19 package org.sleuthkit.autopsy.modules.filetypeid;
21 import java.util.ArrayList;
22 import java.util.Collections;
23 import java.util.List;
24 import java.util.SortedSet;
25 import java.util.TreeSet;
26 import java.util.logging.Level;
27 import java.util.stream.Collectors;
28 import org.apache.tika.Tika;
29 import org.apache.tika.io.TikaInputStream;
30 import org.apache.tika.mime.MimeTypes;
47 private static final Tika
tika =
new Tika();
64 TreeSet<String> detectedTypes =
new TreeSet<>((String string1, String string2) -> {
65 int result = String.CASE_INSENSITIVE_ORDER.compare(string1, string2);
67 result = string1.compareTo(string2);
73 for (FileType fileType : CustomFileTypesManager.getInstance().getAutopsyDefinedFileTypes()) {
74 detectedTypes.add(fileType.getMimeType());
76 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
77 throw new FileTypeDetectorInitException(
"Error loading Autopsy custom file types", ex);
80 for (FileType fileType : CustomFileTypesManager.getInstance().getUserDefinedFileTypes()) {
81 detectedTypes.add(fileType.getMimeType());
83 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
84 throw new FileTypeDetectorInitException(
"Error loading user custom file types", ex);
97 if (null == tikaDetectedTypes) {
98 tikaDetectedTypes =
org.apache.tika.mime.MimeTypes.getDefaultMimeTypes().getMediaTypeRegistry().getTypes()
99 .stream().filter(t -> !t.hasParameters()).map(s -> s.toString().replace(
"tika-",
"")).collect(Collectors.toCollection(TreeSet::new));
101 return Collections.unmodifiableSortedSet(tikaDetectedTypes);
116 userDefinedFileTypes = CustomFileTypesManager.getInstance().getUserDefinedFileTypes();
117 autopsyDefinedFileTypes = CustomFileTypesManager.getInstance().getAutopsyDefinedFileTypes();
118 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
119 throw new FileTypeDetectorInitException(
"Error loading custom file types", ex);
147 for (FileType fileType : customTypes) {
148 if (fileType.getMimeType().equals(mimeType)) {
181 String mimeType = file.getMIMEType();
182 if (null != mimeType) {
194 if (!file.isFile() || file.getSize() <= 0
195 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNALLOC_BLOCKS)
196 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNUSED_BLOCKS)
197 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR)
198 || ((file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.SLACK) && file.getSize() <
SLACK_FILE_THRESHOLD)) {
199 mimeType = MimeTypes.OCTET_STREAM;
206 if (null == mimeType) {
214 if (null == mimeType) {
222 if (null == mimeType) {
223 ReadContentInputStream stream =
new ReadContentInputStream(file);
225 try (TikaInputStream tikaInputStream = TikaInputStream.get(stream)) {
226 String tikaType = tika.detect(tikaInputStream, file.getName());
231 mimeType = tikaType.replace(
"tika-",
"");
242 if (mimeType.contains(
"audio/mpeg")) {
246 mimeType = MimeTypes.OCTET_STREAM;
248 }
catch (TskCoreException ex) {
250 logger.log(Level.WARNING, String.format(
"Could not verify audio/mpeg mimetype for file %s with id=%d", file.getName(), file.getId()), ex);
253 }
catch (Exception ignored) {
261 mimeType = MimeTypes.OCTET_STREAM;
268 file.setMIMEType(mimeType);
281 return (x & 0x0F) == 0x0F && (x & 0xF0) == 0xF0;
294 private byte[]
getNBytes(AbstractFile file,
int offset,
int n)
throws TskCoreException {
295 byte[] headerCache =
new byte[n];
296 file.read(headerCache, offset, n);
308 int indexOfSemicolon = mimeType.indexOf(
';');
309 if (indexOfSemicolon != -1) {
310 return mimeType.substring(0, indexOfSemicolon).trim();
324 String retValue = null;
326 for (FileType fileType : userDefinedFileTypes) {
327 if (fileType.matches(file)) {
328 retValue = fileType.getMimeType();
344 for (FileType fileType : autopsyDefinedFileTypes) {
345 if (fileType.matches(file)) {
346 return fileType.getMimeType();
378 super(message, throwable);
393 List<String> customFileTypes =
new ArrayList<>();
394 userDefinedFileTypes.forEach((fileType) -> {
395 customFileTypes.add(fileType.getMimeType());
397 autopsyDefinedFileTypes.forEach((fileType) -> {
398 customFileTypes.add(fileType.getMimeType());
400 return customFileTypes;
420 file.setMIMEType(fileType);
442 public String
getFileType(AbstractFile file)
throws TskCoreException {
444 file.setMIMEType(fileType);
462 public String
detect(AbstractFile file)
throws TskCoreException {
String removeOptionalParameter(String mimeType)
static final long serialVersionUID
final List< FileType > userDefinedFileTypes
static final int SLACK_FILE_THRESHOLD
boolean isDetectable(String mimeType)
byte[] getNBytes(AbstractFile file, int offset, int n)
String detectUserDefinedType(AbstractFile file)
String getMIMEType(AbstractFile file)
boolean isDetectableAsCustomType(List< FileType > customTypes, String mimeType)
final List< FileType > autopsyDefinedFileTypes
static SortedSet< String > tikaDetectedTypes
String detect(AbstractFile file)
String detectAutopsyDefinedType(AbstractFile file)
synchronized static Logger getLogger(String name)
static final Logger logger
List< String > getUserDefinedTypes()
static SortedSet< String > getTikaDetectedTypes()
String getFileType(AbstractFile file)
static synchronized SortedSet< String > getDetectedTypes()
boolean byteIs0xFF(byte x)
boolean isDetectableByTika(String mimeType)
String detectAndPostToBlackboard(AbstractFile file)