Sync latest changes from Santa

google · Oct 9, 2015 · f0b27c3 · f0b27c3
1 parent 5eefa42
commit f0b27c3
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 4 deletions.
diff --git a/Source/MOLCertificate.h b/Source/MOLCertificate.h
@@ -92,6 +92,16 @@
 ///
 @property(readonly, nonatomic) NSString *orgUnit;
 
+///
+///  Is this cert a CA?
+///
+@property(readonly, nonatomic) BOOL isCA;
+
+///
+///  The cert serial number
+///
+@property(readonly, nonatomic) NSString *serialNumber;
+
 ///
 ///  Issuer details, same fields as above.
 ///

diff --git a/Source/MOLCertificate.m b/Source/MOLCertificate.m
@@ -357,5 +357,19 @@ - (NSString *)issuerOrgUnit {
   }];
 }
 
+- (BOOL)isCA {
+  return [[self memoizedSelector:_cmd forBlock:^id{
+    NSDictionary *dict = [self allCertificateValues][(__bridge NSString *)kSecOIDBasicConstraints];
+    return [self x509ValueForLabel:@"Certificate Authority"
+                    fromDictionary:dict];
+  }] isEqual:@"Yes"];
+}
+
+- (NSString *)serialNumber {
+  return [self memoizedSelector:_cmd forBlock:^id{
+    NSDictionary *dict = [self allCertificateValues][(__bridge NSString *)kSecOIDX509V1SerialNumber];
+    return dict[(__bridge NSString *)kSecPropertyKeyValue];
+  }];
+}
 
 @end
diff --git a/Tests/MOLCertificateTest.m b/Tests/MOLCertificateTest.m
@@ -106,8 +106,10 @@ - (void)testInitWithValidPEM {
   XCTAssertEqualObjects(sut.SHA1, @"d83c1a7f4d0446bb2081b81a1670f8183451ca24");
   XCTAssertEqualObjects(sut.SHA256,
       @"a047a37fa2d2e118a4f5095fe074d6cfe0e352425a7632bf8659c03919a6c81d");
-  XCTAssertEqualObjects(sut.validFrom, [NSDate dateWithTimeIntervalSince1970:1365174955]);
-  XCTAssertEqualObjects(sut.validUntil, [NSDate dateWithTimeIntervalSince1970:1428160555]);
+  XCTAssertEqualObjects(sut.validFrom, [NSDate dateWithString:@"2013-04-05 15:15:55 +0000"]);
+  XCTAssertEqualObjects(sut.validUntil, [NSDate dateWithString:@"2015-04-04 15:15:55 +0000"]);
+  XCTAssertTrue(sut.isCA);
+  XCTAssertEqualObjects(sut.serialNumber, @"146025");
 
   sut = [[MOLCertificate alloc] initWithCertificateDataPEM:self.testDataPEM2];
   XCTAssertNotNil(sut);
@@ -120,8 +122,10 @@ - (void)testInitWithValidPEM {
   XCTAssertEqualObjects(sut.SHA1, @"96df534f6f4306ca474d9078fc346b20f856f0d4");
   XCTAssertEqualObjects(sut.SHA256,
       @"129d39ff4384197dc2bcbe1a83a69b3405b7df33254b1b1ee29a23847a23555a");
-  XCTAssertEqualObjects(sut.validFrom, [NSDate dateWithTimeIntervalSince1970:1384387200]);
-  XCTAssertEqualObjects(sut.validUntil, [NSDate dateWithTimeIntervalSince1970:1447545599]);
+  XCTAssertEqualObjects(sut.validFrom, [NSDate dateWithString:@"2013-11-14 00:00:00 +0000"]);
+  XCTAssertEqualObjects(sut.validUntil, [NSDate dateWithString:@"2015-11-14 23:59:59 +0000"]);
+  XCTAssertFalse(sut.isCA);
+  XCTAssertEqualObjects(sut.serialNumber, @"5E FA 67 0E 99 E4 AB 88 E0 F2 0B 33 86 7B 78 4D");
 }
 
 - (void)testInitWithValidPEMAfterKey {