From 9111fdf5e6332923a5faf9f8a7e6b428eb91795a Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Thu, 11 Nov 2021 12:02:07 +0100
Subject: detect dummy or short encryption key

---
 src/tests/config/config_samesite_cookies.ini | 2 +-
 src/tests/config/phplog.ini                  | 2 +-
 src/tests/config/sid_length_limit.ini        | 1 +
 src/tests/config/syslog.ini                  | 2 +-
 src/tests/config/syslog_simulation.ini       | 2 +-
 5 files changed, 5 insertions(+), 4 deletions(-)
 create mode 100644 src/tests/config/sid_length_limit.ini

(limited to 'src/tests/config')

diff --git a/src/tests/config/config_samesite_cookies.ini b/src/tests/config/config_samesite_cookies.ini
index 1ca498a..627ff3e 100644
--- a/src/tests/config/config_samesite_cookies.ini
+++ b/src/tests/config/config_samesite_cookies.ini
@@ -1,4 +1,4 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name("super_cookie").samesite("Lax");
 sp.cookie.name("awful_cookie").samesite("strict").encrypt();
 sp.cookie.name("nice_cookie").samesite("STRICT").encrypt();
diff --git a/src/tests/config/phplog.ini b/src/tests/config/phplog.ini
index 4eaa287..7126996 100644
--- a/src/tests/config/phplog.ini
+++ b/src/tests/config/phplog.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable();
 sp.log_media("php");
diff --git a/src/tests/config/sid_length_limit.ini b/src/tests/config/sid_length_limit.ini
new file mode 100644
index 0000000..f6ef335
--- /dev/null
+++ b/src/tests/config/sid_length_limit.ini
@@ -0,0 +1 @@
+sp.session.sid_min_length("10").sid_max_length("32");
\ No newline at end of file
diff --git a/src/tests/config/syslog.ini b/src/tests/config/syslog.ini
index 17dce05..2210975 100644
--- a/src/tests/config/syslog.ini
+++ b/src/tests/config/syslog.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable();
 sp.log_media("syslog");
diff --git a/src/tests/config/syslog_simulation.ini b/src/tests/config/syslog_simulation.ini
index bb52850..4100444 100644
--- a/src/tests/config/syslog_simulation.ini
+++ b/src/tests/config/syslog_simulation.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable().simulation();
 sp.log_media("syslog");
-- 
cgit v1.3