19 package org.sleuthkit.autopsy.modules.filetypeid;
21 import java.util.ArrayList;
22 import java.util.Collections;
23 import java.util.List;
24 import java.util.SortedSet;
25 import java.util.TreeSet;
26 import java.util.logging.Level;
27 import java.util.stream.Collectors;
28 import org.apache.tika.Tika;
29 import org.apache.tika.io.TikaInputStream;
30 import org.apache.tika.mime.MimeTypes;
47 private static final Tika
tika =
new Tika();
64 TreeSet<String> detectedTypes =
new TreeSet<>((String string1, String string2) -> {
65 int result = String.CASE_INSENSITIVE_ORDER.compare(string1, string2);
67 result = string1.compareTo(string2);
73 for (FileType fileType : CustomFileTypesManager.getInstance().getAutopsyDefinedFileTypes()) {
74 detectedTypes.add(fileType.getMimeType());
76 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
77 throw new FileTypeDetectorInitException(
"Error loading Autopsy custom file types", ex);
80 for (FileType fileType : CustomFileTypesManager.getInstance().getUserDefinedFileTypes()) {
81 detectedTypes.add(fileType.getMimeType());
83 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
84 throw new FileTypeDetectorInitException(
"Error loading user custom file types", ex);
97 if (null == tikaDetectedTypes) {
98 tikaDetectedTypes =
org.apache.tika.mime.MimeTypes.getDefaultMimeTypes().getMediaTypeRegistry().getTypes()
99 .stream().filter(t -> !t.hasParameters()).map(s -> s.toString().replace(
"tika-",
"")).collect(Collectors.toCollection(TreeSet::new));
101 return Collections.unmodifiableSortedSet(tikaDetectedTypes);
118 userDefinedFileTypes = CustomFileTypesManager.getInstance().getUserDefinedFileTypes();
119 autopsyDefinedFileTypes = CustomFileTypesManager.getInstance().getAutopsyDefinedFileTypes();
120 }
catch (CustomFileTypesManager.CustomFileTypesException ex) {
121 throw new FileTypeDetectorInitException(
"Error loading custom file types", ex);
149 for (FileType fileType : customTypes) {
150 if (fileType.getMimeType().equals(mimeType)) {
183 String mimeType = file.getMIMEType();
184 if (null != mimeType) {
196 if (!file.isFile() || file.getSize() <= 0
197 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNALLOC_BLOCKS)
198 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNUSED_BLOCKS)
199 || (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR)
200 || ((file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.SLACK) && file.getSize() <
SLACK_FILE_THRESHOLD)) {
201 mimeType = MimeTypes.OCTET_STREAM;
208 if (null == mimeType) {
216 if (null == mimeType) {
224 if (null == mimeType) {
225 ReadContentInputStream stream =
new ReadContentInputStream(file);
227 try (TikaInputStream tikaInputStream = TikaInputStream.get(stream)) {
228 String tikaType = tika.detect(tikaInputStream);
233 mimeType = tikaType.replace(
"tika-",
"");
245 if (!mimeType.equals(MimeTypes.OCTET_STREAM)) {
246 ReadContentInputStream secondPassStream =
new ReadContentInputStream(file);
247 try (TikaInputStream secondPassTikaStream = TikaInputStream.get(secondPassStream)) {
248 tikaType = tika.detect(secondPassTikaStream, file.getName());
249 mimeType = tikaType.replace(
"tika-",
"");
259 if (mimeType.contains(
"audio/mpeg")) {
263 mimeType = MimeTypes.OCTET_STREAM;
265 }
catch (TskCoreException ex) {
267 logger.log(Level.WARNING, String.format(
"Could not verify audio/mpeg mimetype for file %s with id=%d", file.getName(), file.getId()), ex);
270 }
catch (Exception ignored) {
278 mimeType = MimeTypes.OCTET_STREAM;
285 file.setMIMEType(mimeType);
299 return (x & 0x0F) == 0x0F && (x & 0xF0) == 0xF0;
313 private byte[]
getNBytes(AbstractFile file,
int offset,
int n)
throws TskCoreException {
314 byte[] headerCache =
new byte[n];
315 file.read(headerCache, offset, n);
327 int indexOfSemicolon = mimeType.indexOf(
';');
328 if (indexOfSemicolon != -1) {
329 return mimeType.substring(0, indexOfSemicolon).trim();
343 String retValue = null;
345 for (FileType fileType : userDefinedFileTypes) {
346 if (fileType.matches(file)) {
347 retValue = fileType.getMimeType();
363 for (FileType fileType : autopsyDefinedFileTypes) {
364 if (fileType.matches(file)) {
365 return fileType.getMimeType();
397 super(message, throwable);
412 List<String> customFileTypes =
new ArrayList<>();
413 userDefinedFileTypes.forEach((fileType) -> {
414 customFileTypes.add(fileType.getMimeType());
416 autopsyDefinedFileTypes.forEach((fileType) -> {
417 customFileTypes.add(fileType.getMimeType());
419 return customFileTypes;
439 file.setMIMEType(fileType);
461 public String
getFileType(AbstractFile file)
throws TskCoreException {
463 file.setMIMEType(fileType);
481 public String
detect(AbstractFile file)
throws TskCoreException {
String removeOptionalParameter(String mimeType)
static final long serialVersionUID
final List< FileType > userDefinedFileTypes
static final int SLACK_FILE_THRESHOLD
boolean isDetectable(String mimeType)
byte[] getNBytes(AbstractFile file, int offset, int n)
String detectUserDefinedType(AbstractFile file)
String getMIMEType(AbstractFile file)
boolean isDetectableAsCustomType(List< FileType > customTypes, String mimeType)
final List< FileType > autopsyDefinedFileTypes
static SortedSet< String > tikaDetectedTypes
String detect(AbstractFile file)
String detectAutopsyDefinedType(AbstractFile file)
synchronized static Logger getLogger(String name)
static final Logger logger
List< String > getUserDefinedTypes()
static SortedSet< String > getTikaDetectedTypes()
String getFileType(AbstractFile file)
static synchronized SortedSet< String > getDetectedTypes()
boolean byteIs0xFF(byte x)
boolean isDetectableByTika(String mimeType)
String detectAndPostToBlackboard(AbstractFile file)