* Added in memory hash calculation methods

Author: zerjioang

core/.idea/workspace.xml

@@ -3,13 +3,13 @@
 import apkr.external.modules.helpers.log4j.Log;
 import apkr.external.modules.helpers.log4j.LoggerType;
 import droidefense.handler.APKToolHandler;
-import droidefense.handler.AXMLDecoderHandler;
 import droidefense.handler.DirScannerHandler;
 import droidefense.handler.FileUnzipVFSHandler;
 import droidefense.handler.base.DirScannerFilter;
 import droidefense.sdk.model.base.APKFile;
 import droidefense.sdk.model.base.DroidefenseProject;
 import droidefense.sdk.model.base.HashedFile;
+import droidefense.util.UnpackAction;
 
 import java.io.File;
 import java.util.ArrayList;
@@ -28,7 +28,7 @@ public ArrayList<HashedFile> unpackWithTechnique(DroidefenseProject currentProje
             Log.write(LoggerType.TRACE, "Listing unpacked files...");
 
             //enumerate unpacked files and get information
-            DirScannerHandler dirHandler = new DirScannerHandler(outputDir, GENERATE_HASHES, new DirScannerFilter() {
+            DirScannerHandler dirHandler = new DirScannerHandler(outputDir, true, new DirScannerFilter() {
                 @Override
                 public boolean addFile(File f) {
                     return true;
@@ -48,37 +48,11 @@ public boolean addFile(File f) {
         @Override
         public ArrayList<HashedFile> unpackWithTechnique(DroidefenseProject currentProject, APKFile apkFile, File outputDir) {
             //only unpacks
-            FileUnzipVFSHandler handler = new FileUnzipVFSHandler(currentProject, apkFile);
+            FileUnzipVFSHandler handler = new FileUnzipVFSHandler(currentProject, apkFile, UnpackAction.GENERATE_HASH);
             handler.doTheJob();
-            Log.write(LoggerType.TRACE, "Listing unpacked files...");
-
-            //TODO generate hashes of the files
-            DirScannerHandler dirHandler = new DirScannerHandler(outputDir, GENERATE_HASHES, new DirScannerFilter() {
-                @Override
-                public boolean addFile(File f) {
-                    return true;
-                }
-            });
-            handler.doTheJob();
-
-            //get extracted files
-            ArrayList<HashedFile> files = dirHandler.getFiles();
-            Log.write(LoggerType.TRACE, "Files found: " + files.size());
-
-            Log.write(LoggerType.TRACE, "Decoding XML resources");
-            //decode unpacked files
-            AXMLDecoderHandler decoder = new AXMLDecoderHandler(files);
-            decoder.doTheJob();
-
-            //save metadata
-            currentProject.setFolderCount(dirHandler.getNfolder());
-            currentProject.setFilesCount(dirHandler.getNfiles());
-
-            return files;
+            return handler.getFiles();
         }
     };
 
-    public static final boolean GENERATE_HASHES = true;
-
     public abstract ArrayList<HashedFile> unpackWithTechnique(DroidefenseProject currentProject, APKFile apkFile, File outputDir);
 }

core/src/main/java/droidefense/cli/APKUnpacker.java

@@ -5,10 +5,12 @@
 import droidefense.handler.base.AbstractHandler;
 import droidefense.sdk.model.base.DroidefenseProject;
 import droidefense.sdk.model.base.HashedFile;
+import droidefense.util.UnpackAction;
 
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.util.ArrayList;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipInputStream;
 
@@ -23,7 +25,7 @@ public class FileUnzipVFSHandler extends AbstractHandler {
 
     private HashedFile source;
 
-    public FileUnzipVFSHandler(DroidefenseProject project, HashedFile source) {
+    public FileUnzipVFSHandler(DroidefenseProject project, HashedFile source, UnpackAction generateHash) {
         this.source = source;
         this.root = VirtualFolder.createFolder("unpack");
         this.parentNode = root;
@@ -70,6 +72,7 @@ public boolean doTheJob() {
             //close zip file access
             zipIn.close();
             project.setVFS(root);
+            project.getVFS().print();
             return true;
         } catch (FileNotFoundException e) {
             e.printStackTrace();
@@ -83,4 +86,8 @@ public boolean doTheJob() {
         }
         return false;
     }
+
+    public ArrayList<HashedFile> getFiles() {
+        return null;
+    }
 }

