23225340130

Committed 18 Mar 2026 01:53AM UTC coverage: 89.677% (-0.001%) from 89.678%

Build # 23225340130

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #5456 from randombit/jack/clang-tidy-22

Fix various warnings from clang-tidy 22

Run Details

104438 of 116460 relevant lines covered (89.68%)

11819947.55 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/cli/perf_x509.cpp

/*
* (C) 2025 Jack Lloyd
*     2025 René Meusel - Rohde & Schwarz Cybersecurity
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "perf.h"
#include <algorithm>

// Always available:
#include <botan/assert.h>

#if defined(BOTAN_HAS_X509)
   #include <botan/ber_dec.h>
   #include <botan/bigint.h>
   #include <botan/der_enc.h>
   #include <botan/pk_algs.h>
   #include <botan/pk_keys.h>
   #include <botan/rng.h>
   #include <botan/x509_ca.h>
   #include <botan/x509_ext.h>
   #include <botan/x509self.h>
#endif

namespace Botan_CLI {

namespace {

#if defined(BOTAN_HAS_X509) && defined(BOTAN_HAS_ML_DSA)

class PerfTest_ASN1_Parsing final : public PerfTest {
   private:
      struct CA {
            std::unique_ptr<Botan::Private_Key> root_key;
            Botan::X509_CA ca;
      };

   private:
      static std::string_view get_hash_function() { return "SHAKE-256(512)"; }

      static std::unique_ptr<Botan::Private_Key> create_private_key(Botan::RandomNumberGenerator& rng) {
         return Botan::create_private_key("ML-DSA", rng, "ML-DSA-6x5");
      }

      static CA create_ca(Botan::RandomNumberGenerator& rng) {
         auto root_cert_options = Botan::X509_Cert_Options("Benchmark Root/DE/RS/CS");
         root_cert_options.dns = "unobtainium.example.com";
         root_cert_options.email = "idont@exist.com";
         root_cert_options.is_CA = true;

         auto root_key = create_private_key(rng);
         BOTAN_ASSERT_NONNULL(root_key);
         auto root_cert = Botan::X509::create_self_signed_cert(root_cert_options, *root_key, get_hash_function(), rng);
         auto ca = Botan::X509_CA(root_cert, *root_key, get_hash_function(), rng);

         return CA{
            std::move(root_key),
            std::move(ca),
         };
      }

      static Botan::X509_Certificate make_certificate(std::string_view common_name,
                                                      CA& ca,
                                                      Botan::RandomNumberGenerator& rng) {
         Botan::X509_DN subject;
         subject.add_attribute("X520.CommonName", common_name);
         subject.add_attribute("X520.Country", "DE");
         subject.add_attribute("X520.State", "Berlin");
         subject.add_attribute("X520.Organization", "RS");
         subject.add_attribute("X520.OrganizationalUnit", "CS");

         Botan::AlternativeName an;
         an.add_dns("gibtsnicht.example.com");
         an.add_email("not.available@anywhere.com");

         Botan::Extensions exts;
         exts.add(std::make_unique<Botan::Cert_Extension::Subject_Alternative_Name>(an));

         const auto cert_key = create_private_key(rng);
         BOTAN_ASSERT_NONNULL(cert_key);
         const auto cert_req = Botan::PKCS10_Request::create(*cert_key, subject, exts, get_hash_function(), rng);

         const auto now = std::chrono::system_clock::now();
         using namespace std::chrono_literals;
         return ca.ca.sign_request(cert_req, rng, Botan::X509_Time(now), Botan::X509_Time(now + 24h * 365));
      }

      static Botan::X509_CRL make_revocation_list(size_t entries, CA& ca, Botan::RandomNumberGenerator& rng) {
         const auto empty_crl = ca.ca.new_crl(rng);

         std::vector<Botan::CRL_Entry> crl_entries(entries);
         std::generate(crl_entries.begin(), crl_entries.end(), [&] {
            std::vector<uint8_t> crl_entry_buffer;

