Add TLS reports capabilities

This commit is contained in:
2026-06-23 11:49:58 -03:00
parent 5c1dc95c36
commit f4ae9f8532
20 changed files with 1158 additions and 75 deletions
+25 -1
View File
@@ -13,6 +13,10 @@ def _xml() -> bytes:
return Path("tests/fixtures/sample_dmarc.xml").read_bytes()
def _json() -> bytes:
return Path("tests/fixtures/sample_tlsrpt.json").read_bytes()
def test_gzip_attachment_extraction():
gz = gzip.compress(_xml())
reports = extract_payload("report.xml.gz", "application/octet-stream", gz, 20)
@@ -22,6 +26,16 @@ def test_gzip_attachment_extraction():
assert len(reports[0].sha256) == 64
def test_json_gzip_attachment_extraction():
gz = gzip.compress(_json())
reports = extract_payload("report.json.gz", "application/octet-stream", gz, 20)
assert len(reports) == 1
assert reports[0].filename == "report.json"
assert reports[0].payload.startswith(b"{")
assert len(reports[0].sha256) == 64
def test_zip_attachment_extraction_rejects_traversal():
buf = io.BytesIO()
with zipfile.ZipFile(buf, "w") as archive:
@@ -47,7 +61,17 @@ def test_zip_attachment_extraction_caps_reports_per_archive():
archive.writestr("one.xml", _xml())
archive.writestr("two.xml", _xml())
with pytest.raises(AttachmentExtractionError, match="archive XML report limit"):
with pytest.raises(AttachmentExtractionError, match="archive report limit"):
extract_payload("reports.zip", "application/zip", buf.getvalue(), 20, max_reports_per_archive=1)
def test_zip_attachment_extraction_caps_json_reports_per_archive():
buf = io.BytesIO()
with zipfile.ZipFile(buf, "w") as archive:
archive.writestr("one.json", _json())
archive.writestr("two.json", _json())
with pytest.raises(AttachmentExtractionError, match="archive report limit"):
extract_payload("reports.zip", "application/zip", buf.getvalue(), 20, max_reports_per_archive=1)