Add a test for iOS

OWASP · Feb 6, 2025 · c50d599 · c50d599
1 parent 185d8b5
commit c50d599
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/tests-beta/ios/MASVS-STORAGE/MASTG-TEST-2043.md b/tests-beta/ios/MASVS-STORAGE/MASTG-TEST-2043.md
@@ -0,0 +1,25 @@
+---
+platform: ios
+title: References to Device-Access-Security Policy APIs
+id: MASTG-TEST-0243
+apis: [LAContext.canEvaluatePolicy, kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly]
+type: [static]
+weakness: MASWE-0008
+best-practices: []
+---
+
+## Overview
+
+This test verifies that an application is running on a device with a set passcode. A set passcode ensures that data on the device is encrypted and access to the device is restricted.
+
+## Steps
+
+1. Run a static analysis tool such as @MASTG-TOOL-0073 on the app binary, or use a dynamic analysis tool like @MASTG-TOOL-0039, and look for uses of `LAContext.canEvaluatePolicy` API.
+
+## Observation
+
+The output should contain a list of locations where relevant APIs are used.
+
+## Evaluation
+
+The test fails if an app doesn't use API that verifies Device-Access-Security Policy.