            // Generating the CRL entries through their ASN.1 structure because
            // our public API does not allow creating them without the actual
            // certificate that is supposed to be revoked.
            Botan::Extensions exts;
            exts.add(std::make_unique<Botan::Cert_Extension::CRL_ReasonCode>(Botan::CRL_Code::KeyCompromise));
            Botan::DER_Encoder(crl_entry_buffer)
               .start_sequence()
               .encode(Botan::BigInt::from_bytes(rng.random_array<16>()))
               .encode(Botan::X509_Time(std::chrono::system_clock::now()))
               .start_sequence()
               .encode(exts)
               .end_cons()
               .end_cons();

            Botan::BER_Decoder ber(crl_entry_buffer);

            Botan::CRL_Entry entry;
            entry.decode_from(ber);
            return entry;
         });

         return ca.ca.update_crl(empty_crl, crl_entries, rng);
      }

   public:
      void go(const PerfConfig& config) override {
         auto ca = create_ca(config.rng());
         auto cert = make_certificate("Test Certificate", ca, config.rng());
         auto crl = make_revocation_list(500, ca, config.rng());

         const auto cert_encoded = cert.BER_encode();
         const auto crl_encoded = crl.BER_encode();

         auto cert_timer = config.make_timer("X509 Certificate Parsing");
         auto crl_timer = config.make_timer("X509 CRL Parsing");

         const auto runtime = config.runtime();

         while(cert_timer->under(runtime)) {
            cert_timer->start();
            std::ignore = Botan::X509_Certificate(cert_encoded);
            cert_timer->stop();
         }

         while(crl_timer->under(runtime)) {
            crl_timer->start();
            std::ignore = Botan::X509_CRL(crl_encoded);
            crl_timer->stop();
         }

         config.record_result(*cert_timer);
         config.record_result(*crl_timer);
      }
};

BOTAN_REGISTER_PERF_TEST("asn1_parsing", PerfTest_ASN1_Parsing);

