/**
* Process the database to create a sorted index of it. Consecutive
* entries with the same hash value are not added to the index, but
* will be found during lookup.
*
* @param hdb_info_base Hash database to make index of.
* @param dbtype Type of database
*
* @return 1 on error and 0 on success.
*/
uint8_t
nsrl_makeindex(TSK_HDB_INFO * hdb_info_base, TSK_TCHAR * dbtype)
{
TSK_HDB_BINSRCH_INFO *hdb_binsrch_info = (TSK_HDB_BINSRCH_INFO*)hdb_info_base;
size_t i, len;
char buf[TSK_HDB_MAXLEN];
char *hash = NULL, phash[TSK_HDB_HTYPE_SHA1_LEN + 1];
TSK_OFF_T offset = 0;
int ver = 0;
int db_cnt = 0, idx_cnt = 0, ig_cnt = 0;
if (hdb_binsrch_idx_initialize(hdb_binsrch_info, dbtype)) {
tsk_error_set_errstr2( "nsrl_makeindex");
return 1;
}
/* Status */
if (tsk_verbose)
TFPRINTF(stderr, _TSK_T("Extracting Data from Database (%s)\n"),
hdb_info_base->db_fname);
/* Allocate a buffer for the previous hash value */
memset(phash, '0', TSK_HDB_HTYPE_SHA1_LEN + 1);
/* read the file */
fseek(hdb_binsrch_info->hDb, 0, SEEK_SET);
for (i = 0; NULL != fgets(buf, TSK_HDB_MAXLEN, hdb_binsrch_info->hDb);
offset += len, i++) {
len = strlen(buf);
/* Get the version of the database on the first time around */
if (i == 0) {
if ((ver = get_format_ver(buf)) == -1) {
return 1;
}
ig_cnt++;
continue;
}
/* Parse the line */
if (hdb_binsrch_info->hash_type & TSK_HDB_HTYPE_SHA1_ID) {
if (nsrl_parse_sha1(buf, &hash, NULL, ver)) {
ig_cnt++;
continue;
}
}
else if (hdb_binsrch_info->hash_type & TSK_HDB_HTYPE_MD5_ID) {
if (nsrl_parse_md5(buf, &hash, NULL, ver)) {
ig_cnt++;
continue;
}
}
db_cnt++;
/* We only want to add one of each hash to the index */
if (memcmp(hash, phash, hdb_binsrch_info->hash_len) == 0) {
continue;
}
/* Add the entry to the index */
if (hdb_binsrch_idx_add_entry_str(hdb_binsrch_info, hash, offset)) {
tsk_error_set_errstr2( "nsrl_makeindex");
return 1;
}
idx_cnt++;
/* Set the previous has value */
strncpy(phash, hash, hdb_binsrch_info->hash_len + 1);
}
if (idx_cnt > 0) {
if (tsk_verbose) {
fprintf(stderr, " Valid Database Entries: %d\n", db_cnt);
fprintf(stderr,
" Invalid Database Entries (headers or errors): %d\n",
ig_cnt);
fprintf(stderr, " Index File Entries %s: %d\n",
(idx_cnt == db_cnt) ? "" : "(optimized)", idx_cnt);
}
/* Close and sort the index */
if (hdb_binsrch_idx_finalize(hdb_binsrch_info)) {
tsk_error_set_errstr2( "nsrl_makeindex");
return 1;
}
}
else {
tsk_error_reset();
tsk_error_set_errno(TSK_ERR_HDB_CORRUPT);
tsk_error_set_errstr(
"nsrl_makeindex: No valid entries found in database");
return 1;
}
return 0;
}
/**
* Process the database to create a sorted index of it. Consecutive
* entries with the same hash value are not added to the index, but
* will be found during lookup.
*
* @param hdb_info_base Hash database to make index of
* @param dbtype Text of database type (should always be TSK_HDB_DBTYPE_HK_STR)
*
* @return 1 on error and 0 on success.
*/
uint8_t
hk_makeindex(TSK_HDB_INFO * hdb_info_base, TSK_TCHAR * dbtype)
{
TSK_HDB_BINSRCH_INFO *hdb_binsrch_info = (TSK_HDB_BINSRCH_INFO*)hdb_info_base;
int i;
size_t len = 0;
char buf[TSK_HDB_MAXLEN];
char *hash = NULL, phash[TSK_HDB_HTYPE_MD5_LEN + 1];
TSK_OFF_T offset = 0;
int db_cnt = 0, idx_cnt = 0, ig_cnt = 0;
if (hdb_binsrch_idx_initialize(hdb_binsrch_info, dbtype)) {
tsk_error_set_errstr2( "hk_makeindex");
return 1;
}
/* Status */
if (tsk_verbose)
TFPRINTF(stderr, _TSK_T("Extracting Data from Database (%s)\n"),
hdb_binsrch_info->base.db_fname);
/* Allocate a buffer to hold the previous hash values */
memset(phash, '0', TSK_HDB_HTYPE_MD5_LEN + 1);
/* read each line of the file */
fseek(hdb_binsrch_info->hDb, 0, SEEK_SET);
for (i = 0; NULL != fgets(buf, TSK_HDB_MAXLEN, hdb_binsrch_info->hDb);
offset += (TSK_OFF_T) len, i++) {
// skip the header line
if (i == 0) {
ig_cnt++;
continue;
}
len = strlen(buf);
/* Parse each line to get the MD5 value */
if (hk_parse_md5(buf, &hash, NULL, 0, NULL, 0)) {
ig_cnt++;
continue;
}
db_cnt++;
/* If this entry is for the same hash value as the last entry,
* the skip it -- we'll look for it during lookup */
if (memcmp(hash, phash, TSK_HDB_HTYPE_MD5_LEN) == 0) {
continue;
}
/* Add the entry to the index */
if (hdb_binsrch_idx_add_entry_str(hdb_binsrch_info, hash, offset)) {
tsk_error_set_errstr2( "hk_makeindex");
return 1;
}
idx_cnt++;
/* Set the previous hash value */
strncpy(phash, hash, TSK_HDB_HTYPE_MD5_LEN + 1);
}
if (idx_cnt > 0) {
if (tsk_verbose) {
fprintf(stderr, " Valid Database Entries: %d\n", db_cnt);
fprintf(stderr,
" Invalid Database Entries (headers or errors): %d\n",
ig_cnt);
fprintf(stderr, " Index File Entries %s: %d\n",
(idx_cnt == db_cnt) ? "" : "(optimized)", idx_cnt);
}
/* Finish the index making process */
if (hdb_binsrch_idx_finalize(hdb_binsrch_info)) {
tsk_error_set_errstr2( "hk_makeindex");
return 1;
}
}
else {
tsk_error_reset();
tsk_error_set_errno(TSK_ERR_HDB_CORRUPT);
tsk_error_set_errstr(
"hk_makeindex: No valid entries found in database");
return 1;
}
return 0;
}
