diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/CTCloudHttpClient.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/CTCloudHttpClient.java index 06e5fb7fcd3cca27be8700b73864020cef16a51c..0374fd2b2b474570d851c4aece56da29e66a55a4 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/CTCloudHttpClient.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/CTCloudHttpClient.java @@ -67,7 +67,7 @@ /** * Makes the http requests to CT cloud. */ -public class CTCloudHttpClient { +class CTCloudHttpClient { private static final CTCloudHttpClient instance = new CTCloudHttpClient(); private static final Logger LOGGER = Logger.getLogger(CTCloudHttpClient.class.getName()); diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/Constants.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/Constants.java index 9587b3cd44dbf4984aac10a9b5639661e5f4a883..8290d6621d0e05f1e6cf12c24c5813539dc837b3 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/Constants.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/Constants.java @@ -23,7 +23,7 @@ /** * Constants regarding connections to cyber triage cloud. */ -final public class Constants { +final class Constants { public static final String CYBER_TRIAGE = "CyberTriage"; diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/ProxySettings.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/ProxySettings.java index f710a6ab1bb1641d4f890a70de926e93647bc021..cbd538d01b073ab2016d79ac115b5e9dcc266726 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/ProxySettings.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/ProxySettings.java @@ -32,7 +32,7 @@ * Taken from https://raw.githubusercontent.com/apache/netbeans/master/platform/o.n.core/src/org/netbeans/core/ProxySettings.java * @author Jiri Rechtacek */ -public class ProxySettings { +class ProxySettings { public static final String PROXY_HTTP_HOST = "proxyHttpHost"; // NOI18N public static final String PROXY_HTTP_PORT = "proxyHttpPort"; // NOI18N diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicenseDialog.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicenseDialog.java index 608ea6304006f80b9a14299975a12140e2cf7d6c..3bff998901d0fc071686150e58c3eedf4c8d57df 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicenseDialog.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicenseDialog.java @@ -27,7 +27,7 @@ /** * License dialog */ -public class CTLicenseDialog extends javax.swing.JDialog { +class CTLicenseDialog extends javax.swing.JDialog { private static final Pattern LICENSE_PATTERN = Pattern.compile("^\\s*[a-zA-Z0-9\\-]+?\\s*$"); private String licenseString = null; diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicensePersistence.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicensePersistence.java index e95d9e72795c57d1a37d206fc19864681ada9b3e..717c4f4321348b6cb7a55c98dcb0245a7bddc95a 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicensePersistence.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicensePersistence.java @@ -26,7 +26,6 @@ import com.fasterxml.jackson.databind.ObjectMapper; import java.io.File; import java.io.IOException; -import java.nio.file.Files; import java.nio.file.Paths; import java.util.Optional; import java.util.logging.Level; diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/EULADialog.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/EULADialog.java index 31056e1f2a982412340a782755ffe77e98c5fdce..0279cafb9b70e5a4b25c9b0df972334e239ddf93 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/EULADialog.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/EULADialog.java @@ -36,7 +36,7 @@ /** * Dialog for displaying the Cyber Triage EULA before the license is saved. */ -public class EULADialog extends javax.swing.JDialog { +class EULADialog extends javax.swing.JDialog { private static final Logger LOGGER = Logger.getLogger(EULADialog.class.getName()); private static final String EULA_RESOURCE = "EULA.htm"; diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/BatchProcessor.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/BatchProcessor.java index eab025a6416569645480ca93437cc353a22ed467..a65d319dc219b5bc5410bde84fe96846618c3dcd 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/BatchProcessor.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/BatchProcessor.java @@ -21,14 +21,10 @@ import java.util.ArrayList; import java.util.List; import java.util.concurrent.BlockingQueue; -import java.util.concurrent.CompletableFuture; -import java.util.concurrent.ExecutionException; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; -import java.util.concurrent.Future; import java.util.concurrent.LinkedBlockingQueue; import java.util.concurrent.TimeUnit; -import java.util.concurrent.TimeoutException; import java.util.function.Consumer; /** @@ -36,7 +32,7 @@ * blocks (and subsequently add and flush operations) until previous batch * finishes. */ -public class BatchProcessor<T> { +class BatchProcessor<T> { private ExecutorService processingExecutorService = Executors.newSingleThreadExecutor(); diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/FileUpload.