libmagic-rs 0.5.0

A pure-Rust implementation of libmagic for file type identification
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334

// Copyright (c) 2025-2026 the libmagic-rs contributors
// SPDX-License-Identifier: Apache-2.0

//! Tag extraction for file type classification
//!
//! This module extracts classification tags from file type descriptions
//! to enable categorization and filtering of detected file types.

use std::collections::HashSet;

/// Tag extractor for file type classification
///
/// Extracts classification tags from file descriptions based on
/// a configurable set of keywords.
///
/// # Examples
///
/// ```
/// use libmagic_rs::tags::TagExtractor;
///
/// let extractor = TagExtractor::new();
/// let tags = extractor.extract_tags("ELF 64-bit executable");
/// assert!(tags.contains(&"executable".to_string()));
///
/// let tags = extractor.extract_tags("Zip archive data, compressed");
/// assert!(tags.contains(&"archive".to_string()));
/// assert!(tags.contains(&"compressed".to_string()));
/// ```
#[derive(Debug, Clone)]
pub struct TagExtractor {
    /// Set of keywords to look for in descriptions
    keywords: HashSet<String>,
}

impl Default for TagExtractor {
    fn default() -> Self {
        Self::new()
    }
}

impl TagExtractor {
    /// Create a new tag extractor with default keywords
    ///
    /// Default keywords include common file type classifications:
    /// - executable, archive, image, video, audio
    /// - document, compressed, encrypted, text, binary
    /// - data, script, font, database, spreadsheet
    #[must_use]
    pub fn new() -> Self {
        let keywords: HashSet<String> = [
            "executable",
            "archive",
            "image",
            "video",
            "audio",
            "document",
            "compressed",
            "encrypted",
            "text",
            "binary",
            "data",
            "script",
            "font",
            "database",
            "spreadsheet",
            "presentation",
        ]
        .iter()
        .map(|s| (*s).to_string())
        .collect();

        Self { keywords }
    }

    /// Create a tag extractor with custom keywords
    ///
    /// # Arguments
    ///
    /// * `keywords` - Iterator of keyword strings to use for tag extraction
    ///
    /// # Examples
    ///
    /// ```
    /// use libmagic_rs::tags::TagExtractor;
    ///
    /// let extractor = TagExtractor::with_keywords(vec!["custom", "tags"]);
    /// let tags = extractor.extract_tags("This has custom content");
    /// assert!(tags.contains(&"custom".to_string()));
    /// ```
    pub fn with_keywords<I, S>(keywords: I) -> Self
    where
        I: IntoIterator<Item = S>,
        S: Into<String>,
    {
        let keywords = keywords
            .into_iter()
            .map(|s| s.into().to_lowercase())
            .collect();
        Self { keywords }
    }

    /// Extract tags from a file description
    ///
    /// Performs case-insensitive matching against the keyword set.
    /// Returns a sorted vector of unique matching tags.
    ///
    /// # Arguments
    ///
    /// * `description` - The file type description to extract tags from
    ///
    /// # Returns
    ///
    /// A vector of matching tag strings, sorted alphabetically.
    ///
    /// # Examples
    ///
    /// ```
    /// use libmagic_rs::tags::TagExtractor;
    ///
    /// let extractor = TagExtractor::new();
    ///
    /// // Single tag extraction
    /// let tags = extractor.extract_tags("PNG image, 800x600");
    /// assert_eq!(tags, vec!["image".to_string()]);
    ///
    /// // Multiple tags
    /// let tags = extractor.extract_tags("Zip archive, encrypted and compressed");
    /// assert!(tags.contains(&"archive".to_string()));
    /// assert!(tags.contains(&"encrypted".to_string()));
    /// assert!(tags.contains(&"compressed".to_string()));
    /// ```
    #[must_use]
    pub fn extract_tags(&self, description: &str) -> Vec<String> {
        let lower = description.to_lowercase();

        let mut tags: Vec<String> = self
            .keywords
            .iter()
            .filter(|keyword| lower.contains(keyword.as_str()))
            .cloned()
            .collect();

