Merge branch 'issue192_fixes' of https://github.com/narfindustries/autopsy into narfindustries-issue192_fixes

CentralRepository/src/org/sleuthkit/autopsy/centralrepository/datamodel/EamArtifact.java

@@ -65,7 +65,8 @@ public class EamArtifact implements Serializable {
     public EamArtifact(Type correlationType, String correlationValue) {
         this.ID = "";
         this.correlationType = correlationType;
-        this.correlationValue = correlationValue;
+        // Lower-case all values to normalize and improve correlation hits, going forward make sure this makes sense for all correlation types
+        this.correlationValue = correlationValue.toLowerCase();
         this.artifactInstances = new ArrayList<>();
     }
 
@@ -110,7 +111,8 @@ public class EamArtifact implements Serializable {
      * @param correlationValue the correlationValue to set
      */
     public void setCorrelationValue(String correlationValue) {
-        this.correlationValue = correlationValue;
+        // Lower-case all values to normalize and improve correlation hits, going forward make sure this makes sense for all correlation types
+        this.correlationValue = correlationValue.toLowerCase();
     }
 
     /**
@@ -164,7 +166,8 @@ public class EamArtifact implements Serializable {
          *
          * @param id          Unique ID for this Correlation Type
          * @param displayName Name of this type displayed in the UI.
-         * @param dbTableName   Central Repository db table where data of this type is stored
+         * @param dbTableName Central Repository db table where data of this
+         *                    type is stored
          * @param supported   Is this Type currently supported
          * @param enabled     Is this Type currentl enabled.
          */
@@ -178,11 +181,12 @@ public class EamArtifact implements Serializable {
 
         /**
          * Constructior for custom types where we do not know the Type ID until
-         * the row has been entered into the correlation_types table
+         * the row has been entered into the correlation_types table in the
-         * in the Central Repository.
+         * Central Repository.
          *
          * @param displayName Name of this type displayed in the UI.
-         * @param dbTableName   Central Repository db table where data of this type is stored
+         * @param dbTableName Central Repository db table where data of this
+         *                    type is stored
          * @param supported   Is this Type currently supported
          * @param enabled     Is this Type currentl enabled.
          */
@@ -308,13 +312,12 @@ public class EamArtifact implements Serializable {
         }
 
         /**
-         * To support having different database tables for each Type,
+         * To support having different database tables for each Type, this field
-         * this field provides the prefix/suffix of the table name,
+         * provides the prefix/suffix of the table name, which allows us to
-         * which allows us to automatically compute the table names
+         * automatically compute the table names and indicies.
-         * and indicies.
          *
-         * It is the prefix for the instances tables *_instances.
+         * It is the prefix for the instances tables *_instances. It is the
-         * It is the suffix for the reference tables reference_*.
+         * suffix for the reference tables reference_*.
          *
          * When custom Types are added in the future, they are already supported
          * by just giving the desired value for the table name for each custom

CentralRepository/src/org/sleuthkit/autopsy/centralrepository/datamodel/EamArtifactInstance.java

@@ -124,7 +124,8 @@ public class EamArtifactInstance implements Serializable {
         this.ID = ID;
         this.eamCase = eamCase;
         this.eamDataSource = eamDataSource;
-        this.filePath = filePath;
+        // Lower case paths to normalize paths and improve correlation results, if this causes significant issues on case-sensitive file systems, remove
+        this.filePath = filePath.toLowerCase();
         this.comment = comment;
         this.knownStatus = knownStatus;
         this.globalStatus = globalStatus;
@@ -204,7 +205,8 @@ public class EamArtifactInstance implements Serializable {
      * @param filePath the filePath to set
      */
     public void setFilePath(String filePath) {
-        this.filePath = filePath;
+        // Lower case paths to normalize paths and improve correlation results, if this causes significant issues on case-sensitive file systems, remove
+        this.filePath = filePath.toLowerCase();
     }
 
     /**

CentralRepository/src/org/sleuthkit/autopsy/centralrepository/datamodel/EamArtifactUtil.java

@@ -129,8 +129,8 @@ public class EamArtifactUtil {
                     || BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID() == artifactTypeID
                     || BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID() == artifactTypeID)) {
 
+                // Lower-case this to normalize domains
                 value = bbArtifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DOMAIN)).getValueString();
-
             } else if (aType.getId() == EamArtifact.PHONE_TYPE_ID
                     && (BlackboardArtifact.ARTIFACT_TYPE.TSK_CONTACT.getTypeID() == artifactTypeID
                     || BlackboardArtifact.ARTIFACT_TYPE.TSK_CALLLOG.getTypeID() == artifactTypeID
@@ -144,6 +144,15 @@ public class EamArtifactUtil {
                     value = bbArtifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO)).getValueString();
                 }
 
+                // Remove all non-numeric symbols to semi-normalize phone numbers, preserving leading "+" character
+                if (value != null) {
+                    String newValue = value.replaceAll("\\D", "");
+                    if (value.startsWith("+")) {
+                        newValue = "+" + newValue;
+                    }
+
+                    value = newValue;
+                }
             } else if (aType.getId() == EamArtifact.USBID_TYPE_ID
                     && BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID() == artifactTypeID) {
 

CentralRepository/src/org/sleuthkit/autopsy/centralrepository/datamodel/EamGlobalFileInstance.java

@@ -32,6 +32,14 @@ public class EamGlobalFileInstance {
     private TskData.FileKnown knownStatus;
     private String comment;
 
+    public EamGlobalFileInstance(
+            int globalSetID,
+            String MD5Hash,
+            TskData.FileKnown knownStatus,
+            String comment) {
+        this(-1, globalSetID, MD5Hash, knownStatus, comment);
+    }
+
     public EamGlobalFileInstance(
             int instanceID,
             int globalSetID,
@@ -40,19 +48,12 @@ public class EamGlobalFileInstance {
             String comment) {
         this.instanceID = instanceID;
         this.globalSetID = globalSetID;
-        this.MD5Hash = MD5Hash;
+        // Normalize hashes by lower casing
+        this.MD5Hash = MD5Hash.toLowerCase();
         this.knownStatus = knownStatus;
         this.comment = comment;
     }
 
-    public EamGlobalFileInstance(
-            int globalSetID,
-            String MD5Hash,
-            TskData.FileKnown knownStatus,
-            String comment) {
-        this(-1, globalSetID, MD5Hash, knownStatus, comment);
-    }
-
     @Override
     public boolean equals(Object otherInstance) {
         if (this == otherInstance) {
@@ -111,7 +112,8 @@ public class EamGlobalFileInstance {
      * @param MD5Hash the MD5Hash to set
      */
     public void setMD5Hash(String MD5Hash) {
-        this.MD5Hash = MD5Hash;
+        // Normalize hashes by lower casing
+        this.MD5Hash = MD5Hash.toLowerCase();
     }
 
     /**