19 package org.sleuthkit.autopsy.modules.filetypeid;
21 import java.io.Serializable;
22 import java.nio.charset.StandardCharsets;
23 import java.util.Arrays;
24 import java.util.Objects;
25 import java.util.logging.Level;
35 class FileType
implements Serializable {
37 private static final long serialVersionUID = 1L;
38 private final String mimeType;
39 private final Signature signature;
40 private final String interestingFilesSetName;
41 private final boolean alert;
54 FileType(String mimeType,
final Signature signature, String filesSetName,
boolean alert) {
55 this.mimeType = mimeType;
56 this.signature =
new Signature(signature.getSignatureBytes(), signature.getOffset(), signature.getType(), signature.isRelativeToStart());
57 this.interestingFilesSetName = filesSetName;
66 String getMimeType() {
75 Signature getSignature() {
76 return new Signature(signature.getSignatureBytes(), signature.getOffset(), signature.getType(), signature.isRelativeToStart());
86 boolean matches(
final AbstractFile file) {
87 return signature.containedIn(file);
96 boolean alertOnMatch() {
106 String getFilesSetName() {
107 return interestingFilesSetName;
111 public String toString() {
112 return this.mimeType;
116 public boolean equals(Object other) {
117 if (other != null && other instanceof FileType) {
118 FileType that = (FileType) other;
119 if (this.getMimeType().equals(that.getMimeType()) && this.getSignature().equals(that.getSignature())) {
127 public int hashCode() {
129 hash = 67 * hash + Objects.hashCode(this.mimeType);
130 hash = 67 * hash + Objects.hashCode(this.signature);
140 static class Signature
implements Serializable {
142 private static final long serialVersionUID = 1L;
153 private final byte[] signatureBytes;
154 private final long offset;
155 private final Type type;
156 private final boolean isRelativeToStart;
167 Signature(
final byte[] signatureBytes,
long offset, Type type) {
168 this.signatureBytes = Arrays.copyOf(signatureBytes, signatureBytes.length);
169 this.offset = offset;
171 this.isRelativeToStart =
true;
181 Signature(String signatureString,
long offset) {
182 this.signatureBytes = signatureString.getBytes(StandardCharsets.US_ASCII);
183 this.offset = offset;
184 this.type = Type.ASCII;
185 this.isRelativeToStart =
true;
197 Signature(
final byte[] signatureBytes,
long offset) {
198 this.signatureBytes = Arrays.copyOf(signatureBytes, signatureBytes.length);
199 this.offset = offset;
200 this.type = Type.RAW;
201 this.isRelativeToStart =
true;
215 Signature(
final byte[] signatureBytes,
long offset, Type type,
boolean isRelativeToStart) {
216 this.signatureBytes = Arrays.copyOf(signatureBytes, signatureBytes.length);
217 this.offset = offset;
219 this.isRelativeToStart = isRelativeToStart;
231 Signature(String signatureString,
long offset,
boolean isRelativeToStart) {
232 this.signatureBytes = signatureString.getBytes(StandardCharsets.US_ASCII);
233 this.offset = offset;
234 this.type = Type.ASCII;
235 this.isRelativeToStart = isRelativeToStart;
249 Signature(
final byte[] signatureBytes,
long offset,
boolean isRelativeToStart) {
250 this.signatureBytes = Arrays.copyOf(signatureBytes, signatureBytes.length);
251 this.offset = offset;
252 this.type = Type.RAW;
253 this.isRelativeToStart = isRelativeToStart;
261 byte[] getSignatureBytes() {
262 return Arrays.copyOf(signatureBytes, signatureBytes.length);
283 boolean isRelativeToStart() {
284 return isRelativeToStart;
295 boolean containedIn(
final AbstractFile file) {
296 if (offset >= file.getSize()) {
299 long actualOffset = offset;
300 if (!isRelativeToStart) {
301 actualOffset = file.getSize() - 1 - offset;
303 if (file.getSize() < (actualOffset + signatureBytes.length)) {
307 byte[] buffer =
new byte[signatureBytes.length];
308 int bytesRead = file.read(buffer, actualOffset, signatureBytes.length);
309 return ((bytesRead == signatureBytes.length) && (Arrays.equals(buffer, signatureBytes)));
310 }
catch (TskCoreException ex) {
316 Signature.logger.log(Level.WARNING,
"Error reading from file with objId = " + file.getId(), ex);
322 public boolean equals(Object other) {
323 if (other != null && other instanceof Signature) {
324 Signature that = (Signature) other;
325 if (Arrays.equals(
this.getSignatureBytes(), that.getSignatureBytes())
326 && this.getOffset() == that.getOffset()
327 && this.getType().equals(that.getType())) {
335 public int hashCode() {
337 hash = 97 * hash + Arrays.hashCode(this.signatureBytes);
338 hash = 97 * hash + (int) (this.offset ^ (this.offset >>> 32));
339 hash = 97 * hash + Objects.hashCode(this.type);
synchronized static Logger getLogger(String name)