19 package org.sleuthkit.autopsy.modules.filetypeid;
21 import java.nio.charset.Charset;
22 import java.util.ArrayList;
23 import java.util.Collections;
24 import java.util.List;
25 import java.util.SortedSet;
26 import java.util.TreeSet;
27 import java.util.logging.Level;
28 import java.util.stream.Collectors;
29 import org.apache.tika.Tika;
30 import org.apache.tika.io.TikaInputStream;
31 import org.apache.tika.mime.MimeTypes;
49 private static final Tika
tika =
new Tika();
66 TreeSet<String> detectedTypes =
new TreeSet<>((String string1, String string2) -> {
67 int result = String.CASE_INSENSITIVE_ORDER.compare(string1, string2);
69 result = string1.compareTo(string2);
75 for (FileType fileType : CustomFileTypesManager.getInstance().getAutopsyDefinedFileTypes()) {
76 detectedTypes.add(fileType.getMimeType());
78 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
79 throw new FileTypeDetectorInitException(
"Error loading Autopsy custom file types", ex);
82 for (FileType fileType : CustomFileTypesManager.getInstance().getUserDefinedFileTypes()) {
83 detectedTypes.add(fileType.getMimeType());
85 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
86 throw new FileTypeDetectorInitException(
"Error loading user custom file types", ex);
99 if (null == tikaDetectedTypes) {
100 tikaDetectedTypes =
org.apache.tika.mime.MimeTypes.getDefaultMimeTypes().getMediaTypeRegistry().getTypes()
101 .stream().filter(t -> !t.hasParameters()).map(s -> s.toString().replace(
"tika-",
"")).collect(Collectors.toCollection(TreeSet::new));
103 return Collections.unmodifiableSortedSet(tikaDetectedTypes);
120 userDefinedFileTypes = CustomFileTypesManager.getInstance().getUserDefinedFileTypes();
121 autopsyDefinedFileTypes = CustomFileTypesManager.getInstance().getAutopsyDefinedFileTypes();
122 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
123 throw new FileTypeDetectorInitException(
"Error loading custom file types", ex);
151 for (FileType fileType : customTypes) {
152 if (fileType.getMimeType().equals(mimeType)) {
185 String mimeType = file.getMIMEType();
186 if (null != mimeType) {
198 if (!file.isFile() || file.getSize() <= 0
199 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNALLOC_BLOCKS)
200 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNUSED_BLOCKS)
201 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR)
202 || ((file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.SLACK) && file.getSize() <
SLACK_FILE_THRESHOLD)) {
203 mimeType = MimeTypes.OCTET_STREAM;
210 if (null == mimeType) {
218 if (null == mimeType) {
226 if (null == mimeType) {
227 ReadContentInputStream stream =
new ReadContentInputStream(file);
229 try (TikaInputStream tikaInputStream = TikaInputStream.get(stream)) {
230 String tikaType = tika.detect(tikaInputStream);
235 mimeType = tikaType.replace(
"tika-",
"");
247 if (!mimeType.equals(MimeTypes.OCTET_STREAM)) {
248 ReadContentInputStream secondPassStream =
new ReadContentInputStream(file);
249 try (TikaInputStream secondPassTikaStream = TikaInputStream.get(secondPassStream)) {
250 tikaType = tika.detect(secondPassTikaStream, file.getName());
251 mimeType = tikaType.replace(
"tika-",
"");
259 if (file.getNameExtension().equals(
"txt")) {
262 mimeType = MimeTypes.PLAIN_TEXT;
272 if (mimeType.contains(
"audio/mpeg")) {
276 mimeType = MimeTypes.OCTET_STREAM;
278 }
catch (TskCoreException ex) {
280 logger.log(Level.WARNING, String.format(
"Could not verify audio/mpeg mimetype for file %s with id=%d", file.getName(), file.getId()), ex);
283 }
catch (Exception ignored) {
291 mimeType = MimeTypes.OCTET_STREAM;
298 file.setMIMEType(mimeType);
312 return (x & 0x0F) == 0x0F && (x & 0xF0) == 0xF0;
326 private byte[]
getNBytes(AbstractFile file,
int offset,
int n)
throws TskCoreException {
327 byte[] headerCache =
new byte[n];
328 file.read(headerCache, offset, n);
340 int indexOfSemicolon = mimeType.indexOf(
';');
341 if (indexOfSemicolon != -1) {
342 return mimeType.substring(0, indexOfSemicolon).trim();
356 String retValue = null;
358 for (FileType fileType : userDefinedFileTypes) {
359 if (fileType.matches(file)) {
360 retValue = fileType.getMimeType();
376 for (FileType fileType : autopsyDefinedFileTypes) {
377 if (fileType.matches(file)) {
378 return fileType.getMimeType();
410 super(message, throwable);
425 List<String> customFileTypes =
new ArrayList<>();
426 userDefinedFileTypes.forEach((fileType) -> {
427 customFileTypes.add(fileType.getMimeType());
429 autopsyDefinedFileTypes.forEach((fileType) -> {
430 customFileTypes.add(fileType.getMimeType());
432 return customFileTypes;
452 file.setMIMEType(fileType);
474 public String
getFileType(AbstractFile file)
throws TskCoreException {
476 file.setMIMEType(fileType);
494 public String
detect(AbstractFile file)
throws TskCoreException {
String removeOptionalParameter(String mimeType)
static final long serialVersionUID
final List< FileType > userDefinedFileTypes
static final Charset UNKNOWN_CHARSET
static final int SLACK_FILE_THRESHOLD
boolean isDetectable(String mimeType)
byte[] getNBytes(AbstractFile file, int offset, int n)
String detectUserDefinedType(AbstractFile file)
String getMIMEType(AbstractFile file)
boolean isDetectableAsCustomType(List< FileType > customTypes, String mimeType)
final List< FileType > autopsyDefinedFileTypes
static SortedSet< String > tikaDetectedTypes
static Charset getEncoding(AbstractFile file)
String detect(AbstractFile file)
String detectAutopsyDefinedType(AbstractFile file)
synchronized static Logger getLogger(String name)
static final Logger logger
List< String > getUserDefinedTypes()
static SortedSet< String > getTikaDetectedTypes()
String getFileType(AbstractFile file)
static synchronized SortedSet< String > getDetectedTypes()
boolean byteIs0xFF(byte x)
boolean isDetectableByTika(String mimeType)
String detectAndPostToBlackboard(AbstractFile file)