Report SBOM if enabled

ParetoSecurity · Mar 14, 2024 · 64539fa · 64539fa
1 parent 5cf43c1
commit 64539fa
Show file tree

Hide file tree

Showing 5 changed files with 94 additions and 73 deletions.
diff --git a/Pareto Security.xcodeproj/project.pbxproj b/Pareto Security.xcodeproj/project.pbxproj
@@ -43,6 +43,8 @@
 		4F28A97B2756445900E34F7B /* GoogleChrome.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4F28A9792756445900E34F7B /* GoogleChrome.swift */; };
 		4F28A97D27566D8500E34F7B /* Firefox.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4F28A97C27566D8500E34F7B /* Firefox.swift */; };
 		4F28A97E27566D8500E34F7B /* Firefox.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4F28A97C27566D8500E34F7B /* Firefox.swift */; };
+		4F2E09AD2BA330A80031422E /* Apps.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4F2E09AC2BA330A80031422E /* Apps.swift */; };
+		4F2E09AE2BA330A80031422E /* Apps.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4F2E09AC2BA330A80031422E /* Apps.swift */; };
 		4F343A5F26F7A3D4007D2F7D /* Teams.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4F343A5E26F7A3D4007D2F7D /* Teams.swift */; };
 		4F35395526E8AD4C008F5DD3 /* RemoteManagment.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4F35395426E8AD4B008F5DD3 /* RemoteManagment.swift */; };
 		4F35395726E8AE02008F5DD3 /* RemoteLogin.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4F35395626E8AE02008F5DD3 /* RemoteLogin.swift */; };
@@ -294,6 +296,7 @@
 		4F24A09526EB73F30036F748 /* GeneralSettingsView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = GeneralSettingsView.swift; sourceTree = "<group>"; };
 		4F28A9792756445900E34F7B /* GoogleChrome.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = GoogleChrome.swift; sourceTree = "<group>"; };
 		4F28A97C27566D8500E34F7B /* Firefox.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Firefox.swift; sourceTree = "<group>"; };
+		4F2E09AC2BA330A80031422E /* Apps.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Apps.swift; sourceTree = "<group>"; };
 		4F343A5D26F7A3C8007D2F7D /* API.playground */ = {isa = PBXFileReference; lastKnownFileType = file.playground; path = API.playground; sourceTree = "<group>"; xcLanguageSpecificationIdentifier = xcode.lang.swift; };
 		4F343A5E26F7A3D4007D2F7D /* Teams.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Teams.swift; sourceTree = "<group>"; };
 		4F35395426E8AD4B008F5DD3 /* RemoteManagment.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RemoteManagment.swift; sourceTree = "<group>"; };
@@ -727,6 +730,7 @@
 			children = (
 				4F3EF0A028AEA02800D83F4E /* CustomCheck.swift */,
 				4FFDC5A0282153B50092B7BF /* TimeMachineBackup.swift */,
+				4F2E09AC2BA330A80031422E /* Apps.swift */,
 			);
 			path = Models;
 			sourceTree = "<group>";
@@ -1057,6 +1061,7 @@
 				4F1E6C6528355B2100C8AFAB /* InternetSharing.swift in Sources */,
 				4F74B7D9275114EA00F1FC11 /* Enpass.swift in Sources */,
 				4F3DCFE4274FE4E000F1CB55 /* Cyberduck.swift in Sources */,
+				4F2E09AE2BA330A80031422E /* Apps.swift in Sources */,
 				4F38D8C9273AC5AE00671756 /* IntroView.swift in Sources */,
 				4F9A444D29264FC10095BB6C /* 1Password8.swift in Sources */,
 				4F37E71D2718122E00A2B254 /* Defaults.swift in Sources */,
@@ -1192,6 +1197,7 @@
 				4F1E6C6428355B2100C8AFAB /* InternetSharing.swift in Sources */,
 				4F74B7D8275114EA00F1FC11 /* Enpass.swift in Sources */,
 				4F3DCFE3274FE4E000F1CB55 /* Cyberduck.swift in Sources */,
+				4F2E09AD2BA330A80031422E /* Apps.swift in Sources */,
 				4F38D8C8273AC5AE00671756 /* IntroView.swift in Sources */,
 				4F9A444C29264FC10095BB6C /* 1Password8.swift in Sources */,
 				4F47221026B08A0E0071CE2A /* Defaults.swift in Sources */,