core/src/main/java/droidefense/handler/FileUnzipVFSHandler.java

@@ -5,6 +5,7 @@
 import apkr.external.module.ssdeep.exception.SSDeepException;
 import apkr.external.modules.helpers.log4j.Log;
 import apkr.external.modules.helpers.log4j.LoggerType;
+import droidefense.util.SSDeep;
 
 import java.io.*;
 import java.security.MessageDigest;
@@ -29,17 +30,25 @@ public static CheckSumGen getInstance() {
     public String calculateSSDeep(File f) throws SSDeepException {
         if (f == null) {
             Log.write(LoggerType.ERROR, "Could not create calculateSSDeep() Hash because of a null file reference");
-            throw new SSDeepException("Apkr could not calculateSSDeep() SSDeep fuzzing hash for file\n\t" + "\nPossible reason: null file reference.");
+            throw new SSDeepException("Droidefense could not calculateSSDeep() SSDeep fuzzing hash for file\n\t" + "\nPossible reason: null file reference.");
         }
         SsdeepHashGen test = new SsdeepHashGen();
         try {
             return test.fuzzy_hash_file(f);
         } catch (IOException e) {
-            Log.write(LoggerType.ERROR, "Apkr could not calculateSSDee()p SSDeep fuzzing hash for file\n\t" + f.getAbsolutePath() + "\nPossible reason: " + e.getLocalizedMessage());
-            throw new SSDeepException("Apkr could not calculateSSDee()p SSDeep fuzzing hash for file\n\t" + f.getAbsolutePath() + "\nPossible reason: " + e.getLocalizedMessage());
+            Log.write(LoggerType.ERROR, "Droidefense could not calculateSSDee()p SSDeep fuzzing hash for file\n\t" + f.getAbsolutePath() + "\nPossible reason: " + e.getLocalizedMessage());
+            throw new SSDeepException("Droidefense could not calculateSSDee()p SSDeep fuzzing hash for file\n\t" + f.getAbsolutePath() + "\nPossible reason: " + e.getLocalizedMessage());
         }
     }
 
+    public String calculateSSDeep(byte[] data) throws SSDeepException {
+        if (data == null) {
+            Log.write(LoggerType.ERROR, "Could not create calculateSSDeep() Hash because of a null file reference");
+            throw new SSDeepException("Droidefense could not calculateSSDeep() SSDeep fuzzing hash for file\n\t" + "\nPossible reason: null file reference.");
+        }
+        return SSDeep.generateSSDeep(data);
+    }
+
     private String calculate(File f, String alg) throws NoSuchAlgorithmException, IOException {
         MessageDigest md = MessageDigest.getInstance(alg);
         FileInputStream fis = new FileInputStream(f);
@@ -83,7 +92,7 @@ private String calculate(byte[] data, String alg) throws NoSuchAlgorithmExceptio
     public long calculateCRC32(File f) throws NullPointerException {
         if (f == null) {
             Log.write(LoggerType.ERROR, "Could not create calculateCRC32() Hash because of a null file reference");
-            throw new NullPointerException("Apkr could not calculateCRC32() hash for file\n\t" + "\nPossible reason: null file reference.");
+            throw new NullPointerException("Droidefense could not calculateCRC32() hash for file\n\t" + "\nPossible reason: null file reference.");
         }
         try {
             InputStream inputStreamn = new FileInputStream(f);
@@ -99,10 +108,20 @@ public long calculateCRC32(File f) throws NullPointerException {
         return DEFAULT_RET_CRC32;
     }
 
+    public long calculateCRC32(byte[] data) throws NullPointerException {
+        if (data == null) {
+            Log.write(LoggerType.ERROR, "Could not create calculateCRC32() Hash because of a null file reference");
+            throw new NullPointerException("Droidefense could not calculateCRC32() hash for file\n\t" + "\nPossible reason: null file reference.");
+        }
+        CRC32 crc = new CRC32();
+        crc.update(data);
+        return crc.getValue();
+    }
+
     public String calculateSHA1(File f) throws NullPointerException {
         if (f == null) {
             Log.write(LoggerType.ERROR, "Could not create calculateSHA1() Hash because of a null file reference");
-            throw new NullPointerException("Apkr could not calculateSHA1() hash for file\n\t" + "\nPossible reason: null file reference.");
+            throw new NullPointerException("Droidefense could not calculateSHA1() hash for file\n\t" + "\nPossible reason: null file reference.");
         }
         try {
             return calculate(f, SHA_1);
@@ -112,10 +131,23 @@ public String calculateSHA1(File f) throws NullPointerException {
         return DEFAULT_RET;
     }
 
