From 8c749e981bd7b1a362bf97e7a56981eec90d614a Mon Sep 17 00:00:00 2001
From: Jenny Tam <v-yitam@microsoft.com>
Date: Wed, 23 Aug 2017 13:04:37 -0700
Subject: [PATCH] added tests for basic error handling

---
 source/shared/core_conn.cpp                   |   5 +-
 test/functional/pdo_sqlsrv/AE_Ksp.inc         |  25 +++
 .../pdo_connect_encrypted_ksp_errors.phpt     | 100 ++++++++++++
 test/functional/sqlsrv/AE_Ksp.inc             |  25 +++
 .../sqlsrv_connect_encrypted_ksp_errors.phpt  | 150 ++++++++++++++++++
 5 files changed, 303 insertions(+), 2 deletions(-)
 create mode 100644 test/functional/pdo_sqlsrv/AE_Ksp.inc
 create mode 100644 test/functional/pdo_sqlsrv/pdo_connect_encrypted_ksp_errors.phpt
 create mode 100644 test/functional/sqlsrv/AE_Ksp.inc
 create mode 100644 test/functional/sqlsrv/sqlsrv_connect_encrypted_ksp_errors.phpt

diff --git a/source/shared/core_conn.cpp b/source/shared/core_conn.cpp
index eae1d427..93a7e8c9 100644
--- a/source/shared/core_conn.cpp
+++ b/source/shared/core_conn.cpp
@@ -835,8 +835,9 @@ void load_configure_ksp( _Inout_ sqlsrv_conn* conn TSRMLS_DC )
     char* encrypt_key = Z_STRVAL_P( conn->ce_option.ksp_encrypt_key );    
     memcpy_s( pKsd->data, key_size * sizeof( char ) , encrypt_key, key_size );
 
-    core::SQLSetConnectAttr( conn, SQL_COPT_SS_CEKEYSTOREPROVIDER, ksp_path, SQL_NTS );
-    core::SQLSetConnectAttr( conn, SQL_COPT_SS_CEKEYSTOREDATA, reinterpret_cast<SQLPOINTER>( pKsd ), SQL_IS_POINTER );
+    // Will uncomment these two lines when it's ready to test with a real custom keystore provider
+    // core::SQLSetConnectAttr( conn, SQL_COPT_SS_CEKEYSTOREPROVIDER, ksp_path, SQL_NTS );
+    // core::SQLSetConnectAttr( conn, SQL_COPT_SS_CEKEYSTOREDATA, reinterpret_cast<SQLPOINTER>( pKsd ), SQL_IS_POINTER );
 }
 
 void common_conn_str_append_func( const char* odbc_name, const char* val, size_t val_len, std::string& conn_str TSRMLS_DC )
diff --git a/test/functional/pdo_sqlsrv/AE_Ksp.inc b/test/functional/pdo_sqlsrv/AE_Ksp.inc
new file mode 100644
index 00000000..fb24a483
--- /dev/null
+++ b/test/functional/pdo_sqlsrv/AE_Ksp.inc
@@ -0,0 +1,25 @@
+<?php
+
+function getKSPpath() 
+{
+    $name = 'myKSP';
+
+    $dir_name = realpath(dirname(__FILE__));
+    $ksp = $dir_name . DIRECTORY_SEPARATOR . $name;
+    if ( strtoupper( substr( php_uname( 's' ), 0, 3 ) ) == 'WIN' ) {
+        $arch = 'x64';
+        if ( PHP_INT_SIZE == 4 ) // running 32 bit
+            $arch = 'x86';
+        $ksp .= $arch . '.dll';
+    }
+    else
+        $ksp .= '.so';
+        
+    return $ksp;
+}       
+
+$ksp_name = 'MyCustomKSPName';
+$encrypt_key = 'LPKCWVD07N3RG98J0MBLG4H2';
+$ksp_test_table = 'CustomKSPTestTable';
+
+?>
\ No newline at end of file
diff --git a/test/functional/pdo_sqlsrv/pdo_connect_encrypted_ksp_errors.phpt b/test/functional/pdo_sqlsrv/pdo_connect_encrypted_ksp_errors.phpt
new file mode 100644
index 00000000..b6a12ad9
--- /dev/null
+++ b/test/functional/pdo_sqlsrv/pdo_connect_encrypted_ksp_errors.phpt
@@ -0,0 +1,100 @@
+--TEST--