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/FileUpload.java deleted file mode 100644 index 4803793514303fa43f64704d7fb5f25194368db6..0000000000000000000000000000000000000000 --- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/FileUpload.java +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Autopsy Forensic Browser - * - * Copyright 2023 Basis Technology Corp. - * Contact: carrier <at> sleuthkit <dot> org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.basistech.df.cybertriage.autopsy.malwarescan; - -import com.basistech.df.cybertriage.autopsy.ctapi.CTApiDAO; -import com.basistech.df.cybertriage.autopsy.ctapi.CTCloudException; -import com.basistech.df.cybertriage.autopsy.ctapi.json.AuthTokenResponse; -import com.basistech.df.cybertriage.autopsy.ctapi.json.AuthenticatedRequestData; -import com.basistech.df.cybertriage.autopsy.ctapi.json.CTCloudBean; -import com.basistech.df.cybertriage.autopsy.ctapi.json.DecryptedLicenseResponse; -import com.basistech.df.cybertriage.autopsy.ctapi.json.MalwareResultBean.Status; -import com.basistech.df.cybertriage.autopsy.ctapi.json.MetadataUploadRequest; -import org.apache.commons.lang3.StringUtils; -import org.sleuthkit.datamodel.AbstractFile; -import org.sleuthkit.datamodel.ReadContentInputStream; -import org.sleuthkit.datamodel.SleuthkitCase; -import org.sleuthkit.datamodel.TskCoreException; - -/** - * Handles uploading of files that are unknown. - */ -public class FileUpload { - private static final long MIN_UPLOAD_SIZE = 1; - private static final long MAX_UPLOAD_SIZE = 1_000_000_000; - - private final CTApiDAO ctApiDAO = CTApiDAO.getInstance(); - - private boolean isUnknown(CTCloudBean cloudBean) { - return cloudBean != null - && cloudBean.getMalwareResult() != null - && cloudBean.getMalwareResult().getStatus() == Status.NOT_FOUND; - } - - private boolean isUploadable(AbstractFile af) { - long size = af.getSize(); - return size >= MIN_UPLOAD_SIZE && size <= MAX_UPLOAD_SIZE; - } - - private boolean upload(SleuthkitCase skCase, DecryptedLicenseResponse decrypted, CTCloudBean cloudBean, long objId) throws CTCloudException, TskCoreException { - if (!isUnknown(cloudBean)) { - return false; - } - - AbstractFile af = skCase.getAbstractFileById(objId); - if (af == null) { - return false; - } - - if (!isUploadable(af)) { - return false; - } - - // get auth token / file upload url - AuthTokenResponse authTokenResponse = ctApiDAO.getAuthToken(decrypted, true); - if (StringUtils.isBlank(authTokenResponse.getFileUploadUrl())) { - throw new CTCloudException(CTCloudException.ErrorCode.NETWORK_ERROR); - } - - // upload bytes - ReadContentInputStream fileInputStream = new ReadContentInputStream(af); - ctApiDAO.uploadFile(authTokenResponse.getFileUploadUrl(), af.getName(), fileInputStream); - - // upload metadata - MetadataUploadRequest metaRequest = new MetadataUploadRequest() - .setCreatedDate(af.getCrtime()) - .setFilePath(af.getUniquePath()) - .setFileSizeBytes(af.getSize()) - .setFileUploadUrl(authTokenResponse.getFileUploadUrl()) - .setMd5(af.getMd5Hash()) - .setSha1(af.getSha1Hash()) - .setSha256(af.getSha256Hash()); - - ctApiDAO.uploadMeta(new AuthenticatedRequestData(decrypted, authTokenResponse), metaRequest); - return true; - } - -} diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java index f15236cd1d0a19d4a689b777a66784e392b321cd..2d73effa5c4d901b04a397a19f8b3fbd80201ac6 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java @@ -69,7 +69,7 @@ /** * Uses CT cloud API to determine if file is malware */ -public class MalwareScanIngestModule implements FileIngestModule { +class MalwareScanIngestModule implements FileIngestModule { private static final SharedProcessing sharedProcessing = new SharedProcessing(); diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/UsernameAnonymizer.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/UsernameAnonymizer.java index 2b00ece4ab43db397d307602ff1cf7b3ef20c6ae..75261ae43f5a05560ffa4eecc23c10bcd4ffe8b6 100644 --- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/UsernameAnonymizer.java +++ b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/UsernameAnonymizer.java @@ -33,7 +33,7 @@ * Utility class to anonymize username in paths also anonymizes hostname / ip * from UNC paths */ -public class UsernameAnonymizer { +class UsernameAnonymizer { private static final Logger LOGGER = Logger.getLogger(UsernameAnonymizer.class.getName());