mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-17 18:17:43 +00:00
Merge branch '3144_encaseHashes' into 3140b_importKdb
Conflicts: Core/src/org/sleuthkit/autopsy/modules/hashdatabase/ImportCentralRepoDbProgressDialog.java
This commit is contained in:
Ann Priestman
commit
7a4fd008c3
@ -31,6 +31,7 @@ import org.sleuthkit.datamodel.TskCoreException;
|
||||
* Parser for Encase format hash sets (*.hash)
|
||||
*/
|
||||
class EncaseHashSetParser implements HashSetParser {
|
||||
|
||||
private final byte[] encaseHeader = {(byte) 0x48, (byte) 0x41, (byte) 0x53, (byte) 0x48, (byte) 0x0d, (byte) 0x0a, (byte) 0xff, (byte) 0x00,
|
||||
(byte) 0x02, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00};
|
||||
private final String filename; // Name of the input file (saved for logging)
|
||||
@ -39,11 +40,12 @@ class EncaseHashSetParser implements HashSetParser {
|
||||
private int totalHashesRead = 0; // Number of hashes that have been read
|
||||
|
||||
/**
|
||||
* Opens the import file and parses the header.
|
||||
* If this is successful, the file will be set up to call getNextHash() to
|
||||
* read the hash values.
|
||||
* Opens the import file and parses the header. If this is successful, the
|
||||
* file will be set up to call getNextHash() to read the hash values.
|
||||
*
|
||||
* @param filename The Encase hash set
|
||||
* @throws TskCoreException There was an error opening/reading the file or it is not the correct format
|
||||
* @throws TskCoreException There was an error opening/reading the file or
|
||||
* it is not the correct format
|
||||
*/
|
||||
EncaseHashSetParser(String filename) throws TskCoreException {
|
||||
try {
|
||||
@ -77,7 +79,6 @@ class EncaseHashSetParser implements HashSetParser {
|
||||
readBuffer(typeBuffer, 0x28);
|
||||
|
||||
// At this point we're past the header and ready to read in the hashes
|
||||
|
||||
} catch (IOException ex) {
|
||||
close();
|
||||
throw new TskCoreException("Error reading " + filename, ex);
|
||||
@ -88,8 +89,9 @@ class EncaseHashSetParser implements HashSetParser {
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the expected number of hashes in the file.
|
||||
* This number can be an estimate.
|
||||
* Get the expected number of hashes in the file. This number can be an
|
||||
* estimate.
|
||||
*
|
||||
* @return The expected hash count
|
||||
*/
|
||||
@Override
|
||||
@ -99,6 +101,7 @@ class EncaseHashSetParser implements HashSetParser {
|
||||
|
||||
/**
|
||||
* Check if there are more hashes to read
|
||||
*
|
||||
* @return true if we've read all expected hash values, false otherwise
|
||||
*/
|
||||
@Override
|
||||
@ -108,7 +111,9 @@ class EncaseHashSetParser implements HashSetParser {
|
||||
|
||||
/**
|
||||
* Get the next hash to import
|
||||
* @return The hash as a string, or null if the end of file was reached without error
|
||||
*
|
||||
* @return The hash as a string, or null if the end of file was reached
|
||||
* without error
|
||||
* @throws TskCoreException
|
||||
*/
|
||||
@Override
|
||||
|
||||
@ -128,7 +128,6 @@ public final class HashLookupSettingsPanel extends IngestModuleGlobalSettingsPan
|
||||
hashDbReadOnlyLabel.setText(NO_SELECTION_TEXT);
|
||||
indexPathLabel.setText(NO_SELECTION_TEXT);
|
||||
|
||||
|
||||
// Update indexing components.
