11 files changed, 288 insertions, 0 deletions

diff --git a/src/tests/session_encryption/config/config_crypt_session.ini b/src/tests/session_encryption/config/config_crypt_session.ini
new file mode 100644
index 0000000..14b0c2c
--- /dev/null
+++ b/src/tests/session_encryption/config/config_crypt_session.ini
@@ -0,0 +1,2 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.session.encrypt();
\ No newline at end of file
diff --git a/src/tests/session_encryption/config/config_crypt_session_simul.ini b/src/tests/session_encryption/config/config_crypt_session_simul.ini
new file mode 100644
index 0000000..fbd43eb
--- /dev/null
+++ b/src/tests/session_encryption/config/config_crypt_session_simul.ini
@@ -0,0 +1,3 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.session.encrypt();
+sp.session.simulation();
\ No newline at end of file
diff --git a/src/tests/session_encryption/crypt_session_corrupted_session.phpt b/src/tests/session_encryption/crypt_session_corrupted_session.phpt
new file mode 100644
index 0000000..5853efd
--- /dev/null
+++ b/src/tests/session_encryption/crypt_session_corrupted_session.phpt
@@ -0,0 +1,30 @@
+--TEST--
+Set a custom session handler
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session.ini
+session.save_path = "/tmp"
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php 
+
+session_start();                        // Start new_session , it will read an empty session
+$_SESSION["tete"] = "titi"; // Encrypt and write the session
+$id = session_id();             // Get the session_id to use it later
+$filename = session_save_path() . '/sess_' . $id;
+session_write_close();
+
+$file_handle = fopen($filename, 'w'); 
+fwrite($file_handle, 'toto|s:4:"tata";');
+fclose($file_handle);
+
+session_id($id);
+session_start();
+var_dump($_SESSION);
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][cookie_encryption] Buffer underflow tentative detected in cookie encryption handling in %s/crypt_session_corrupted_session.php on line %s
diff --git a/src/tests/session_encryption/crypt_session_invalid.phpt b/src/tests/session_encryption/crypt_session_invalid.phpt
new file mode 100644
index 0000000..8a57149
--- /dev/null
+++ b/src/tests/session_encryption/crypt_session_invalid.phpt
@@ -0,0 +1,24 @@
+--TEST--
+SESSION crypt and bad decrypt
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session.ini
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php
+// Do it like that to write (encrypt) the session and then to read (decrypt) the session
+session_start();                        // Start new_session , it will read an empty session
+$_SESSION["toto"] = "tata"; // Encrypt and write the session
+$id = session_id();             // Get the session_id to use it later
+session_write_close();          // Close the session
+putenv("REMOTE_ADDR=127.0.0.2");
+session_id($id);                        // Recover the session with the previous session_id
+session_start();                        // Re start the session, It will read and decrypt the non empty session
+var_dump($_SESSION);            // Dump the session
+?>
+--EXPECTF--
+Warning: [snuffleupagus][cookie_encryption] Something went wrong with the decryption of the session in %s/crypt_session_invalid.php on line %d
diff --git a/src/tests/session_encryption/crypt_session_invalid_simul.phpt b/src/tests/session_encryption/crypt_session_invalid_simul.phpt
new file mode 100644
index 0000000..7bfefcb
--- /dev/null
+++ b/src/tests/session_encryption/crypt_session_invalid_simul.phpt
@@ -0,0 +1,27 @@
+--TEST--
+SESSION crypt and bad decrypt
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session_simul.ini
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php
+// Do it like that to write (encrypt) the session and then to read (decrypt) the session
+session_start();                        // Start new_session , it will read an empty session
+$_SESSION["toto"] = "tata"; // Encrypt and write the session
+$id = session_id();             // Get the session_id to use it later
+session_write_close();          // Close the session
+putenv("REMOTE_ADDR=127.0.0.2");
+session_id($id);                        // Recover the session with the previous session_id
+session_start();                        // Re start the session, It will read and decrypt the non empty session
+var_dump($_SESSION);            // Dump the session
+?>
+--EXPECTF--
+array(1) {
+  ["toto"]=>
+  string(4) "tata"
+}
diff --git a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt
new file mode 100644
index 0000000..f15d8b6
--- /dev/null
+++ b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt
@@ -0,0 +1,33 @@
+--TEST--
+SESSION crypt/decrypt valid
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session_simul.ini
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php
+$current_path = dirname(getcwd()) . "/src/tests/" ;
+ini_set("session.save_path", $current_path);
+
+session_start();
+$id = session_id();                                                                                     // Get the session_id to use it later
+$filename_sess = $current_path . "sess_" . $id;
+file_put_contents($filename_sess, "toto|s:4:\"tata\";");                        // Write a unencrypted session
+session_write_close();                                                                                  // Close the session
+
+session_id($id);
+session_start();                                                                                                // Try to read the unencrypted session, it will fail to decrypt but it must return the session
+var_dump($_SESSION);
+echo "OK";
+unlink($filename_sess);
