From a405a6b3030b20a9460fa9f9d2e0c64a9ffcb8a4 Mon Sep 17 00:00:00 2001
From: nganhkhoa <mail.nganhkhoa@gmail.com>
Date: Sun, 18 Aug 2024 09:10:24 +0700
Subject: [PATCH] zip recognize

---
 bin/detect.ml          | 21 +++++++++++++++++++--
 lib/archive/archive.ml | 25 +++++++++++++++++++++++++
 lib/archive/cpio.ml    |  1 +
 lib/archive/xz.ml      |  2 ++
 lib/archive/zip.ml     |  5 ++++-
 5 files changed, 51 insertions(+), 3 deletions(-)
 create mode 100644 lib/archive/archive.ml
 create mode 100644 lib/archive/cpio.ml
 create mode 100644 lib/archive/xz.ml

diff --git a/bin/detect.ml b/bin/detect.ml
index dfa8dc8..0586307 100644
--- a/bin/detect.ml
+++ b/bin/detect.ml
@@ -3,8 +3,25 @@
     detect a given file for formats or ISA
     *)
 
+open Firmex
+
 open Printf
 
-let runner isa file =
-  printf "Detect file isa=%b %s\n" isa file
+let try_unarchive (archive : Archive.t) : unit =
+  printf "archive file=%s type=%s" archive.file archive.typ
 
+let try_detect file =
+  printf "detect file %s" file
+
+let runner isa file =
+  if isa then
+    ()
+  else
+    (* assume file exists *)
+    (* check if file is an archive, else try analyze as a firmware
+       for now, let's use binwalk result
+       in the future, finding for signatures inside the file
+       *)
+    match Archive.from file with
+    | Some archive -> try_unarchive archive
+    | None -> try_detect file
diff --git a/lib/archive/archive.ml b/lib/archive/archive.ml
new file mode 100644
index 0000000..655ac31
--- /dev/null
+++ b/lib/archive/archive.ml
@@ -0,0 +1,25 @@
+(** Base archive utitlities *)
+
+module Zip = Zip
+module Xz = Xz
+module Cpio = Cpio
+
+type t = { file : string; typ : string }
+
+let is_signature infile signature =
+  (* assume infile pos is 0 *)
+  let accumulator acc s =
+    match In_channel.input_char infile with
+    | None -> false
+    | Some c -> s == c && acc
+  in
+  Bytes.fold_left accumulator true signature
+
+(** matching common archive signatures *)
+let from file =
+  let infile = In_channel.open_bin file in
+  (* support for zip file for now *)
+  if is_signature infile Zip.signature then
+    Some { file = file; typ = "zip"; }
+  else
+    None
diff --git a/lib/archive/cpio.ml b/lib/archive/cpio.ml
new file mode 100644
index 0000000..7965ec1
--- /dev/null
+++ b/lib/archive/cpio.ml
@@ -0,0 +1 @@
+  let signature = Bytes.of_string "\x30\x37\x30\x37\x30\x37"
diff --git a/lib/archive/xz.ml b/lib/archive/xz.ml
new file mode 100644
index 0000000..2f7cbae
--- /dev/null
+++ b/lib/archive/xz.ml
@@ -0,0 +1,2 @@
+(* this signature is the stream header signature *)
+let signature = Bytes.of_string "\xFD\x37\x7A\x58\x5A\x00"
diff --git a/lib/archive/zip.ml b/lib/archive/zip.ml
index ed9a469..01fe327 100644
--- a/lib/archive/zip.ml
+++ b/lib/archive/zip.ml
@@ -10,5 +10,8 @@
     which has been deprecated or AES
     *)
 
-let signature = Bytes.of_string "PK\x00\x00"
+type t = { file : string; typ : string }
 
+let signature = Bytes.of_string "PK\x03\x04"
+
+let from file = { file = file; typ = "zip" }