+Fetch data from a prepopulated test table given a custom keystore provider
+--SKIPIF--
+<?php require('skipif.inc'); ?>
+--FILE--
+<?php
+    require( 'MsSetup.inc' );
+    require( 'AE_Ksp.inc' );
+
+    function connect( $connectionInfo )
+    {
+        global $server, $uid, $pwd;
+        
+        try
+        {
+            $conn = new PDO( "sqlsrv:server = $server ; $connectionInfo", $uid, $pwd );
+            echo "Connected successfully with ColumnEncryption enabled and KSP specified.\n";
+        }
+        catch( PDOException $e )
+        {
+            echo "Failed to connect.\n";
+            print_r( $e->getMessage() );
+            echo "\n";
+        }        
+    }
+    
+    $ksp_path = getKSPpath();
+
+    echo("Connecting... with column encryption\n");
+    $connectionInfo = "Database = $databaseName; ColumnEncryption = Enabled; ";
+    connect( $connectionInfo );
+
+    echo("\nConnecting... with an invalid input to CEKeystoreProvider\n");
+    $connectionInfo = "Database = $databaseName; ColumnEncryption = Enabled; ";
+    $connectionInfo .= "CEKeystoreName = 1; "; 
+    $connectionInfo .= "CEKeystoreProvider = $ksp_path; ";
+    $connectionInfo .= "CEKeystoreEncryptKey = $encrypt_key; ";    
+    connect( $connectionInfo );
+
+    echo("\nConnecting... with an empty path\n");
+    $connectionInfo = "Database = $databaseName; ColumnEncryption = Enabled; ";
+    $connectionInfo .= "CEKeystoreName = $ksp_name; "; 
+    $connectionInfo .= "CEKeystoreProvider = ; ";
+    $connectionInfo .= "CEKeystoreEncryptKey = $encrypt_key; ";
+    connect( $connectionInfo );
+
+    echo("\nConnecting... without a path\n");
+    $connectionInfo = "Database = $databaseName; ColumnEncryption = Enabled; ";
+    $connectionInfo .= "CEKeystoreName = $ksp_name; "; 
+    $connectionInfo .= "CEKeystoreEncryptKey = $encrypt_key;";
+    connect( $connectionInfo );
+    
+    echo("\nConnecting... without a name\n");
+    $connectionInfo = "Database = $databaseName; ColumnEncryption = Enabled; ";
+    $connectionInfo .= "CEKeystoreProvider = $ksp_path; ";
+    $connectionInfo .= "CEKeystoreEncryptKey = $encrypt_key; ";    
+    connect( $connectionInfo );
+    
+    echo("\nConnecting... without a key\n");
+    $connectionInfo = "Database = $databaseName; ColumnEncryption = Enabled; ";
+    $connectionInfo .= "CEKeystoreProvider = $ksp_path; ";
+    $connectionInfo .= "CEKeystoreName = $ksp_name; "; 
+    connect( $connectionInfo );
+    
+    echo("\nConnecting... with all required inputs\n");
+    $connectionInfo = "Database = $databaseName; ColumnEncryption = Enabled; ";
+    $connectionInfo .= "CEKeystoreProvider = $ksp_path; ";
+    $connectionInfo .= "CEKeystoreName = $ksp_name; "; 
+    $connectionInfo .= "CEKeystoreEncryptKey = $encrypt_key; ";    
+    connect( $connectionInfo );
+
+    echo "Done\n";
+?>
+--EXPECT--
+Connecting... with column encryption
+Connected successfully with ColumnEncryption enabled and KSP specified.
+
+Connecting... with an invalid input to CEKeystoreProvider
+Failed to connect.