+    public String calculateSHA1(byte[] data) throws NullPointerException {
+        if (data == null) {
+            Log.write(LoggerType.ERROR, "Could not create calculateSHA1() Hash because of a null file reference");
+            throw new NullPointerException("Droidefense could not calculateSHA1() hash for file\n\t" + "\nPossible reason: null file reference.");
+        }
+        try {
+            return calculate(data, SHA_1);
+        } catch (NoSuchAlgorithmException | IOException e) {
+            Log.write(LoggerType.ERROR, "Could not create SHA1 Hash because", e.getLocalizedMessage(), Arrays.toString(e.getStackTrace()));
+        }
+        return DEFAULT_RET;
+    }
+
     public String calculateMD5(File f) throws NullPointerException {
         if (f == null) {
             Log.write(LoggerType.ERROR, "Could not create calculateSHAMD5() Hash because of a null file reference");
-            throw new NullPointerException("Apkr could not calculateMD5() hash for file\n\t" + "\nPossible reason: null file reference.");
+            throw new NullPointerException("Droidefense could not calculateMD5() hash for file\n\t" + "\nPossible reason: null file reference.");
         }
         try {
             return calculate(f, MD5);
@@ -125,10 +157,23 @@ public String calculateMD5(File f) throws NullPointerException {
         return DEFAULT_RET;
     }
 
+    public String calculateMD5(byte[] data) throws NullPointerException {
+        if (data == null) {
+            Log.write(LoggerType.ERROR, "Could not create calculateMD5() Hash because of a null file reference");
+            throw new NullPointerException("Droidefense could not calculateMD5() hash for file\n\t" + "\nPossible reason: null file reference.");
+        }
+        try {
+            return calculate(data, MD5);
+        } catch (NoSuchAlgorithmException | IOException e) {
+            Log.write(LoggerType.ERROR, "Could not create MD5 Hash because", e.getLocalizedMessage(), Arrays.toString(e.getStackTrace()));
+        }
+        return DEFAULT_RET;
+    }
+
     public String calculateSHA256(File f) throws NullPointerException {
         if (f == null) {
             Log.write(LoggerType.ERROR, "Could not create calculateSHA256() Hash because of a null file reference");
-            throw new NullPointerException("Apkr could not calculateSHA256() hash for file\n\t" + "\nPossible reason: null file reference.");
+            throw new NullPointerException("Droidefense could not calculateSHA256() hash for file\n\t" + "\nPossible reason: null file reference.");
         }
         try {
             return calculate(f, SHA_256);
@@ -141,7 +186,7 @@ public String calculateSHA256(File f) throws NullPointerException {
     public String calculateSHA256(byte[] data) throws NullPointerException {
         if (data == null) {
             Log.write(LoggerType.ERROR, "Could not create calculateSHA256() Hash because of a null file reference");
-            throw new NullPointerException("Apkr could not calculateSHA256() hash for file\n\t" + "\nPossible reason: null file reference.");
+            throw new NullPointerException("Droidefense could not calculateSHA256() hash for file\n\t" + "\nPossible reason: null file reference.");
         }
         try {
             return calculate(data, SHA_256);
@@ -154,7 +199,7 @@ public String calculateSHA256(byte[] data) throws NullPointerException {
     public String calculateSHA512(File f) throws NullPointerException {
         if (f == null) {
             Log.write(LoggerType.ERROR, "Could not create calculateSHA512() Hash because of a null file reference");
-            throw new NullPointerException("Apkr could not calculateSHA512() hash for file\n\t" + "\nPossible reason: null file reference.");
+            throw new NullPointerException("Droidefense could not calculateSHA512() hash for file\n\t" + "\nPossible reason: null file reference.");
         }
         try {
             return calculate(f, SHA_512);
@@ -163,4 +208,17 @@ public String calculateSHA512(File f) throws NullPointerException {
         }
         return DEFAULT_RET;
     }
+
+    public String calculateSHA512(byte[] data) throws NullPointerException {
+        if (data == null) {
+            Log.write(LoggerType.ERROR, "Could not create calculateSHA512() Hash because of a null file reference");
+            throw new NullPointerException("Droidefense could not calculateSHA512() hash for file\n\t" + "\nPossible reason: null file reference.");
+        }
+        try {
+            return calculate(data, SHA_512);
+        } catch (NoSuchAlgorithmException | IOException e) {
+            Log.write(LoggerType.ERROR, "Could not create SHA512 Hash because", e.getLocalizedMessage(), Arrays.toString(e.getStackTrace()));
+        }
+        return DEFAULT_RET;
+    }
 }

core/src/main/java/droidefense/sdk/helpers/CheckSumGen.java

@@ -188,9 +188,9 @@ public static String getMIME(File fread) {
             return mimeTypesMap.getContentType(fread.getAbsolutePath());
     }
 