|
||||
hashDbIndexStatusLabel.setText(NO_SELECTION_TEXT);
|
||||
hashDbIndexStatusLabel.setForeground(Color.black);
|
||||
@ -303,6 +302,10 @@ public final class HashLookupSettingsPanel extends IngestModuleGlobalSettingsPan
|
||||
@Messages({"HashLookupSettingsPanel.saveFail.message=Couldn't save hash db settings.",
|
||||
"HashLookupSettingsPanel.saveFail.title=Save Fail"})
|
||||
public void saveSettings() {
|
||||
|
||||
// Clear out the list of unsaved hashes
|
||||
newReferenceSetIDs.clear();
|
||||
|
||||
//Checking for for any unindexed databases
|
||||
List<SleuthkitHashSet> unindexed = new ArrayList<>();
|
||||
for (HashDb db : hashSetManager.getAllHashSets()) {
|
||||
@ -335,7 +338,6 @@ public final class HashLookupSettingsPanel extends IngestModuleGlobalSettingsPan
|
||||
} else {
|
||||
try {
|
||||
hashSetManager.save();
|
||||
newReferenceSetIDs.clear();
|
||||
} catch (HashDbManager.HashDbManagerException ex) {
|
||||
SwingUtilities.invokeLater(() -> {
|
||||
JOptionPane.showMessageDialog(null, Bundle.HashLookupSettingsPanel_saveFail_message(), Bundle.HashLookupSettingsPanel_saveFail_title(), JOptionPane.ERROR_MESSAGE);
|
||||
|
||||
@ -24,20 +24,24 @@ interface HashSetParser {
|
||||
|
||||
/**
|
||||
* Get the next hash to import
|
||||
* @return The hash as a string, or null if the end of file was reached without error
|
||||
*
|
||||
* @return The hash as a string, or null if the end of file was reached
|
||||
* without error
|
||||
* @throws TskCoreException
|
||||
*/
|
||||
String getNextHash() throws TskCoreException;
|
||||
|
||||
/**
|
||||
* Check if there are more hashes to read
|
||||
*
|
||||
* @return true if we've read all expected hash values, false otherwise
|
||||
*/
|
||||
boolean doneReading();
|
||||
|
||||
/**
|
||||
* Get the expected number of hashes in the file.
|
||||
* This number can be an estimate.
|
||||
* Get the expected number of hashes in the file. This number can be an
|
||||
* estimate.
|
||||
*
|
||||
* @return The expected hash count
|
||||
*/
|
||||
long getExpectedHashCount();
|
||||
|
||||
@ -31,6 +31,7 @@ import org.sleuthkit.datamodel.TskCoreException;
|
||||
* Parser for idx files (*.idx)
|
||||
*/
|
||||
class IdxHashSetParser implements HashSetParser {
|
||||
|
||||
private final String filename; // Name of the input file (saved for logging)
|
||||
private BufferedReader reader; // Input file
|
||||
private final long totalHashes; // Estimated number of hashes
|
||||
@ -52,7 +53,9 @@ class IdxHashSetParser implements HashSetParser {
|
||||
|
||||
/**
|
||||
* Get the next hash to import
|
||||
* @return The hash as a string, or null if the end of file was reached without error
|
||||
*
|
||||
* @return The hash as a string, or null if the end of file was reached
|
||||
* without error
|
||||
* @throws TskCoreException
|
||||
*/
|
||||
@Override
|
||||
@ -82,6 +85,7 @@ class IdxHashSetParser implements HashSetParser {
|
||||
|
||||
/**
|
||||
* Check if there are more hashes to read
|
||||
*
|
||||
* @return true if we've read all expected hash values, false otherwise
|
||||
*/
|
||||
@Override
|
||||
@ -90,8 +94,9 @@ class IdxHashSetParser implements HashSetParser {
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the expected number of hashes in the file.
|
||||
* This number can be an estimate.
|
||||
* Get the expected number of hashes in the file. This number can be an
|
||||
* estimate.