+?>
+--EXPECTF--
+array(1) {
+  ["toto"]=>
+  string(4) "tata"
+}
+OK
diff --git a/src/tests/session_encryption/crypt_session_valid.phpt b/src/tests/session_encryption/crypt_session_valid.phpt
new file mode 100644
index 0000000..bf9fea0
--- /dev/null
+++ b/src/tests/session_encryption/crypt_session_valid.phpt
@@ -0,0 +1,27 @@
+--TEST--
+SESSION crypt/decrypt valid
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session.ini
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php
+// Do it like that to write (encrypt) the session and then to read (decrypt) the session
+session_start();                        // Start new_session , it will read an empty session
+$_SESSION["toto"] = "tata"; // Encrypt and write the session
+$id = session_id();             // Get the session_id to use it later
+
+session_write_close();          // Close the session
+session_id($id);                        // Recover the session with the previous session_id
+session_start();                        // Re start the session, It will read and decrypt the non empty session
+var_dump($_SESSION);            // Dump the session
+?>
+--EXPECTF--
+array(1) {
+  ["toto"]=>
+  string(4) "tata"
+}
diff --git a/src/tests/session_encryption/crypt_session_valid_simul.phpt b/src/tests/session_encryption/crypt_session_valid_simul.phpt
new file mode 100644
index 0000000..28083cf
--- /dev/null
+++ b/src/tests/session_encryption/crypt_session_valid_simul.phpt
@@ -0,0 +1,27 @@
+--TEST--
+SESSION crypt/decrypt valid
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session_simul.ini
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php
+// Do it like that to write (encrypt) the session and then to read (decrypt) the session
+session_start();                        // Start new_session , it will read an empty session
+$_SESSION["toto"] = "tata"; // Encrypt and write the session
+$id = session_id();             // Get the session_id to use it later
+session_write_close();          // Close the session
+
+session_id($id);                        // Recover the session with the previous session_id
+session_start();                        // Re start the session, It will read and decrypt the non empty session
+var_dump($_SESSION);            // Dump the session
+?>
+--EXPECTF--
+array(1) {
+  ["toto"]=>
+  string(4) "tata"
+}
diff --git a/src/tests/session_encryption/set_custom_session_handler.phpt b/src/tests/session_encryption/set_custom_session_handler.phpt
new file mode 100644
index 0000000..5b46fbc
--- /dev/null
+++ b/src/tests/session_encryption/set_custom_session_handler.phpt
@@ -0,0 +1,72 @@
+--TEST--
+Set a custom session handler
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session.ini
+session.save_path = "/tmp"
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php
+class FileSessionHandler {
+    private $savePath;
+
+    function open($savePath, $sessionName) {
+        $this->savePath = $savePath;
+        if (!is_dir($this->savePath)) {
+            mkdir($this->savePath, 0777);
+        }
+
+        return true;
+    }
+
+    function close() {
+        return true;
+    }
+
+    function read($id) {
+        return (string)@file_get_contents("$this->savePath/sess_$id");
+    }
+
+    function write($id, $data) {
+        return file_put_contents("$this->savePath/sess_$id", $data) === false ? false : true;
+    }
+
+    function destroy($id) {
+        $file = "$this->savePath/sess_$id";
+        if (file_exists($file)) {
+            unlink($file);
+        }
+
+        return true;
+    }
+
+    function gc($maxlifetime) {
+        foreach (glob("$this->savePath/sess_*") as $file) {
+            if (filemtime($file) + $maxlifetime < time() && file_exists($file)) {
+                unlink($file);
+            }
+        }
+        return true;
+    }
+}
+
+$handler = new FileSessionHandler();
+session_set_save_handler(
+    array($handler, 'open'),
+    array($handler, 'close'),
+    array($handler, 'read'),
+    array($handler, 'write'),
+    array($handler, 'destroy'),
+    array($handler, 'gc')
+    );
+
+// the following prevents unexpected effects when using objects as save handlers
+register_shutdown_function('session_write_close');
+
+session_start();
+// proceed to set and retrieve values by key from $_SESSION
+--EXPECTF--
diff --git a/src/tests/session_encryption/set_custom_session_handler2.phpt b/src/tests/session_encryption/set_custom_session_handler2.phpt
new file mode 100644
index 0000000..18bc3f7
--- /dev/null
+++ b/src/tests/session_encryption/set_custom_session_handler2.phpt
@@ -0,0 +1,26 @@
+--TEST--
+Set a custom session handler, twice
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session.ini
+session.save_path = "/tmp"
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php
+session_set_save_handler(new SessionHandler(), true);
+session_start();
+$_SESSION['a'] = 'b';
+#var_dump($_SESSION);
+session_destroy();
+session_set_save_handler(new SessionHandler(), true);
+session_start();
+$_SESSION['a'] = 'b';
+var_dump($_SESSION);
+session_destroy();
+?>
+--EXPECTF--
+%a
diff --git a/src/tests/session_encryption/set_custom_session_handler_ini.phpt b/src/tests/session_encryption/set_custom_session_handler_ini.phpt
new file mode 100644
index 0000000..7ed56d6
--- /dev/null
+++ b/src/tests/session_encryption/set_custom_session_handler_ini.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Set a custom session handler
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_crypt_session.ini
+session.save_handler = 
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+EOF;
+--FILE--
+<?php 
+echo "win";
+?>
+--EXPECT--
+win