Set up unit tests

Author: Scott Arciszewski

Diff for: autoload.php

@@ -40,7 +40,7 @@
      */
     function hash_equals($known_string, $user_string)
     {
-        return Future\Security::hash_equals(
+        return Future\Security::hashEquals(
             $known_string,
             $user_string
         );

Diff for: run-tests.bat

@@ -0,0 +1,3 @@
+@echo off
+REM todo: interface with gpg4win to verify the signature
+php vendor\phpunit\phpunit\phpunit --bootstrap autoload.php tests

Diff for: run-tests.sh

@@ -0,0 +1,75 @@
+#!/bin/bash
+
+clean=1 # Clean up?
+gpg --fingerprint D8406D0D82947747293778314AA394086372C20A
+if [ $? -ne 0 ]; then
+    echo -e "\033[33mDownloading PGP Public Key...\033[0m"
+    gpg --recv-keys D8406D0D82947747293778314AA394086372C20A
+    # Sebastian Bergmann <sb@sebastian-bergmann.de>
+    gpg --fingerprint D8406D0D82947747293778314AA394086372C20A
+    if [ $? -ne 0 ]; then
+        echo -e "\033[31mCould not download PGP public key for verification\033[0m"
+        exit
+    fi
+fi
+if [ "$clean" -eq 1 ]; then
+    # Let's clean them up, if they exist
+    if [ -f phpunit.phar ]; then
+        rm -f phpunit.phar
+    fi
+    if [ -f phpunit.phar.asc ]; then
+        rm -f phpunit.phar.asc
+    fi
+fi
+
+# Let's grab the latest release and its signature
+if [ ! -f phpunit.phar ]; then
+    wget https://phar.phpunit.de/phpunit.phar
+fi
+if [ ! -f phpunit.phar.asc ]; then
+    wget https://phar.phpunit.de/phpunit.phar.asc
+fi
+
+# Verify before running
+gpg --verify phpunit.phar.asc phpunit.phar
+if [ $? -eq 0 ]; then
+    echo
+    echo -e "\033[33mBegin Unit Testing\033[0m"
+    # Run the testing suite
+    php phpunit.phar --bootstrap autoload.php tests
+    # Cleanup
+    if [ "$clean" -eq 1 ]; then
+        echo -e "\033[32mCleaning Up!\033[0m"
+        rm -f phpunit.phar
+        rm -f phpunit.phar.asc
+    fi
+else
+    echo
+    chmod -x phpunit.phar
+    mv phpunit.phar /tmp/bad-phpunit.phar
+    mv phpunit.phar.asc /tmp/bad-phpunit.phar.asc
+    echo -e "\033[31mSignature did not match! Check /tmp/bad-phpunit.phar for trojans\033[0m"
+    exit 1
+fi
+
+# The MIT License (MIT)
+# 
+# Copyright (c) 2015 Resonant Core, LLC
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.

Diff for: src/Security.php

@@ -33,11 +33,11 @@ class Security
      * @param  string $userString
      * @return bool
      */
-    public static function hash_equals($knownString, $userString)
+    public static function hashEquals($knownString, $userString)
     {
         // We have to roll our own
-        $kLen = self::_strlen($knownString);
-        $uLen = self::_strlen($userString);
+        $kLen = self::ourStrlen($knownString);
+        $uLen = self::ourStrlen($userString);
         if ($kLen !== $uLen) {
             return false;
         }
@@ -55,7 +55,7 @@ public static function hash_equals($knownString, $userString)
      * @param string $str
      * @return int
      */
-    private static function _strlen($str)
+    private static function ourStrlen($str)
     {
         // Premature optimization: cache the function_exists() result
         static $exists = null;

Diff for: tests/Security.php

@@ -0,0 +1,24 @@
+<?php
+use \ResonantCore\PHPFuture as Future;
+
+class TestSecurity extends PHPUnit_Framework_TestCase
+{
+    /**
+     * @covers \ResonantCore\PHPFuture\Security::hashEquals()
+     */
+    public function testHashEquals()
+    {
+        $a = 'd4ef98335dc5512500ea74a70a26dbd2759acc0ac116f0d747d05848a8365da9';
+        $b = 'd4ef98335dc5512500ea74a70a26dbd2759acc0ac116f0d747d05848a8365da9';
+        
+        // Obvious test case:
+        $this->assertTrue(\hash_equals($a, $b));
+        
+        $a = 'd4ef98335dc5512500ea74a70a26dbd2759acc0ac116f0d747d05848a8365da9';
+        $b = 'd4ef98335dc5512500ea74a70a26dbd2759acc0ac116f0d747d05848a8365da1';
+        
+        $this->assertFalse(\hash_equals($a, $b));
+        
+        
+    }
+}