|
||||
*
|
||||
* @return The expected hash count
|
||||
*/
|
||||
@Override
|
||||
|
||||
@ -49,8 +49,7 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
|
||||
private CentralRepoImportWorker worker; // Swing worker that will import the file and send updates to the dialog
|
||||
|
||||
@NbBundle.Messages({"ImportCentralRepoDbProgressDialog.title.text=Central Repository Import Progress",
|
||||
})
|
||||
@NbBundle.Messages({"ImportCentralRepoDbProgressDialog.title.text=Central Repository Import Progress",})
|
||||
ImportCentralRepoDbProgressDialog() {
|
||||
super((JFrame) WindowManager.getDefault().getMainWindow(),
|
||||
Bundle.ImportCentralRepoDbProgressDialog_title_text(),
|
||||
@ -68,8 +67,9 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
}
|
||||
|
||||
/**
|
||||
* Import the selected hash set into the central repository.
|
||||
* Will bring up a progress dialog while the import is in progress.
|
||||
* Import the selected hash set into the central repository. Will bring up a
|
||||
* progress dialog while the import is in progress.
|
||||
*
|
||||
* @param hashSetName
|
||||
* @param version
|
||||
* @param orgId
|
||||
@ -93,8 +93,9 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the HashDb object for the newly imported data.
|
||||
* Should be called after importFile completes.
|
||||
* Get the HashDb object for the newly imported data. Should be called after
|
||||
* importFile completes.
|
||||
*
|
||||
* @return The new HashDb object or null if the import failed/was canceled
|
||||
*/
|
||||
HashDbManager.HashDb getDatabase() {
|
||||
@ -104,11 +105,10 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Updates the dialog from events from the worker.
|
||||
* The two events we handle are progress updates and
|
||||
* the done event.
|
||||
* Updates the dialog from events from the worker. The two events we handle
|
||||
* are progress updates and the done event.
|
||||
*
|
||||
* @param evt
|
||||
*/
|
||||
@NbBundle.Messages({"ImportCentralRepoDbProgressDialog.errorParsingFile.message=Error parsing hash set file"})
|
||||
@ -147,6 +147,7 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
}
|
||||
|
||||
private class CentralRepoImportWorker extends SwingWorker<Void, Void> {
|
||||
|
||||
private final int HASH_IMPORT_THRESHOLD = 10000;
|
||||
private final String hashSetName;
|
||||
private final String version;
|
||||
@ -180,7 +181,9 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
|
||||
/**
|
||||
* Get the newly created database
|
||||
* @return the imported database. May be null if an error occurred or the user canceled
|
||||
*
|
||||
* @return the imported database. May be null if an error occurred or
|
||||
* the user canceled
|
||||
*/
|
||||
synchronized HashDbManager.CentralRepoHashSet getDatabase() {
|
||||
return newHashDb;
|
||||
@ -188,6 +191,7 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
|
||||
/**
|
||||
* Get the number of hashes that have been read in so far
|
||||
*
|
||||
* @return current hash count
|
||||
*/
|
||||
long getNumHashesProcessed() {
|
||||
@ -196,7 +200,9 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
|
||||
/**
|
||||
* Check if the import was successful or if there was an error.
|
||||
* @return true if the import process completed without error, false otherwise
|
||||
*
|
||||
* @return true if the import process completed without error, false
|
||||
* otherwise
|
||||
*/
|
||||
boolean getImportSuccess() {
|
||||
return importSuccess.get();
|
||||
@ -213,10 +219,14 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
||||
hashSetParser = new EncaseHashSetParser(importFileName);
|
||||
} else if(importFileName.toLowerCase().endsWith(".kdb")){
|
||||
hashSetParser = new KdbHashSetParser(importFileName);
|
||||
} else {
|
||||
if (importFileName.toLowerCase().endsWith(".hash")) {
|
||||
hashSetParser = new EncaseHashSetParser(importFileName);
|
||||
} else {
|
||||
// We've gotten here with a format that can't be processed
|
||||
throw new TskCoreException("Hash set to import is an unknown format : " + importFileName);
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
// Conver to the FileKnown enum used by EamGlobalSet
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user