+SQLSTATE[HY024]: [Microsoft][ODBC Driver 13 for SQL Server]Invalid attribute value
+
+Connecting... with an empty path
+Failed to connect.
+SQLSTATE[IMSSP]: Invalid value for loading a custom keystore provider.
+
+Connecting... without a path
+Failed to connect.
+SQLSTATE[IMSSP]: The path to the custom keystore provider is missing.
+
+Connecting... without a name
+Failed to connect.
+SQLSTATE[IMSSP]: The name of the custom keystore provider is missing.
+
+Connecting... without a key
+Failed to connect.
+SQLSTATE[IMSSP]: The encryption key for the custom keystore provider is missing.
+
+Connecting... with all required inputs
+Connected successfully with ColumnEncryption enabled and KSP specified.
+Done
\ No newline at end of file
diff --git a/test/functional/sqlsrv/AE_Ksp.inc b/test/functional/sqlsrv/AE_Ksp.inc
new file mode 100644
index 00000000..fb24a483
--- /dev/null
+++ b/test/functional/sqlsrv/AE_Ksp.inc
@@ -0,0 +1,25 @@
+<?php
+
+function getKSPpath() 
+{
+    $name = 'myKSP';
+
+    $dir_name = realpath(dirname(__FILE__));
+    $ksp = $dir_name . DIRECTORY_SEPARATOR . $name;
+    if ( strtoupper( substr( php_uname( 's' ), 0, 3 ) ) == 'WIN' ) {
+        $arch = 'x64';
+        if ( PHP_INT_SIZE == 4 ) // running 32 bit
+            $arch = 'x86';
+        $ksp .= $arch . '.dll';
+    }
+    else
+        $ksp .= '.so';
+        
+    return $ksp;
+}       
+
+$ksp_name = 'MyCustomKSPName';
+$encrypt_key = 'LPKCWVD07N3RG98J0MBLG4H2';
+$ksp_test_table = 'CustomKSPTestTable';
+
+?>
\ No newline at end of file
diff --git a/test/functional/sqlsrv/sqlsrv_connect_encrypted_ksp_errors.phpt b/test/functional/sqlsrv/sqlsrv_connect_encrypted_ksp_errors.phpt
new file mode 100644
index 00000000..a2033c11
--- /dev/null
+++ b/test/functional/sqlsrv/sqlsrv_connect_encrypted_ksp_errors.phpt
@@ -0,0 +1,150 @@
+--TEST--
+Connect using a custom keystore provider with some required inputs missing
+--SKIPIF--
+<?php require('skipif.inc'); ?>
+--FILE--
+<?php
+
+    function connect( $server, $connectionInfo )
+    {
+        $conn = sqlsrv_connect( $server, $connectionInfo );
+        if( $conn === false )
+        {
+            echo "Failed to connect.\n";
+            $errors = sqlsrv_errors();
+            print_r( $errors[0] );
+        }
+        else
+        {
+            echo "Connected successfully with ColumnEncryption enabled.\n";
+        }
+        
+        return $conn;
+    }
+    
+    sqlsrv_configure( 'LogSeverity', SQLSRV_LOG_SEVERITY_ALL );  
+
+    require( 'MsSetup.inc' );
+    require( 'AE_Ksp.inc' );
+    
+    $ksp_path = getKSPpath();
+
+    echo("Connecting... with column encryption\n");
+    $connectionInfo = array( "Database"=>$databaseName, "UID"=>$uid, "PWD"=>$pwd,
+                             "ColumnEncryption"=>"enabled");
+
+    connect( $server, $connectionInfo );
+    
+    echo("Connecting... with an invalid input to CEKeystoreProvider\n");
+    $connectionInfo = array( "Database"=>$databaseName, "UID"=>$uid, "PWD"=>$pwd,
+                             "ColumnEncryption"=>"enabled", 
+                             "CEKeystoreProvider"=>1);
+
+    connect( $server, $connectionInfo );
+
+    echo("Connecting... with an empty path\n");
+    $connectionInfo = array( "Database"=>$databaseName, "UID"=>$uid, "PWD"=>$pwd,
+                             "ColumnEncryption"=>"enabled", 
+                             "CEKeystoreProvider"=>"",
+                             "CEKeystoreName"=>$ksp_name,
+                             "CEKeystoreEncryptKey"=>$encrypt_key);