-    public static String getFileExtension(File resource) {
-        if (resource.getName().contains(".")) {
-            String[] data = resource.getName().split("\\.");
+    public static String getFileExtension(final String name) {
+        if (name.contains(".")) {
+            String[] data = name.split("\\.");
             String extension = data[data.length - 1];
             return extension.toUpperCase();
         }

core/src/main/java/droidefense/sdk/helpers/Util.java

@@ -122,6 +122,7 @@ public final class DroidefenseProject implements Serializable {
     private transient AbstractFlowMap followCallsMap;
     private MachineLearningResult machineLearningResult;
     private transient boolean headerReaded;
+    private boolean VFS;
     //private transient DexHeaderReader dexHeaderReader;
 
     public DroidefenseProject(final APKFile file) {
@@ -163,6 +164,7 @@ public void analyze(AbstractAndroidAnalysis analyzer) {
         //add this analyzer to used analyzer stack
         usedAnalyzers.add(analyzer);
         analyzer.setApkFile(sourceFile);
+        analyzer.setCurrentProject(this);
         analyzer.analyzeCode();
     }
 
@@ -683,6 +685,10 @@ private void setSummary(String data) {
         summary = data;
     }
 
+    public VirtualFileSystem getVFS() {
+        return this.vfs;
+    }
+
     public void setVFS(VirtualFolder root) {
         this.vfs.add("unpack", root);
     }

core/src/main/java/droidefense/sdk/model/base/DroidefenseProject.java

@@ -1,6 +1,7 @@
 package droidefense.sdk.model.base;
 
 import apkr.external.module.ssdeep.exception.SSDeepException;
+import apkr.external.modules.vfs.model.impl.VirtualFile;
 import droidefense.sdk.helpers.CheckSumGen;
 import droidefense.sdk.helpers.Util;
 
@@ -23,20 +24,47 @@ public HashedFile(String apkPath, boolean generateInformation) {
         this(new File(apkPath), generateInformation);
     }
 
+    public HashedFile(VirtualFile vf, boolean generateInformation) {
+        this.f = new File(vf.getPath());
+        filesize = vf.getContentLength();
+        filename = vf.getName();
+        declaredExtension = Util.getFileExtension(this.filename);
+        if (generateInformation) {
+            if (this.filesize > 0) {
+                beautyFilesize = Util.beautifyFileSize(this.filesize);
+            } else {
+                beautyFilesize = "0 b";
+            }
+
+            //TODO POSSIBLE HASHING BOTTLENECK
+            byte[] data = vf.getContent();
+            crc32 = Util.toHexString(CheckSumGen.getInstance().calculateCRC32(data));
+            md5 = CheckSumGen.getInstance().calculateMD5(data);
+            sha1 = CheckSumGen.getInstance().calculateSHA1(data);
+            sha256 = CheckSumGen.getInstance().calculateSHA256(data);
+            sha512 = CheckSumGen.getInstance().calculateSHA512(data);
+            try {
+                ssdeep = CheckSumGen.getInstance().calculateSSDeep(data);
+            } catch (SSDeepException e) {
+                e.printStackTrace();
+            }
+        }
+    }
+
     public HashedFile(File parent, boolean generateInformation) {
         this.f = parent;
         if (this.f.isFile()) {
             filesize = this.f.length();
             filename = this.f.getName();
-            declaredExtension = Util.getFileExtension(this.f);
+            declaredExtension = Util.getFileExtension(this.filename);
             if (generateInformation) {
                 if (this.filesize > 0) {
                     beautyFilesize = Util.beautifyFileSize(this.filesize);
                 } else {
                     beautyFilesize = "0 b";
                 }
 
-                //TODO HASHING BOTTLENECK
+                //TODO HASHING TIME BOTTLENECK
                 File currentFile = getThisFile();
                 crc32 = Util.toHexString(CheckSumGen.getInstance().calculateCRC32(currentFile));
                 md5 = CheckSumGen.getInstance().calculateMD5(currentFile);