        tags.sort();
        tags
    }

    /// Extract rule path tags from match messages
    ///
    /// Normalizes match messages into tag-like identifiers by:
    /// - Converting to lowercase
    /// - Replacing spaces with hyphens
    /// - Removing special characters
    ///
    /// # Arguments
    ///
    /// * `messages` - Iterator of match messages to convert
    ///
    /// # Returns
    ///
    /// A vector of normalized tag strings.
    ///
    /// # Examples
    ///
    /// ```
    /// use libmagic_rs::tags::TagExtractor;
    ///
    /// let extractor = TagExtractor::new();
    /// let messages = vec!["ELF magic", "64-bit LSB", "executable"];
    /// let tags = extractor.extract_rule_path(messages.iter().map(|s| *s));
    /// assert_eq!(tags, vec!["elf-magic", "64-bit-lsb", "executable"]);
    /// ```
    pub fn extract_rule_path<'a, I>(&self, messages: I) -> Vec<String>
    where
        I: IntoIterator<Item = &'a str>,
    {
        messages
            .into_iter()
            .map(|msg| {
                msg.to_lowercase()
                    .replace(' ', "-")
                    .chars()
                    .filter(|c| c.is_alphanumeric() || *c == '-')
                    .collect()
            })
            .collect()
    }

    /// Get the number of configured keywords
    #[must_use]
    pub fn keyword_count(&self) -> usize {
        self.keywords.len()
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_new_extractor_has_keywords() {
        let extractor = TagExtractor::new();
        assert!(extractor.keyword_count() > 10);
    }

    #[test]
    fn test_extract_executable_tag() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("ELF 64-bit executable");
        assert!(tags.contains(&"executable".to_string()));
    }

    #[test]
    fn test_extract_image_tag() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("PNG image data, 800x600");
        assert!(tags.contains(&"image".to_string()));
    }

    #[test]
    fn test_extract_archive_tag() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("Zip archive data");
        assert!(tags.contains(&"archive".to_string()));
    }

    #[test]
    fn test_extract_multiple_tags() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("Zip archive, encrypted and compressed");
        assert!(tags.contains(&"archive".to_string()));
        assert!(tags.contains(&"encrypted".to_string()));
        assert!(tags.contains(&"compressed".to_string()));
    }

    #[test]
    fn test_case_insensitive() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("EXECUTABLE file");
        assert!(tags.contains(&"executable".to_string()));
    }

    #[test]
    fn test_no_tags_found() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("unknown format");
        assert!(tags.is_empty());
    }

    #[test]
    fn test_tags_are_sorted() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("compressed archive with encrypted data");
        assert_eq!(
            tags,
            vec![
                "archive".to_string(),
                "compressed".to_string(),
                "data".to_string(),
                "encrypted".to_string()
            ]
        );
    }

    #[test]
    fn test_custom_keywords() {
        let extractor = TagExtractor::with_keywords(vec!["custom", "special"]);
        let tags = extractor.extract_tags("This is a custom file with special content");
        assert!(tags.contains(&"custom".to_string()));
        assert!(tags.contains(&"special".to_string()));
        assert!(!tags.contains(&"executable".to_string())); // Not in custom set
    }

    #[test]
    fn test_with_keywords_lowercases_input() {
        // Keywords should be lowercased for case-insensitive matching
        let extractor = TagExtractor::with_keywords(vec!["Executable", "ARCHIVE"]);
        // Should match lowercase version in description
        let tags = extractor.extract_tags("executable file in archive");
        assert!(tags.contains(&"executable".to_string()));
        assert!(tags.contains(&"archive".to_string()));
    }

    #[test]
    fn test_extract_rule_path() {
        let extractor = TagExtractor::new();
        let messages = ["ELF magic", "64-bit LSB", "executable"];
        let tags = extractor.extract_rule_path(messages.iter().copied());
        assert_eq!(tags, vec!["elf-magic", "64-bit-lsb", "executable"]);
    }

    #[test]
    fn test_extract_rule_path_removes_special_chars() {
        let extractor = TagExtractor::new();
        let messages = ["File (version 1.0)", "Data: test!"];
        let tags = extractor.extract_rule_path(messages.iter().copied());
        assert_eq!(tags, vec!["file-version-10", "data-test"]);
    }

    #[test]
    fn test_default_trait() {
        let extractor = TagExtractor::default();
        assert!(extractor.keyword_count() > 0);
    }

    #[test]
    fn test_video_tag() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("MPEG video stream");
        assert!(tags.contains(&"video".to_string()));
    }

    #[test]
    fn test_audio_tag() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("FLAC audio bitstream data");
        assert!(tags.contains(&"audio".to_string()));
    }

    #[test]
    fn test_document_tag() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("PDF document, version 1.4");
        assert!(tags.contains(&"document".to_string()));
    }

    #[test]
    fn test_script_tag() {
        let extractor = TagExtractor::new();
        let tags = extractor.extract_tags("Python script, ASCII text executable");
        assert!(tags.contains(&"script".to_string()));
        assert!(tags.contains(&"text".to_string()));
        assert!(tags.contains(&"executable".to_string()));
    }
}