+
+    connect( $server, $connectionInfo );
+    
+    echo("Connecting... without a name\n");
+    $connectionInfo = array( "Database"=>$databaseName, "UID"=>$uid, "PWD"=>$pwd,
+                             "ColumnEncryption"=>"enabled", 
+                             "CEKeystoreProvider"=>$ksp_path, 
+                             "CEKeystoreEncryptKey"=>$encrypt_key);
+
+    connect( $server, $connectionInfo );
+
+    echo("Connecting... with an empty name\n");
+    $connectionInfo = array( "Database"=>$databaseName, "UID"=>$uid, "PWD"=>$pwd,
+                             "ColumnEncryption"=>"enabled", 
+                             "CEKeystoreProvider"=>$ksp_path, 
+                             "CEKeystoreName"=>"",
+                             "CEKeystoreEncryptKey"=>$encrypt_key);
+
+    connect( $server, $connectionInfo );
+
+    echo("Connecting... without a key\n");
+    $connectionInfo = array( "Database"=>$databaseName, "UID"=>$uid, "PWD"=>$pwd,
+                             "ColumnEncryption"=>"enabled", 
+                             "CEKeystoreProvider"=>$ksp_path, 
+                             "CEKeystoreName"=>$ksp_name);
+                             
+    connect( $server, $connectionInfo );
+
+    echo("Connecting... with all required inputs\n");
+    $connectionInfo = array( "Database"=>$databaseName, "UID"=>$uid, "PWD"=>$pwd,
+                             "ColumnEncryption"=>"enabled", 
+                             "CEKeystoreProvider"=>$ksp_path, 
+                             "CEKeystoreName"=>$ksp_name,
+                             "CEKeystoreEncryptKey"=>$encrypt_key);
+                             
+    connect( $server, $connectionInfo );
+    
+    echo "Done\n";
+?>
+--EXPECT--
+Connecting... with column encryption
+Connected successfully with ColumnEncryption enabled.
+Connecting... with an invalid input to CEKeystoreProvider
+Failed to connect.
+Array
+(
+    [0] => IMSSP
+    [SQLSTATE] => IMSSP
+    [1] => -33
+    [code] => -33
+    [2] => Invalid value type for option CEKeystoreProvider was specified.  String type was expected.
+    [message] => Invalid value type for option CEKeystoreProvider was specified.  String type was expected.
+)
+Connecting... with an empty path
+Failed to connect.
+Array
+(
+    [0] => IMSSP
+    [SQLSTATE] => IMSSP
+    [1] => -104
+    [code] => -104
+    [2] => Invalid value for loading a custom keystore provider.
+    [message] => Invalid value for loading a custom keystore provider.
+)
+Connecting... without a name
+Failed to connect.
+Array
+(
+    [0] => IMSSP
+    [SQLSTATE] => IMSSP
+    [1] => -101
+    [code] => -101
+    [2] => The name of the custom keystore provider is missing.
+    [message] => The name of the custom keystore provider is missing.
+)
+Connecting... with an empty name
+Failed to connect.
+Array
+(
+    [0] => IMSSP
+    [SQLSTATE] => IMSSP
+    [1] => -104
+    [code] => -104
+    [2] => Invalid value for loading a custom keystore provider.
+    [message] => Invalid value for loading a custom keystore provider.
+)
+Connecting... without a key
+Failed to connect.
+Array
+(
+    [0] => IMSSP
+    [SQLSTATE] => IMSSP
+    [1] => -103
+    [code] => -103
+    [2] => The encryption key for the custom keystore provider is missing.
+    [message] => The encryption key for the custom keystore provider is missing.
+)
+Connecting... with all required inputs
+Connected successfully with ColumnEncryption enabled.
+Done
\ No newline at end of file