From 0b7e8c3bfe82ae650c0b625f32ae42e592b6e7cd Mon Sep 17 00:00:00 2001
From: Florian Sonnenschein <florian.sonnenschein@grandcentrix.net>
Date: Mon, 11 Mar 2024 10:25:46 +0100
Subject: [PATCH] Added CRYP-7932 to determine if the system has enabled macOS
 FileVault.

---
 include/tests_crypto | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/include/tests_crypto b/include/tests_crypto
index a643b6c0..b7279163 100644
--- a/include/tests_crypto
+++ b/include/tests_crypto
@@ -217,6 +217,27 @@
     fi
 #
 #################################################################################
+#
+    # Test        : CRYP-7932
+    # Description : Determine if system has enabled macOS FileVault encryption
+    Register --test-no CRYP-7932 --os macOS --weight L --network NO --category crypto --description "Determine if system has enabled macOS FileVault encryption"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        filevault_status=$(fdesetup status)
+
+        case "$filevault_status" in
+            *"FileVault is On."*)
+                LogText "Result: FileVault is enabled."
+                Display --indent 2 --text "- FileVault is enabled." --result "${STATUS_OK}" --color GREEN
+                Report "encryption[]=filevault"
+                ;;
+            *)
+                LogText "Result: FileVault is not enabled."
+                Display --indent 2 --text "- FileVault is not enabled." --result "${STATUS_WARNING}" --color RED
+                ;;
+        esac
+    fi
+#
+#################################################################################
 #
     # Test        : CRYP-8002
     # Description : Gather available kernel entropy