virtual void go() override { const std::string test_type = get_arg("test_type"); const size_t warmup_runs = get_arg_sz("warmup-runs"); const size_t measurement_runs = get_arg_sz("measurement-runs"); std::unique_ptr<Timing_Test> test = lookup_timing_test(test_type); if(!test) { throw CLI_Error("Unknown or unavailable test type '" + test_type + "'"); } std::string filename = get_arg_or("test-data-file", ""); if(filename.empty()) { const std::string test_data_dir = get_arg("test-data-dir"); filename = test_data_dir + "/" + test_type + ".vec"; } std::vector<std::string> lines; { std::ifstream infile(filename); if(infile.good() == false) throw CLI_Error("Error reading test data from '" + filename + "'"); std::string line; while (std::getline(infile, line)) { if (line.size() > 0 && line.at(0) != '#') { lines.push_back(line); } } } std::vector<std::vector<ticks>> results = test->execute_evaluation(lines, warmup_runs, measurement_runs); size_t unique_id = 0; std::ostringstream oss; for(size_t secret_id = 0; secret_id != results.size(); ++secret_id) { for(size_t i = 0; i != results[secret_id].size(); ++i) { oss << unique_id++ << ";" << secret_id << ";" << results[secret_id][i] << "\n"; } } output() << oss.str(); }
void go() override { std::unique_ptr<Botan::Public_Key> key(Botan::X509::load_key(get_arg("pubkey"))); if(!key) { throw CLI_Error("Unable to load public key"); } const std::string sig_padding = get_arg_or("emsa", algo_default_emsa(key->algo_name())) + "(" + get_arg("hash") + ")"; Botan::PK_Verifier verifier(*key, sig_padding); auto onData = [&verifier](const uint8_t b[], size_t l) { verifier.update(b, l); }; this->read_file(get_arg("file"), onData); const Botan::secure_vector<uint8_t> signature = Botan::base64_decode(this->slurp_file_as_str(get_arg("signature"))); const bool valid = verifier.check_signature(signature); output() << "Signature is " << (valid ? "valid" : "invalid") << "\n"; }
void go() override { std::unique_ptr<Botan::Private_Key> key( Botan::PKCS8::load_key( get_arg("key"), rng(), get_arg("passphrase"))); if(!key) { throw CLI_Error("Unable to load private key"); } const std::string sig_padding = get_arg_or("emsa", algo_default_emsa(key->algo_name())) + "(" + get_arg("hash") + ")"; Botan::PK_Signer signer(*key, rng(), sig_padding); auto onData = [&signer](const uint8_t b[], size_t l) { signer.update(b, l); }; this->read_file(get_arg("file"), onData); output() << Botan::base64_encode(signer.signature(rng())) << "\n"; }
void go() override { std::unique_ptr<Botan::Private_Key> key(Botan::PKCS8::load_key(get_arg("key"), rng(), get_arg("key-pass"))); if(!key) { throw CLI_Error("Failed to load key from " + get_arg("key")); } Botan::X509_Cert_Options opts; opts.common_name = get_arg("CN"); opts.country = get_arg("country"); opts.organization = get_arg("organization"); opts.email = get_arg("email"); opts.dns = get_arg("dns"); opts.set_padding_scheme(get_arg_or("emsa", "EMSA4")); if(flag_set("ca")) { opts.CA_key(); } Botan::X509_Certificate cert = Botan::X509::create_self_signed_cert(opts, *key, get_arg("hash"), rng()); output() << cert.PEM_encode(); }
void parse_extension(const std::string& in_file, std::string& out_file, std::string& suffix) { auto last_dot = in_file.find_last_of('.'); if(last_dot == std::string::npos || last_dot == 0) throw CLI_Error("No extension detected in filename '" + in_file + "'"); out_file = in_file.substr(0, last_dot); suffix = in_file.substr(last_dot+1, std::string::npos); }
Command::Registration::Registration(const std::string& name, Command::cmd_maker_fn maker_fn) { std::map<std::string, Command::cmd_maker_fn>& reg = Command::global_registry(); if(reg.count(name) > 0) { throw CLI_Error("Duplicated registration of command " + name); } reg.insert(std::make_pair(name, maker_fn)); }
static Botan::RandomNumberGenerator& timing_test_rng() { #if defined(BOTAN_HAS_SYSTEM_RNG) return Botan::system_rng(); #elif defined(BOTAN_HAS_AUTO_SEEDED_RNG) static AutoSeeded_RNG static_timing_test_rng(Botan::Entropy_Sources::global_sources(), 0); return static_timing_test_rng; #else // we could just use SHA-256 in OFB mode for these purposes throw CLI_Error("Timing tests require a PRNG"); #endif }
static Botan::TLS::Protocol_Version::Version_Code tls_version_from_str(const std::string& str) { if(str == "tls1.2" || str == "TLS1.2" || str == "TLS-1.2") return Botan::TLS::Protocol_Version::TLS_V12; else if(str == "tls1.1" || str == "TLS1.1" || str == "TLS-1.1") return Botan::TLS::Protocol_Version::TLS_V11; else if(str == "tls1.0" || str == "TLS1.1" || str == "TLS-1.1") return Botan::TLS::Protocol_Version::TLS_V10; if(str == "dtls1.2" || str == "DTLS1.2" || str == "DTLS-1.2") return Botan::TLS::Protocol_Version::DTLS_V12; else if(str == "dtls1.0" || str == "DTLS1.0" || str == "DTLS-1.0") return Botan::TLS::Protocol_Version::DTLS_V10; else throw CLI_Error("Unknown TLS version '" + str + "'"); }