diff --git a/Pareto/Defaults.swift b/Pareto/Defaults.swift
@@ -34,7 +34,7 @@ extension Defaults.Keys {
     static let sendHWInfo = Key<Bool>("sendHWInfo", default: false, suite: extensionDefaults)
     static let lastHWAsk = Key<Int>("lastHWAsk", default: 0, suite: extensionDefaults)
     static let appliedIgnoredChecks = Key<Bool>("appliedIgnoredChecksv1", default: false, suite: extensionDefaults)
-    static let appliedIgnoredChecksIDs = Key<Array<String>>("appliedIgnoredChecksv4", default: [], suite: extensionDefaults)
+    static let appliedIgnoredChecksIDs = Key<[String]>("appliedIgnoredChecksv4", default: [], suite: extensionDefaults)
     // License
     static let license = Key<String>("license", default: "", suite: extensionDefaults)
     static let reportingRole = Key<ReportingRoles>("reportingRole", default: .free, suite: extensionDefaults)

diff --git a/Pareto/Models/Apps.swift b/Pareto/Models/Apps.swift
@@ -0,0 +1,79 @@
+//
+//  Apps.swift
+//  Pareto Security
+//
+//  Created by Janez Troha on 14. 03. 24.
+//
+
+import Foundation
+
+struct PublicApp: Codable {
+    let name: String
+    let bundle: String
+    let version: String
+
+    static var all: [PublicApp] {
+        var detectedApps: [PublicApp] = []
+        let allApps = try! FileManager.default.contentsOfDirectory(at: URL(string: "/Applications")!, includingPropertiesForKeys: [.isApplicationKey])
+        for app in allApps {
+            let plist = PublicApp.readPlistFile(fileURL: app.appendingPathComponent("Contents/Info.plist"))
+            if let appName = plist?["CFBundleName"] as? String,
+               let appBundle = plist?["CFBundleIdentifier"] as? String {
+                let bundleApp = PublicApp(
+                    name: appName,
+                    bundle: appBundle,
+                    version: plist?["CFBundleShortVersionString"] as? String ?? "Unknown"
+                )
+                detectedApps.append(bundleApp)
+            }
+        }
+
+        // user apps
+        let homeDirURL = FileManager.default.homeDirectoryForCurrentUser
+        let localPath = URL(fileURLWithPath: "\(homeDirURL.path)/Applications/")
+        if (try? localPath.checkResourceIsReachable()) ?? false {
+            let userApps = try! FileManager.default.contentsOfDirectory(at: localPath, includingPropertiesForKeys: [.isApplicationKey])
+            for app in userApps {
+                let plist = PublicApp.readPlistFile(fileURL: app.appendingPathComponent("Contents/Info.plist"))
+                if let appName = plist?["CFBundleName"] as? String,
+                   let appBundle = plist?["CFBundleIdentifier"] as? String {
+                    let bundleApp = PublicApp(
+                        name: appName,
+                        bundle: appBundle,
+                        version: plist?["CFBundleShortVersionString"] as? String ?? "Unknown"
+                    )
+                    detectedApps.append(bundleApp)
+                }
+            }
+        }
+
+        return detectedApps
+    }
+
+    static func readPlistFile(fileURL: URL) -> [String: Any]? {
+        guard let data = try? Data(contentsOf: fileURL) else {
+            return nil
+        }
+        guard let result = try? PropertyListSerialization.propertyList(from: data, options: [], format: nil) as? [String: Any] else {
+            return nil
+        }
+        return result
+    }
+
+    static func asJSON() -> String? {
+        var export: [PublicApp] = []
+
+        for app in PublicApp.all.sorted(by: { lha, rha in
+            lha.name.lowercased() < rha.name.lowercased()
+        }) {
+            export.append(app)
+        }
+
+        let jsonEncoder = JSONEncoder()
+        jsonEncoder.outputFormatting = .prettyPrinted
+        let jsonData = try! jsonEncoder.encode(export)
+        guard let json = String(data: jsonData, encoding: String.Encoding.utf8) else { return nil }
+
+        return json
+    }
+}
diff --git a/Pareto/Teams.swift b/Pareto/Teams.swift
@@ -103,6 +103,7 @@ struct Report: Encodable {
     let lastCheck: String
     let significantChange: String
     let state: [String: String]
+    let sbom: [PublicApp]
 
     static func now() -> Report {
         var passed = 0
@@ -135,6 +136,11 @@ struct Report: Encodable {
             }
         }
 
