Autopsy  4.13.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
KdbHashSetParser.java
Go to the documentation of this file.
1 /*
2  * Autopsy Forensic Browser
3  *
4  * Copyright 2011 - 2017 Basis Technology Corp.
5  * Contact: carrier <at> sleuthkit <dot> org
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  * http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  */
19 package org.sleuthkit.autopsy.modules.hashdatabase;
20 
21 import java.sql.Connection;
22 import java.sql.DriverManager;
23 import java.sql.ResultSet;
24 import java.sql.SQLException;
25 import java.sql.Statement;
26 import java.util.logging.Level;
28 import org.sleuthkit.datamodel.TskCoreException;
29 
33 public class KdbHashSetParser implements HashSetParser {
34 
35  private final String JDBC_DRIVER = "org.sqlite.JDBC"; // NON-NLS
36  private final String JDBC_BASE_URI = "jdbc:sqlite:"; // NON-NLS
37 
38  private final String filename; // Name of the input file (saved for logging)
39  private final long totalHashes; // Estimated number of hashes
40  private int totalHashesRead = 0; // Number of hashes that have been read
41  private Connection conn;
42  private Statement statement;
43  private ResultSet resultSet;
44 
45  KdbHashSetParser(String filename) throws TskCoreException {
46  this.filename = filename;
47 
48  conn = null;
49  statement = null;
50  resultSet = null;
51 
52  try {
53  // Open the database
54  StringBuilder connectionURL = new StringBuilder();
55  connectionURL.append(JDBC_BASE_URI);
56  connectionURL.append(filename);
57  Class.forName(JDBC_DRIVER);
58  conn = DriverManager.getConnection(connectionURL.toString());
59 
60  // Get the number of hashes in the table
61  statement = conn.createStatement();
62  resultSet = statement.executeQuery("SELECT count(*) AS count FROM hashes");
63  if (resultSet.next()) {
64  totalHashes = resultSet.getLong("count");
65  } else {
66  close();
67  throw new TskCoreException("Error getting hash count from hash set " + filename);
68  }
69 
70  // Get the hashes
71  resultSet = statement.executeQuery("SELECT md5 FROM hashes");
72 
73  // At this point, getNextHash can read each hash from the result set
74  } catch (ClassNotFoundException | SQLException ex) {
75  throw new TskCoreException("Error opening/reading hash set " + filename, ex);
76  }
77 
78  }
79 
86  @Override
87  public String getNextHash() throws TskCoreException {
88 
89  try {
90  if (resultSet.next()) {
91  byte[] hashBytes = resultSet.getBytes("md5");
92  StringBuilder sb = new StringBuilder();
93  for (byte b : hashBytes) {
94  sb.append(String.format("%02x", b));
95  }
96 
97  if (sb.toString().length() != 32) {
98  throw new TskCoreException("Hash has incorrect length: " + sb.toString());
99  }
100 
101  totalHashesRead++;
102  return sb.toString();
103  } else {
104  throw new TskCoreException("Could not read expected number of hashes from hash set " + filename);
105  }
106  } catch (SQLException ex) {
107  throw new TskCoreException("Error reading hash from result set for hash set " + filename, ex);
108  }
109  }
110 
116  @Override
117  public boolean doneReading() {
118  return (totalHashesRead >= totalHashes);
119  }
120 
126  @Override
127  public long getExpectedHashCount() {
128  return totalHashes;
129  }
130 
134  @Override
135  public final void close() {
136  if (statement != null) {
137  try {
138  statement.close();
139  } catch (SQLException ex) {
140  Logger.getLogger(KdbHashSetParser.class.getName()).log(Level.SEVERE, "Error closing prepared statement.", ex);
141  }
142  }
143 
144  if (resultSet != null) {
145  try {
146  resultSet.close();
147  } catch (SQLException ex) {
148  Logger.getLogger(KdbHashSetParser.class.getName()).log(Level.SEVERE, "Error closing result set.", ex);
149  }
150  }
151 
152  if (conn != null) {
153  try {
154  conn.close();
155  } catch (SQLException ex) {
156  Logger.getLogger(KdbHashSetParser.class.getName()).log(Level.SEVERE, "Error closing connection.", ex);
157  }
158  }
159  }
160 }
synchronized static Logger getLogger(String name)
Definition: Logger.java:124

Copyright © 2012-2019 Basis Technology. Generated on: Tue Jan 7 2020
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.