#endif

}  // namespace

}  // namespace Botan_CLI

1	/*
2	* (C) 2025 Jack Lloyd
3	* 2025 René Meusel - Rohde & Schwarz Cybersecurity
4	*
5	* Botan is released under the Simplified BSD License (see license.txt)
6	*/
7
8	#include "perf.h"
9	#include <algorithm>
10
11	// Always available:
12	#include <botan/assert.h>
13
14	#if defined(BOTAN_HAS_X509)
15	#include <botan/ber_dec.h>
16	#include <botan/bigint.h>
17	#include <botan/der_enc.h>
18	#include <botan/pk_algs.h>
19	#include <botan/pk_keys.h>
20	#include <botan/rng.h>
21	#include <botan/x509_ca.h>
22	#include <botan/x509_ext.h>
23	#include <botan/x509self.h>
24	#endif
25
26	namespace Botan_CLI {
27
28	namespace {
29
30	#if defined(BOTAN_HAS_X509) && defined(BOTAN_HAS_ML_DSA)
31
32	class PerfTest_ASN1_Parsing final : public PerfTest {	×
33	private:
34	struct CA {
35	std::unique_ptr<Botan::Private_Key> root_key;
36	Botan::X509_CA ca;
37	};
38
39	private:
40	static std::string_view get_hash_function() { return "SHAKE-256(512)"; }	×
41
42	static std::unique_ptr<Botan::Private_Key> create_private_key(Botan::RandomNumberGenerator& rng) {	×
43	return Botan::create_private_key("ML-DSA", rng, "ML-DSA-6x5");	×
44	}
45
46	static CA create_ca(Botan::RandomNumberGenerator& rng) {	×
47	auto root_cert_options = Botan::X509_Cert_Options("Benchmark Root/DE/RS/CS");	×
48	root_cert_options.dns = "unobtainium.example.com";	×
49	root_cert_options.email = "idont@exist.com";	×
50	root_cert_options.is_CA = true;	×
51
52	auto root_key = create_private_key(rng);	×
53	BOTAN_ASSERT_NONNULL(root_key);	×
54	auto root_cert = Botan::X509::create_self_signed_cert(root_cert_options, *root_key, get_hash_function(), rng);	×
55	auto ca = Botan::X509_CA(root_cert, *root_key, get_hash_function(), rng);	×
56
57	return CA{	×
58	std::move(root_key),
59	std::move(ca),
60	};	×
61	}	×
62
63	static Botan::X509_Certificate make_certificate(std::string_view common_name,	×
64	CA& ca,
65	Botan::RandomNumberGenerator& rng) {
66	Botan::X509_DN subject;	×
67	subject.add_attribute("X520.CommonName", common_name);	×
68	subject.add_attribute("X520.Country", "DE");	×
69	subject.add_attribute("X520.State", "Berlin");	×
70	subject.add_attribute("X520.Organization", "RS");	×
71	subject.add_attribute("X520.OrganizationalUnit", "CS");	×
72
73	Botan::AlternativeName an;	×
74	an.add_dns("gibtsnicht.example.com");	×
75	an.add_email("not.available@anywhere.com");	×
76
77	Botan::Extensions exts;	×
78	exts.add(std::make_unique<Botan::Cert_Extension::Subject_Alternative_Name>(an));	×
79
80	const auto cert_key = create_private_key(rng);	×
81	BOTAN_ASSERT_NONNULL(cert_key);	×
82	const auto cert_req = Botan::PKCS10_Request::create(*cert_key, subject, exts, get_hash_function(), rng);	×
83
84	const auto now = std::chrono::system_clock::now();	×
85	using namespace std::chrono_literals;	×
86	return ca.ca.sign_request(cert_req, rng, Botan::X509_Time(now), Botan::X509_Time(now + 24h * 365));	×
87	}	×
88
89	static Botan::X509_CRL make_revocation_list(size_t entries, CA& ca, Botan::RandomNumberGenerator& rng) {	×
90	const auto empty_crl = ca.ca.new_crl(rng);	×
91
92	std::vector<Botan::CRL_Entry> crl_entries(entries);	×
93	std::generate(crl_entries.begin(), crl_entries.end(), [&] {	×
94	std::vector<uint8_t> crl_entry_buffer;	×
95
96	// Generating the CRL entries through their ASN.1 structure because
97	// our public API does not allow creating them without the actual
98	// certificate that is supposed to be revoked.
99	Botan::Extensions exts;	×
100	exts.add(std::make_unique<Botan::Cert_Extension::CRL_ReasonCode>(Botan::CRL_Code::KeyCompromise));	×
101	Botan::DER_Encoder(crl_entry_buffer)	×
102	.start_sequence()	×
103	.encode(Botan::BigInt::from_bytes(rng.random_array<16>()))	×
104	.encode(Botan::X509_Time(std::chrono::system_clock::now()))	×
105	.start_sequence()	×
106	.encode(exts)	×
107	.end_cons()	×
108	.end_cons();	×
109
110	Botan::BER_Decoder ber(crl_entry_buffer);	×
111
112	Botan::CRL_Entry entry;	×
113	entry.decode_from(ber);	×
114	return entry;	×
115	});	×
116
117	return ca.ca.update_crl(empty_crl, crl_entries, rng);	×
118	}	×
119
120	public:
121	void go(const PerfConfig& config) override {	×
122	auto ca = create_ca(config.rng());	×
123	auto cert = make_certificate("Test Certificate", ca, config.rng());	×
124	auto crl = make_revocation_list(500, ca, config.rng());	×
125
126	const auto cert_encoded = cert.BER_encode();	×
127	const auto crl_encoded = crl.BER_encode();	×
128
129	auto cert_timer = config.make_timer("X509 Certificate Parsing");	×
130	auto crl_timer = config.make_timer("X509 CRL Parsing");	×
131
132	const auto runtime = config.runtime();	×
133
134	while(cert_timer->under(runtime)) {	×
135	cert_timer->start();	×
136	std::ignore = Botan::X509_Certificate(cert_encoded);	×
137	cert_timer->stop();	×
138	}
139
140	while(crl_timer->under(runtime)) {	×
141	crl_timer->start();	×
142	std::ignore = Botan::X509_CRL(crl_encoded);	×
143	crl_timer->stop();	×
144	}
145
146	config.record_result(*cert_timer);	×
147	config.record_result(*crl_timer);	×
148	}	×
149	};
150
151	BOTAN_REGISTER_PERF_TEST("asn1_parsing", PerfTest_ASN1_Parsing);	×
152
153	#endif
154
155	} // namespace
156
157	} // namespace Botan_CLI

randombit / botan / 23225340130

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous