IngestModule.java index 31d989d74a..30d374f133 100644 --- a/Core/src/org/sleuthkit/autopsy/centralrepository/ingestmodule/IngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/centralrepository/ingestmodule/IngestModule.java @@ -121,16 +121,6 @@ class IngestModule implements FileIngestModule { } } - // Make a TSK_HASHSET_HIT blackboard artifact for global notable files - try { - if (dbManager.isArtifactlKnownBadByReference(filesType, md5)) { - postCorrelatedHashHitToBlackboard(af); - } - } catch (EamDbException ex) { - LOGGER.log(Level.SEVERE, "Error retrieving global known status.", ex); // NON-NLS - return ProcessResult.ERROR; - } - try { CorrelationAttribute eamArtifact = new CorrelationAttribute(filesType, md5); CorrelationAttributeInstance cefi = new CorrelationAttributeInstance( @@ -307,33 +297,6 @@ class IngestModule implements FileIngestModule { } } - private void postCorrelatedHashHitToBlackboard(AbstractFile abstractFile) { - try { - String MODULE_NAME = IngestModuleFactory.getModuleName(); - BlackboardArtifact tifArtifact = abstractFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT); - BlackboardAttribute att = new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME, MODULE_NAME, - Bundle.IngestModule_prevCaseComment_text()); - tifArtifact.addAttribute(att); - - try { - // index the artifact for keyword search - blackboard.indexArtifact(tifArtifact); - } catch (Blackboard.BlackboardException ex) { - LOGGER.log(Level.SEVERE, "Unable to index blackboard artifact " + tifArtifact.getArtifactID(), ex); //NON-NLS - } - - // send inbox message - sendBadFileInboxMessage(tifArtifact, abstractFile.getName(), abstractFile.getMd5Hash()); - - // fire event to notify UI of this new artifact - services.fireModuleDataEvent(new ModuleDataEvent(MODULE_NAME, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT)); - } catch (TskCoreException ex) { - LOGGER.log(Level.SEVERE, "Failed to create BlackboardArtifact.", ex); // NON-NLS - } catch (IllegalStateException ex) { - LOGGER.log(Level.SEVERE, "Failed to create BlackboardAttribute.", ex); // NON-NLS - } - } - /** * Post a message to the ingest inbox alerting the user that a bad file was * found. diff --git a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbImportDatabaseDialog.java b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbImportDatabaseDialog.java index 6e208a9475..7f243b7bc6 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbImportDatabaseDialog.java +++ b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbImportDatabaseDialog.java @@ -37,6 +37,7 @@ import org.sleuthkit.autopsy.centralrepository.datamodel.EamDb; import org.sleuthkit.autopsy.centralrepository.datamodel.EamDbException; import org.sleuthkit.autopsy.centralrepository.datamodel.EamOrganization; import org.sleuthkit.autopsy.centralrepository.optionspanel.AddNewOrganizationDialog; +import org.sleuthkit.autopsy.centralrepository.optionspanel.ManageOrganizationsDialog; import org.sleuthkit.autopsy.coreutils.Logger; import org.sleuthkit.autopsy.coreutils.ModuleSettings; import org.sleuthkit.autopsy.coreutils.PlatformUtil; @@ -127,6 +128,7 @@ final class HashDbImportDatabaseDialog extends javax.swing.JDialog { readOnlyCheckbox.setEnabled(! isFileType); } + @NbBundle.Messages({"HashDbImportDatabaseDialog.populateOrgsError.message=Failure loading organizations."}) private void populateCombobox() { orgComboBox.removeAllItems(); try { @@ -139,8 +141,8 @@ final class HashDbImportDatabaseDialog extends javax.swing.JDialog { selectedOrg = orgs.get(0); } } catch (EamDbException ex) { - ex.printStackTrace(); - //LOGGER.log(Level.SEVERE, "Failure populating combobox with organizations.", ex); + JOptionPane.showMessageDialog(null, Bundle.HashDbImportDatabaseDialog_populateOrgsError_message()); + Logger.getLogger(ImportCentralRepoDbProgressDialog.class.getName()).log(Level.SEVERE, "Failure loading organizations", ex); } } @@ -530,18 +532,19 @@ final class HashDbImportDatabaseDialog extends javax.swing.JDialog { }//GEN-LAST:event_centralRepoRadioButtonActionPerformed private void orgButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_orgButtonActionPerformed - AddNewOrganizationDialog dialogO = new AddNewOrganizationDialog(); + ManageOrganizationsDialog dialog = new ManageOrganizationsDialog(); // update the combobox options - if (dialogO.isChanged()) { + if (dialog.isChanged()) { populateCombobox(); } }//GEN-LAST:event_orgButtonActionPerformed private void orgComboBoxActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_orgComboBoxActionPerformed - JComboBox cb = (JComboBox)evt.getSource(); - String orgName = (String)cb.getSelectedItem(); - if (null == orgName) return; + //JComboBox cb = (JComboBox)evt.getSource(); + //String orgName = (String)cb.getSelectedItem(); + if (null == orgComboBox.getSelectedItem()) return; + String orgName = this.orgComboBox.getSelectedItem().toString(); for (EamOrganization org : orgs) { if (org.getName().equals(orgName)) { selectedOrg = org; diff --git a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbManager.java b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbManager.java index 1b448e43e5..7247bf685a 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbManager.java +++ b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbManager.java @@ -246,16 +246,6 @@ public class HashDbManager implements PropertyChangeListener { return hashDb; } - static HashDatabase convertHashDbInfo(HashDbInfo info, int handle) throws TskCoreException{ - if(info.isFileDatabaseType()){ - return new HashDb(handle, info.getHashSetName(), info.getSearchDuringIngest(), info.getSendIngestMessages(), - info.getKnownFilesType()); - } else if(info.isCentralRepoDatabaseType()){ - throw new TskCoreException("Not implemented yet"); - } - throw new TskCoreException("Invalid database type in HashDbInfo"); - } - private HashDb addFileTypeHashDatabase(int handle, String hashSetName, boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType) throws TskCoreException { // Wrap an object around the handle. HashDb hashDb = new HashDb(handle, hashSetName, searchDuringIngest, sendIngestMessages, knownFilesType); @@ -322,93 +312,6 @@ public class HashDbManager implements PropertyChangeListener { return db; } - /* - public CentralRepoHashDb importCentralRepoHashSet(String hashSetName, String version, int orgId, - boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType, - String importFile) throws TskCoreException { - - int crIndex; - - try{ - // Create an empty hashset in the central repository - crIndex = EamDb.getInstance().newReferenceSet(orgId, hashSetName, version); - } catch (EamDbException ex){ - throw new TskCoreException(ex.getLocalizedMessage()); - } - - try{ - // Import the hashes - - TskData.FileKnown knownStatus; - if (knownFilesType.equals(HashDb.KnownFilesType.KNOWN)) { - knownStatus = TskData.FileKnown.KNOWN; - } else { - knownStatus = TskData.FileKnown.BAD; - } - - // Future, make UI handle more than the "FILES" type. - - EamDb dbManager = EamDb.getInstance(); - CorrelationAttribute.Type contentType = dbManager.getCorrelationTypeById(CorrelationAttribute.FILES_TYPE_ID); // get "FILES" type - BufferedReader reader = new BufferedReader(new FileReader(importFile)); - String line; - Set globalInstances = new HashSet<>(); - - long totalLines = Files.lines(new File(importFile).toPath()).count(); - - int numLines = 0; - while ((line = reader.readLine()) != null) { - - String[] parts = line.split("\\|"); - - // Header lines start with a 41 character dummy hash, 1 character longer than a SHA-1 hash - if (parts.length != 2 || parts[0].length() == 41) { - continue; - } - - EamGlobalFileInstance eamGlobalFileInstance = new EamGlobalFileInstance( - crIndex, - parts[0].toLowerCase(), - knownStatus, - ""); - - globalInstances.add(eamGlobalFileInstance); - - if(numLines % 1000 == 0){ - dbManager.bulkInsertReferenceTypeEntries(globalInstances, contentType); - globalInstances.clear(); - } - } - - dbManager.bulkInsertReferenceTypeEntries(globalInstances, contentType); - - // this should wait until after init - CentralRepoHashDb hashDb = new CentralRepoHashDb(hashSetName, version, crIndex, - searchDuringIngest, sendIngestMessages, knownFilesType); - - // Add the hash database to the collection - hashSets.add(hashDb); - - - - // Let any external listeners know that there's a new set - try { - changeSupport.firePropertyChange(SetEvt.DB_ADDED.toString(), null, hashSetName); - } catch (Exception e) { - logger.log(Level.SEVERE, "HashDbManager listener threw exception", e); //NON-NLS - MessageNotifyUtil.Notify.show( - NbBundle.getMessage(this.getClass(), "HashDbManager.moduleErr"), - NbBundle.getMessage(this.getClass(), "HashDbManager.moduleErrorListeningToUpdatesMsg"), - MessageNotifyUtil.MessageType.ERROR); - } - return hashDb; - - } catch (Exception ex){ - // TODO - ex.printStackTrace(); - throw new TskCoreException(ex.getLocalizedMessage()); - } - }*/ synchronized void indexHashDatabase(HashDb hashDb) { hashDb.addPropertyChangeListener(this); @@ -668,7 +571,7 @@ public class HashDbManager implements PropertyChangeListener { globalSet.getGlobalSetID(), globalSet.getKnownStatus(), globalSet.isReadOnly(), false, sendIngestMessages)); } } catch (EamDbException ex){ - ex.printStackTrace(); + Logger.getLogger(HashDbManager.class.getName()).log(Level.SEVERE, "Error loading central repository hash sets", ex); //NON-NLS } } return crHashSets; @@ -1486,14 +1389,15 @@ public class HashDbManager implements PropertyChangeListener { * @throws TskCoreException */ @Override - public boolean isValid() throws TskCoreException { + public boolean isValid() { if(! EamDb.isEnabled()) { return false; } try{ return EamDb.getInstance().referenceSetIsValid(this.centralRepoIndex, this.hashSetName, this.version); } catch (EamDbException ex){ - throw new TskCoreException(ex.getLocalizedMessage()); + Logger.getLogger(CentralRepoHashDb.class.getName()).log(Level.SEVERE, "Error validating hash database " + hashSetName, ex); //NON-NLS + return false; } } diff --git a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupModuleSettingsPanel.java b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupModuleSettingsPanel.java index 517640f487..1e83fb77c6 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupModuleSettingsPanel.java +++ b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupModuleSettingsPanel.java @@ -174,13 +174,13 @@ public final class HashLookupModuleSettingsPanel extends IngestModuleIngestJobSe } private boolean isHashDbValid(HashDatabase hashDb) { - boolean indexed = false; + boolean isValid = false; try { - indexed = hashDb.isValid(); + isValid = hashDb.isValid(); } catch (TskCoreException ex) { - Logger.getLogger(HashLookupModuleSettingsPanel.class.getName()).log(Level.SEVERE, "Error getting indexed status info for hash set (name = " + hashDb.getHashSetName() + ")", ex); //NON-NLS + Logger.getLogger(HashLookupModuleSettingsPanel.class.getName()).log(Level.SEVERE, "Error checking validity for hash set (name = " + hashDb.getHashSetName() + ")", ex); //NON-NLS } - return indexed; + return isValid; } private static final class HashSetModel { diff --git a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupSettings.java b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupSettings.java index 8a99f5778a..84f3bd744c 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupSettings.java +++ b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupSettings.java @@ -358,7 +358,7 @@ final class HashLookupSettings implements Serializable { } else { this.path = fileTypeDb.getDatabasePath(); } - } else {// if(db instanceof HashDbManager.CentralRepoHashDb){ + } else { HashDbManager.CentralRepoHashDb centralRepoDb = (HashDbManager.CentralRepoHashDb)db; this.hashSetName = centralRepoDb.getHashSetName(); this.version = centralRepoDb.getVersion(); @@ -369,9 +369,7 @@ final class HashLookupSettings implements Serializable { this.path = ""; this.centralRepoIndex = centralRepoDb.getCentralRepoIndex(); this.dbType = DatabaseType.CENTRAL_REPOSITORY; - } //else { - // throw new TskCoreException("Unknown hash database type"); - //} + } } /** diff --git a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/ImportCentralRepoDbProgressDialog.java b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/ImportCentralRepoDbProgressDialog.java index 1284263b65..597cb8c39d 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/ImportCentralRepoDbProgressDialog.java +++ b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/ImportCentralRepoDbProgressDialog.java @@ -172,7 +172,7 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P */ final long getEstimatedTotalHashes(){ long fileSize = importFile.length(); - return (fileSize / 0x33); // IDX file lines are generally 0x33 bytes long + return (fileSize / 0x33 + 1); // IDX file lines are generally 0x33 bytes long, and we don't want this to be zero } @Override