]> git.saurik.com Git - apple/security.git/blob - keychain/ot/tests/octagon/OctagonTests+CKKSConfiguration.swift
projects / apple / security.git / blob
? search:


67e9a8210021bd110ee37ba91c3fba6f3054f6b5
[apple/security.git] / keychain / ot / tests / octagon / OctagonTests+CKKSConfiguration.swift
1 import Foundation
2
3 class OctagonCKKSConfigurationTestsPolicyDisabled: OctagonTestsBase {
4 // Pre-configure some things, so the OctagonTests will only operate on these views
5 override func setUp() {
6 if self.mockDeviceInfo == nil {
7 let actualDeviceAdapter = OTDeviceInformationActualAdapter()
8 self.mockDeviceInfo = OTMockDeviceInfoAdapter(modelID: actualDeviceAdapter.modelID(),
9 deviceName: actualDeviceAdapter.deviceName(),
10 serialNumber: NSUUID().uuidString,
11 osVersion: actualDeviceAdapter.osVersion())
12 }
13
14 // With the policy disabled, we only want to operate on a few zones
15 if self.mockDeviceInfo.mockModelID.contains("AppleTV") {
16 self.intendedCKKSZones = Set([
17 CKRecordZone.ID(zoneName: "LimitedPeersAllowed"),
18 ])
19 } else {
20 self.intendedCKKSZones = Set([
21 CKRecordZone.ID(zoneName: "LimitedPeersAllowed"),
22 CKRecordZone.ID(zoneName: "Manatee"),
23 ])
24 }
25
26 self.setCKKSViewsFromPolicyToNo = true
27
28 super.setUp()
29
30 XCTAssertFalse(self.cuttlefishContext.viewManager!.useCKKSViewsFromPolicy(), "CKKS should not be configured to listen to policy-based views")
31 }
32
33 func testMergedViewListOff() throws {
34 XCTAssertFalse(self.cuttlefishContext.viewManager!.useCKKSViewsFromPolicy(), "CKKS should not be configured to listen to policy-based views")
35
36 self.startCKAccountStatusMock()
37 self.assertResetAndBecomeTrustedInDefaultContext()
38
39 let viewList = self.cuttlefishContext.viewManager!.viewList()
40 #if !os(tvOS)
41 let expected = Set<String>(["Manatee", "LimitedPeersAllowed"])
42 #else
43 let expected = Set<String>(["LimitedPeersAllowed"])
44 #endif
45 XCTAssertEqual(expected, viewList)
46 }
47 }
48
49 class OctagonCKKSConfigurationTestsPolicyEnabled: OctagonTestsBase {
50 override func setUp() {
51
52 if self.mockDeviceInfo == nil {
53 let actualDeviceAdapter = OTDeviceInformationActualAdapter()
54 self.mockDeviceInfo = OTMockDeviceInfoAdapter(modelID: actualDeviceAdapter.modelID(),
55 deviceName: actualDeviceAdapter.deviceName(),
56 serialNumber: NSUUID().uuidString,
57 osVersion: actualDeviceAdapter.osVersion())
58 }
59
60 // Most tests will use a much smaller list of views. But not us! Go wild!
61 if self.mockDeviceInfo.mockModelID.contains("AppleTV") {
62 self.intendedCKKSZones = Set([
63 CKRecordZone.ID(zoneName: "Home"),
64 self.limitedPeersAllowedZoneID!,
65 CKRecordZone.ID(zoneName: "WiFi"),
66 ])
67 } else {
68 self.intendedCKKSZones = Set([
69 CKRecordZone.ID(zoneName: "ApplePay"),
70 CKRecordZone.ID(zoneName: "Applications"),
71 CKRecordZone.ID(zoneName: "AutoUnlock"),
72 // <rdar://problem/57771098> Octagon: create final policy for CKKS4All
73 // CKRecordZone.ID(zoneName: "Backstop"),
74 // <rdar://problem/57810109> Cuttlefish: remove Safari prefix from view names
75 CKRecordZone.ID(zoneName: "SafariCreditCards"),
76 CKRecordZone.ID(zoneName: "DevicePairing"),
77 CKRecordZone.ID(zoneName: "Engram"),
78 CKRecordZone.ID(zoneName: "Health"),
79 CKRecordZone.ID(zoneName: "Home"),
80 CKRecordZone.ID(zoneName: "LimitedPeersAllowed"),
81 CKRecordZone.ID(zoneName: "Manatee"),
82 // <rdar://problem/57810109> Cuttlefish: remove Safari prefix from view names
83 CKRecordZone.ID(zoneName: "SafariPasswords"),
84 CKRecordZone.ID(zoneName: "ProtectedCloudStorage"),
85 CKRecordZone.ID(zoneName: "SecureObjectSync"),
86 CKRecordZone.ID(zoneName: "WiFi"),
87 ])
88 }
89
90 super.setUp()
91 }
92
93 func testMergedViewListOn() throws {
94 XCTAssertTrue(self.cuttlefishContext.viewManager!.useCKKSViewsFromPolicy(), "CKKS should be configured to listen to policy-based views")
95
96 self.startCKAccountStatusMock()
97 self.assertResetAndBecomeTrustedInDefaultContext()
98
99 let viewList = self.cuttlefishContext.viewManager!.viewList()
100
101 #if !os(tvOS)
102 let expected = Set<String>([
103 "ApplePay",
104 "Applications",
105 "AutoUnlock",
106 // <rdar://problem/57771098> Octagon: create final policy for CKKS4All
107 //"Backstop",
108 // <rdar://problem/57810109> Cuttlefish: remove Safari prefix from view names
109 "SafariCreditCards",
110 "DevicePairing",
111 "Engram",
112 "Health",
113 "Home",
114 "LimitedPeersAllowed",
115 "Manatee",
116 // <rdar://problem/57810109> Cuttlefish: remove Safari prefix from view names
117 "SafariPasswords",
118 "ProtectedCloudStorage",
119 "SecureObjectSync",
120 "WiFi",
121 ])
122 #else
123 let expected = Set<String>(["LimitedPeersAllowed",
124 "Home",
125 "WiFi", ])
126 #endif
127 XCTAssertEqual(expected, viewList)
128 }
129
130 func testPolicyResetRPC() throws {
131 XCTAssertTrue(self.cuttlefishContext.viewManager!.useCKKSViewsFromPolicy(), "CKKS should be configured to listen to policy-based views")
132
133 self.startCKAccountStatusMock()
134 self.assertResetAndBecomeTrustedInDefaultContext()
135
136 XCTAssertNotNil(self.injectedManager?.policy, "Should have given CKKS a TPPolicy during initialization")
137 XCTAssertEqual(self.injectedManager?.policy?.version, prevailingPolicyVersion, "Policy given to CKKS should be prevailing policy")
138
139 self.injectedManager!.resetSyncingPolicy()
140 XCTAssertNil(self.injectedManager?.policy, "CKKS policy should be reset (by the test)")
141
142 self.otControl.refetchCKKSPolicy(nil, contextID: self.cuttlefishContext.contextID) { error in
143 XCTAssertNil(error, "Should be no error refetching the CKKS policy")
144 }
145
146 XCTAssertNotNil(self.injectedManager?.policy, "Should have given CKKS a TPPolicy during refetch")
147 XCTAssertEqual(self.injectedManager?.policy?.version, prevailingPolicyVersion, "Policy given to CKKS should be prevailing policy")
148 }
149 }
mirror of Security