std::vector<std::vector<ticks>> Timing_Test::execute_evaluation( const std::vector<std::string>& raw_inputs, size_t warmup_runs, size_t measurement_runs) { std::vector<std::vector<ticks>> all_results(raw_inputs.size()); std::vector<std::vector<uint8_t>> inputs(raw_inputs.size()); for(auto& result : all_results) { result.reserve(measurement_runs); } for(size_t i = 0; i != inputs.size(); ++i) { inputs[i] = prepare_input(raw_inputs[i]); } // arbitrary upper bounds of 1 and 10 million resp if(warmup_runs > 1000000 || measurement_runs > 100000000) { throw CLI_Error("Requested execution counts too large, rejecting"); } size_t total_runs = 0; while(total_runs < (warmup_runs + measurement_runs)) { std::vector<ticks> results(inputs.size()); for(size_t i = 0; i != inputs.size(); ++i) { results[i] = measure_critical_function(inputs[i]); } total_runs++; if(total_runs >= warmup_runs) { for(size_t i = 0; i != results.size(); ++i) { all_results[i].push_back(results[i]); } } } return all_results; }
std::vector<std::string> read_testdata(const std::string& filename) { std::vector<std::string> lines; std::ifstream infile(filename); if(infile.good() == false) { throw CLI_Error("Error reading test data from '" + filename + "'"); } std::string line; while(std::getline(infile, line)) { if(line.size() > 0 && line.at(0) != '#') { lines.push_back(line); } } return lines; }
void go() override { const std::string policy_type = get_arg("policy"); const Botan::TLS::Protocol_Version version(tls_version_from_str(get_arg("version"))); const bool with_srp = false; // fixme std::unique_ptr<Botan::TLS::Policy> policy; if(policy_type == "default") { policy.reset(new Botan::TLS::Policy); } else if(policy_type == "suiteb") { policy.reset(new Botan::TLS::NSA_Suite_B_128); } else if(policy_type == "strict") { policy.reset(new Botan::TLS::Strict_Policy); } else if(policy_type == "all") { policy.reset(new TLS_All_Policy); } else { std::ifstream policy_file(policy_type); if(!policy_file.good()) { throw CLI_Error("Error TLS policy '" + policy_type + "' is neither a file nor a known policy type"); } policy.reset(new Botan::TLS::Text_Policy(policy_file)); } for(uint16_t suite_id : policy->ciphersuite_list(version, with_srp)) { const Botan::TLS::Ciphersuite suite(Botan::TLS::Ciphersuite::by_id(suite_id)); output() << suite.to_string() << "\n"; } }
void go() override { std::unique_ptr<Botan::Private_Key> key(Botan::PKCS8::load_key(get_arg("key"), rng(), get_arg("key-pass"))); if(!key) { throw CLI_Error("Failed to load key from " + get_arg("key")); } Botan::X509_Cert_Options opts; opts.common_name = get_arg("CN"); opts.country = get_arg("country"); opts.organization = get_arg("organization"); opts.email = get_arg("email"); opts.set_padding_scheme(get_arg_or("emsa", "EMSA4")); Botan::PKCS10_Request req = Botan::X509::create_cert_req(opts, *key, get_arg("hash"), rng()); output() << req.PEM_encode(); }
void go() override { const std::string test_type = get_arg("test_type"); const size_t warmup_runs = get_arg_sz("warmup-runs"); const size_t measurement_runs = get_arg_sz("measurement-runs"); std::unique_ptr<Timing_Test> test = lookup_timing_test(test_type); if(!test) { throw CLI_Error("Unknown or unavailable test type '" + test_type + "'"); } std::string filename = get_arg_or("test-data-file", ""); if(filename.empty()) { const std::string test_data_dir = get_arg("test-data-dir"); filename = test_data_dir + "/" + test_type + ".vec"; } std::vector<std::string> lines = read_testdata(filename); std::vector<std::vector<ticks>> results = test->execute_evaluation(lines, warmup_runs, measurement_runs); size_t unique_id = 0; std::ostringstream oss; for(size_t secret_id = 0; secret_id != results.size(); ++secret_id) { for(size_t i = 0; i != results[secret_id].size(); ++i) { oss << unique_id++ << ";" << secret_id << ";" << results[secret_id][i] << "\n"; } } output() << oss.str(); }
void go() override { Botan::X509_Certificate ca_cert(get_arg("ca_cert")); std::unique_ptr<Botan::Private_Key> key; const std::string pass = get_arg("ca-key-pass"); if(!pass.empty()) { key.reset(Botan::PKCS8::load_key(get_arg("ca_key"), rng(), pass)); } else { key.reset(Botan::PKCS8::load_key(get_arg("ca_key"), rng())); } if(!key) { throw CLI_Error("Failed to load key from " + get_arg("ca_key")); } Botan::X509_CA ca(ca_cert, *key, {{"padding",get_arg_or("emsa", "EMSA4")}}, get_arg("hash"), rng()); Botan::PKCS10_Request req(get_arg("pkcs10_req")); auto now = std::chrono::system_clock::now(); Botan::X509_Time start_time(now); typedef std::chrono::duration<int, std::ratio<86400>> days; Botan::X509_Time end_time(now + days(get_arg_sz("duration"))); Botan::X509_Certificate new_cert = ca.sign_request(req, rng(), start_time, end_time); output() << new_cert.PEM_encode(); }