3752 clean up - make comments and names more accurate

Core/src/org/sleuthkit/autopsy/modules/encryptiondetection/EncryptionDetectionDataSourceIngestModule.java

@@ -42,10 +42,7 @@ import org.sleuthkit.datamodel.Volume;
 import org.sleuthkit.datamodel.VolumeSystem;
 
 /**
- * Sample data source ingest module that doesn't do much. Demonstrates per
+ * Data source module to detect encryption.
- * ingest job module settings, checking for job cancellation, updating the
- * DataSourceIngestModuleProgress object, and use of a subset of the available
- * ingest services.
  */
 class EncryptionDetectionDataSourceIngestModule implements DataSourceIngestModule {
 
@@ -55,7 +52,13 @@ class EncryptionDetectionDataSourceIngestModule implements DataSourceIngestModul
     private double calculatedEntropy;
 
     private final double minimumEntropy;
-
+    
+    /**
+     * Create a EncryptionDetectionDataSourceIngestModule object that will detect
+     * volumes that are encrypted and create blackboard artifacts as appropriate.
+     * The supplied EncryptionDetectionIngestJobSettings object is used to
+     * configure the module.
+     */
     EncryptionDetectionDataSourceIngestModule(EncryptionDetectionIngestJobSettings settings) {
         minimumEntropy = settings.getMinimumEntropy();
     }
@@ -80,7 +83,7 @@ class EncryptionDetectionDataSourceIngestModule implements DataSourceIngestModul
                 for (VolumeSystem volumeSystem : volumeSystems) {
                     for (Volume volume : volumeSystem.getVolumes()) {
                         if (volume.getFileSystems().isEmpty()) {
-                            if (isDataSourceEncrypted(volume)) {
+                            if (isVolumeEncrypted(volume)) {
                                 System.out.println("VOLUME ENCRYPTED");
                                 return flagVolume(volume);
                             }
@@ -106,9 +109,9 @@ class EncryptionDetectionDataSourceIngestModule implements DataSourceIngestModul
     /**
      * Create a blackboard artifact.
      *
-     * @param The file to be processed.
+     * @param The volume to be processed.
      *
-     * @return 'OK' if the file was processed successfully, or 'ERROR' if there
+     * @return 'OK' if the volume was processed successfully, or 'ERROR' if there
      *         was a problem.
      */
     private IngestModule.ProcessResult flagVolume(Volume volume) {
@@ -157,9 +160,9 @@ class EncryptionDetectionDataSourceIngestModule implements DataSourceIngestModul
      *
      * @param file AbstractFile to be checked.
      *
-     * @return True if the AbstractFile is encrypted.
+     * @return True if the Volume is encrypted.
      */
-    private boolean isDataSourceEncrypted(Content dataSource) throws ReadContentInputStream.ReadContentInputStreamException, IOException, TskCoreException {
+    private boolean isVolumeEncrypted(Volume volume) throws ReadContentInputStream.ReadContentInputStreamException, IOException, TskCoreException {
         /*
          * Criteria for the checks in this method are partially based on
          * http://www.forensicswiki.org/wiki/TrueCrypt#Detection
@@ -168,10 +171,8 @@ class EncryptionDetectionDataSourceIngestModule implements DataSourceIngestModul
         boolean possiblyEncrypted = true;
 
         if (possiblyEncrypted) {
-            System.out.println("CALCULATE ENTROPY");
+            calculatedEntropy = EncryptionDetectionTools.calculateEntropy(volume);
-            calculatedEntropy = EncryptionDetectionTools.calculateEntropy(dataSource);
             if (calculatedEntropy >= minimumEntropy) {
-                System.out.println("ENTROPY INDICATED ENCRYPTED DS");
                 return true;
             }
         }

Core/src/org/sleuthkit/autopsy/modules/encryptiondetection/EncryptionDetectionTools.java

@@ -37,17 +37,25 @@ final class EncryptionDetectionTools {
     static final double MINIMUM_ENTROPY_INPUT_RANGE_MAX = 8.0;
 
     static final int MINIMUM_FILE_SIZE_INPUT_RANGE_MIN = 1;
-    
+
     @NbBundle.Messages({
         "EncryptionDetectionTools.errorMessage.minimumEntropyInput=Minimum entropy input must be a number between 6.0 and 8.0.",
         "EncryptionDetectionTools.errorMessage.minimumFileSizeInput=Minimum file size input must be an integer (in megabytes) of 1 or greater."
     })
+    /**
+     * Check if the minimum entropy setting is in the accepted range for this
+     * module.
+     */
     static void validateMinEntropyValue(double minimumEntropy) throws IngestModule.IngestModuleException {
         if (minimumEntropy < MINIMUM_ENTROPY_INPUT_RANGE_MIN || minimumEntropy > MINIMUM_ENTROPY_INPUT_RANGE_MAX) {
             throw new IngestModule.IngestModuleException(Bundle.EncryptionDetectionTools_errorMessage_minimumEntropyInput());
         }
     }
 
+    /**
+     * Check if the minimum file size setting is in the accepted range for this
+     * module.
+     */
     static void validateMinFileSizeValue(int minimumFileSize) throws IngestModule.IngestModuleException {
         if (minimumFileSize < MINIMUM_FILE_SIZE_INPUT_RANGE_MIN) {
             throw new IngestModule.IngestModuleException(Bundle.EncryptionDetectionTools_errorMessage_minimumFileSizeInput());
@@ -55,17 +63,17 @@ final class EncryptionDetectionTools {
     }
 
     /**
-     * Calculate the entropy of the file. The result is used to qualify the file
+     * Calculate the entropy of the content. The result is used to qualify the
-     * as an encrypted file.
+     * content as an encrypted content.
      *
-     * @param file The file to be calculated against.
+     * @param content The content to be calculated against.
      *
-     * @return The entropy of the file.
+     * @return The entropy of the content.
      *
      * @throws IOException If there is a failure closing or reading from the
      *                     InputStream.
      */
-    static double calculateEntropy(Content file) throws ReadContentInputStream.ReadContentInputStreamException, IOException {
+    static double calculateEntropy(Content content) throws ReadContentInputStream.ReadContentInputStreamException, IOException {
         /*
          * Logic in this method is based on
          * https://github.com/willjasen/entropy/blob/master/entropy.java
@@ -75,7 +83,7 @@ final class EncryptionDetectionTools {
         BufferedInputStream bin = null;
 
         try {
-            in = new ReadContentInputStream(file);
+            in = new ReadContentInputStream(content);
             bin = new BufferedInputStream(in);
 
             /*
@@ -90,7 +98,7 @@ final class EncryptionDetectionTools {
             /*
              * Calculate the entropy based on the byte occurence counts.
              */
-            long dataLength = file.getSize() - 1;
+            long dataLength = content.getSize() - 1;
             double entropyAccumulator = 0;
             for (int i = 0; i < BYTE_OCCURENCES_BUFFER_SIZE; i++) {
                 if (byteOccurences[i] > 0) {
@@ -98,7 +106,6 @@ final class EncryptionDetectionTools {
                     entropyAccumulator += (byteProbability * Math.log(byteProbability) * ONE_OVER_LOG2);
                 }
             }
-            System.out.println("ENTROPY VALUE: " + -entropyAccumulator);
             return -entropyAccumulator;
 
         } finally {