+        var sendSerial = false
+        if Defaults[.sendHWInfo] || AppInfo.TeamSettings.forceSerialPush {
+            sendSerial = true
+        }
+
         return Report(
             passedCount: passed,
             failedCount: failed,
@@ -143,7 +149,8 @@ struct Report: Encodable {
             version: AppInfo.appVersion,
             lastCheck: Date.fromTimeStamp(timeStamp: Defaults[.lastCheck]).as3339String(),
             significantChange: SHA256.hash(data: "\(disabledSeed).\(failedSeed)".data(using: .utf8)!).hexStr,
-            state: checkStates
+            state: checkStates,
+            sbom: sendSerial ? PublicApp.all : []
         )
     }
 }

diff --git a/Pareto/Views/Settings/TeamSettings.swift b/Pareto/Views/Settings/TeamSettings.swift
@@ -8,77 +8,6 @@
 import Defaults
 import SwiftUI
 
-struct PublicApp: Codable {
-    let name: String
-    let bundle: String
-    let version: String
-
-    static var all: [PublicApp] {
-        var detectedApps: [PublicApp] = []
-        let allApps = try! FileManager.default.contentsOfDirectory(at: URL(string: "/Applications")!, includingPropertiesForKeys: [.isApplicationKey])
-        for app in allApps {
-            let plist = PublicApp.readPlistFile(fileURL: app.appendingPathComponent("Contents/Info.plist"))
-            if let appName = plist?["CFBundleName"] as? String,
-               let appBundle = plist?["CFBundleIdentifier"] as? String {
-                let bundleApp = PublicApp(
-                    name: appName,
-                    bundle: appBundle,
-                    version: plist?["CFBundleShortVersionString"] as? String ?? "Unknown"
-                )
-                detectedApps.append(bundleApp)
-            }
-        }
-
-        // user apps
-        let homeDirURL = FileManager.default.homeDirectoryForCurrentUser
-        let localPath = URL(fileURLWithPath: "\(homeDirURL.path)/Applications/")
-        if (try? localPath.checkResourceIsReachable()) ?? false {
-            let userApps = try! FileManager.default.contentsOfDirectory(at: localPath, includingPropertiesForKeys: [.isApplicationKey])
-            for app in userApps {
-                let plist = PublicApp.readPlistFile(fileURL: app.appendingPathComponent("Contents/Info.plist"))
-                if let appName = plist?["CFBundleName"] as? String,
-                   let appBundle = plist?["CFBundleIdentifier"] as? String {
-                    let bundleApp = PublicApp(
-                        name: appName,
-                        bundle: appBundle,
-                        version: plist?["CFBundleShortVersionString"] as? String ?? "Unknown"
-                    )
-                    detectedApps.append(bundleApp)
-                }
-            }
-        }
-
-        return detectedApps
-    }
-
-    static func readPlistFile(fileURL: URL) -> [String: Any]? {
-        guard let data = try? Data(contentsOf: fileURL) else {
-            return nil
-        }
-        guard let result = try? PropertyListSerialization.propertyList(from: data, options: [], format: nil) as? [String: Any] else {
-            return nil
-        }
-        return result
-    }
-
-    static func asJSON() -> String? {
-        var export: [PublicApp] = []
-
-        for app in PublicApp.all.sorted(by: { lha, rha in
-            lha.name.lowercased() < rha.name.lowercased()
-        }) {
-            export.append(app)
-        }
-
-        let jsonEncoder = JSONEncoder()
-        jsonEncoder.outputFormatting = .prettyPrinted
-        let jsonData = try! jsonEncoder.encode(export)
-        guard let json = String(data: jsonData, encoding: String.Encoding.utf8) else { return nil }
-
-        return json
-    }
-}
-
 struct TeamSettingsView: View {
     @StateObject var teamSettings: TeamSettingsUpdater