mirror of
https://github.com/google/santa.git
synced 2026-01-22 12:38:06 -05:00
104 lines
3.2 KiB
Objective-C
104 lines
3.2 KiB
Objective-C
/// Copyright 2015 Google Inc. All rights reserved.
|
|
///
|
|
/// Licensed under the Apache License, Version 2.0 (the "License");
|
|
/// you may not use this file except in compliance with the License.
|
|
/// You may obtain a copy of the License at
|
|
///
|
|
/// http://www.apache.org/licenses/LICENSE-2.0
|
|
///
|
|
/// Unless required by applicable law or agreed to in writing, software
|
|
/// distributed under the License is distributed on an "AS IS" BASIS,
|
|
/// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
/// See the License for the specific language governing permissions and
|
|
/// limitations under the License.
|
|
|
|
#import <XCTest/XCTest.h>
|
|
|
|
#import "SNTCertificate.h"
|
|
#import "SNTCodesignChecker.h"
|
|
|
|
/**
|
|
Tests for @c SNTCodesignChecker
|
|
|
|
Most of these tests rely on some facts about @c launchd:
|
|
|
|
* launchd is in /sbin
|
|
* launchd is PID 1
|
|
* launchd is signed
|
|
* launchd's leaf cert has a CN of "Software Signing"
|
|
* launchd's leaf cert has an OU of "Apple Software"
|
|
* launchd's leaf cert has an ON of "Apple Inc."
|
|
|
|
These facts are pretty stable, so shouldn't be a problem.
|
|
**/
|
|
@interface SNTCodesignCheckerTest : XCTestCase
|
|
@end
|
|
|
|
@implementation SNTCodesignCheckerTest
|
|
|
|
- (void)testInitWithBinaryPath {
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithBinaryPath:@"/sbin/launchd"];
|
|
XCTAssertNotNil(sut);
|
|
}
|
|
|
|
- (void)testInitWithInvalidBinaryPath {
|
|
SNTCodesignChecker *sut =
|
|
[[SNTCodesignChecker alloc] initWithBinaryPath:@"/tmp/this/file/doesnt/exist"];
|
|
XCTAssertNil(sut);
|
|
}
|
|
|
|
- (void)testInitWithPID {
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithPID:1];
|
|
XCTAssertNotNil(sut);
|
|
}
|
|
|
|
- (void)testInitWithInvalidPID {
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithPID:999999999];
|
|
XCTAssertNil(sut);
|
|
}
|
|
|
|
- (void)testInitWithSelf {
|
|
// n.b: 'self' in this case is xctest, which should always be signed.
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithSelf];
|
|
XCTAssertNotNil(sut);
|
|
}
|
|
|
|
- (void)testPlainInit {
|
|
XCTAssertThrows([[SNTCodesignChecker alloc] init]);
|
|
}
|
|
|
|
- (void)testDescription {
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithPID:1];
|
|
XCTAssertEqualObjects([sut description],
|
|
@"In-memory binary, signed by Apple Inc., located at: /sbin/launchd");
|
|
}
|
|
|
|
- (void)testLeafCertificate {
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithPID:1];
|
|
XCTAssertNotNil(sut.leafCertificate);
|
|
}
|
|
|
|
- (void)testBinaryPath {
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithPID:1];
|
|
XCTAssertEqualObjects(sut.binaryPath, @"/sbin/launchd");
|
|
}
|
|
|
|
- (void)testSigningInformationMatches {
|
|
SNTCodesignChecker *sut1 = [[SNTCodesignChecker alloc] initWithBinaryPath:@"/sbin/launchd"];
|
|
SNTCodesignChecker *sut2 = [[SNTCodesignChecker alloc] initWithPID:1];
|
|
XCTAssertTrue([sut1 signingInformationMatches:sut2]);
|
|
}
|
|
|
|
- (void)testCodeRef {
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithSelf];
|
|
XCTAssertNotNil((id)sut.codeRef);
|
|
}
|
|
|
|
- (void)testSigningInformation {
|
|
SNTCodesignChecker *sut = [[SNTCodesignChecker alloc] initWithPID:1];
|
|
XCTAssertNotNil(sut.signingInformation);
|
|
XCTAssertEqualObjects(sut.signingInformation[@"source"], @"embedded");
|
|
}
|
|
|
|
@end
|