From 59a9138a3ac546e2ae707b447f1b4ad977ff6eed Mon Sep 17 00:00:00 2001
From: Cyrille Bagard <nocbos@gmail.com>
Date: Sun, 3 Nov 2024 13:09:36 +0100
Subject: Define a function to compute entropy.

---
 src/common/Makefile.am |  1 +
 src/common/entropy.c   | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++
 src/common/entropy.h   | 37 +++++++++++++++++++++++
 3 files changed, 120 insertions(+)
 create mode 100644 src/common/entropy.c
 create mode 100644 src/common/entropy.h

diff --git a/src/common/Makefile.am b/src/common/Makefile.am
index 7f0fe4e..7925b66 100644
--- a/src/common/Makefile.am
+++ b/src/common/Makefile.am
@@ -52,6 +52,7 @@ libcommon4_la_SOURCES =						\
 	compiler.h								\
 	datatypes.h								\
 	dllist.h dllist.c						\
+	entropy.h entropy.c						\
 	environment.h environment.c				\
 	extstr.h extstr.c						\
 	fnv1a.h fnv1a.c							\
diff --git a/src/common/entropy.c b/src/common/entropy.c
new file mode 100644
index 0000000..1f3adfa
--- /dev/null
+++ b/src/common/entropy.c
@@ -0,0 +1,82 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * entropy.c - calcul de l'entropie d'un contenu binaire
+ *
+ * Copyright (C) 2024 Cyrille Bagard
+ *
+ *  This file is part of Chrysalide.
+ *
+ *  Chrysalide is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  Chrysalide is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with Chrysalide.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "entropy.h"
+
+
+#include <math.h>
+#include <string.h>
+
+
+
+/******************************************************************************
+*                                                                             *
+*  Paramètres  : data = séquence d'octets à traiter.                          *
+*                len  = quantité de ces octets.                               *
+*                                                                             *
+*  Description : Détermine l'entropie d'un contenu binaire.                   *
+*                                                                             *
+*  Retour      : Valeur d'entropie du contenu fourni.                         *
+*                                                                             *
+*  Remarques   : -                                                            *
+*                                                                             *
+******************************************************************************/
+
+double compute_entropy(const bin_t *data, size_t len)
+{
+    double result;                          /* Valeur calculée à renvoyer  */
+    unsigned long counters[256];            /* Décompte des valeurs        */
+    const bin_t *d_max;                     /* Borne de fin de parcours #1 */
+    const bin_t *d_iter;                    /* Boucle de parcours #1       */
+    double log_2;
+    unsigned long *c_max;                   /* Borne de fin de parcours #2 */
+    unsigned long *c_iter;                  /* Boucle de parcours #2       */
+    double freq;                            /* Fréquence liée à une valeur */
+
+    result = 0.0;
+
+    memset(counters, 0, sizeof(counters));
+
+    d_max = data + len;
+
+    for (d_iter = data; d_iter < d_max; d_iter++)
+        counters[*d_iter]++;
+
+    log_2 = log(256.0);
+
+    c_max = counters + 256;
+
+    for (c_iter = counters; c_iter < c_max; c_iter++)
+    {
+        if (*c_iter == 0lu)
+            continue;
+
+        freq = ((double)*c_iter) / ((double)len);
+
+        result -= freq * (log(freq) / log_2);
+
+    }
+
+    return result;
+
+}
diff --git a/src/common/entropy.h b/src/common/entropy.h
new file mode 100644
index 0000000..f747149
--- /dev/null
+++ b/src/common/entropy.h
@@ -0,0 +1,37 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * entropy.h - prototypes pour le calcul de l'entropie d'un contenu binaire
+ *
+ * Copyright (C) 2024 Cyrille Bagard
+ *
+ *  This file is part of Chrysalide.
+ *
+ *  Chrysalide is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  Chrysalide is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with Chrysalide.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _COMMON_ENTROPY_H
+#define _COMMON_ENTROPY_H
+
+
+#include "../arch/archbase.h"
+
+
+
+/* Détermine l'entropie d'un contenu binaire. */
+double compute_entropy(const bin_t *, size_t);
+
+
+
+#endif  /* _COMMON_ENTROPY_H */
-- 
cgit v0.11.2-87-g4458