27806188297

Committed 18 Jun 2026 04:12PM UTC coverage: 89.37% (-0.03%) from 89.397%

Build # 27806188297

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #5677 from randombit/jack/oid-names

Add OID::registered_name

Coverage Stats

111637 of 124915 relevant lines covered (89.37%)

10895907.86 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

94.06

/src/cli/roughtime.cpp

/*
* Roughtime
* (C) 2019 Nuno Goncalves <nunojpg@gmail.com>
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "cli.h"

#if defined(BOTAN_HAS_ROUGHTIME)

   #include <botan/base64.h>
   #include <botan/ed25519.h>
   #include <botan/roughtime.h>
   #include <botan/internal/calendar.h>

   #include <fstream>
   #include <iomanip>
   #include <sstream>

namespace Botan_CLI {

namespace {

// Format the time point as YYYY-MM-DDTHH:MM:SS in UTC
std::string format_utc_datetime(const std::chrono::system_clock::time_point& tp) {
   const Botan::calendar_point c(tp);
   std::ostringstream out;
   out << std::setfill('0') << std::setw(4) << c.year() << "-" << std::setw(2) << c.month() << "-" << std::setw(2)
       << c.day() << "T" << std::setw(2) << c.hour() << ":" << std::setw(2) << c.minutes() << ":" << std::setw(2)
       << c.seconds();
   return out.str();
}

class RoughtimeCheck final : public Command {
   public:
      RoughtimeCheck() : Command("roughtime_check --raw-time chain-file") {}

      std::string group() const override { return "misc"; }

      std::string description() const override { return "Parse and validate Roughtime chain file"; }

      void go() override {
         const auto chain = Botan::Roughtime::Chain(slurp_file_as_str(get_arg("chain-file")));
         unsigned i = 0;
         for(const auto& response : chain.responses()) {
            output() << std::setw(3) << ++i << ": UTC ";
            if(flag_set("raw-time")) {
               output()
                  << Botan::Roughtime::Response::sys_microseconds64(response.utc_midpoint()).time_since_epoch().count();
            } else {
               output() << format_utc_datetime(response.utc_midpoint());
            }
            output() << " (+-" << Botan::Roughtime::Response::microseconds32(response.utc_radius()).count() << "us)\n";
         }
      }
};

BOTAN_REGISTER_COMMAND("roughtime_check", RoughtimeCheck);

class Roughtime final : public Command {
   public:
      Roughtime() :
            Command(
               "roughtime --raw-time --chain-file=roughtime-chain --max-chain-size=128 --check-local-clock=60 --host= --pubkey= --servers-file=") {
      }

      std::string help_text() const override {
         return Command::help_text() + R"(

--servers-file=<filename>
   List of servers that will queried in sequence.

   File contents syntax:
      <name> <key type> <base 64 encoded public key> <protocol> <host:port>

   Example servers:
      Cloudflare-Roughtime ed25519 0GD7c3yP8xEc4Zl2zeuN2SlLvDVVocjsPSL8/Rl/7zg= udp roughtime.cloudflare.com:2003
      Google-Sandbox-Roughtime ed25519 etPaaIxcBMY1oUeGpwvPMCJMwlRVNxv51KK/tktoJTQ= udp roughtime.sandbox.google.com:2002

--chain-file=<filename>
   Successful queries are appended to this file.
   If limit of --max-chain-size records is reached, the oldest records are truncated.
   This queries records can be replayed using command roughtime_check <chain-file>.

   File contents syntax:
      <key type> <base 64 encoded public key> <base 64 encoded blind or nonce> <base 64 encoded server response>
)";
      }

      std::string group() const override { return "misc"; }

      std::string description() const override { return "Retrieve time from Roughtime server"; }

      void query(std::unique_ptr<Botan::Roughtime::Chain>& chain,
                 const size_t max_chain_size,
                 const std::string& address,
                 const Botan::Ed25519_PublicKey& public_key) {
         Botan::Roughtime::Nonce nonce{};
         Botan::Roughtime::Nonce blind{};
         if(chain) {
            blind = Botan::Roughtime::Nonce(rng());
            nonce = chain->next_nonce(blind);
         } else {
            nonce = Botan::Roughtime::Nonce(rng());
         }
         const auto response_raw = Botan::Roughtime::online_request(address, nonce, std::chrono::seconds(5));
         const auto response = Botan::Roughtime::Response::from_bits(response_raw, nonce);
         if(flag_set("raw-time")) {
            output()
               << "UTC "
               << Botan::Roughtime::Response::sys_microseconds64(response.utc_midpoint()).time_since_epoch().count();
         } else {
            output() << "UTC " << format_utc_datetime(response.utc_midpoint());
         }
         output() << " (+-" << Botan::Roughtime::Response::microseconds32(response.utc_radius()).count() << "us)";
         if(!response.validate(public_key)) {
            error_output() << "ERROR: Public key does not match!\n";
            set_return_code(1);
            return;
         }
         const auto tolerance = get_arg_sz("check-local-clock");
         if(tolerance > 0) {
            const auto now = std::chrono::system_clock::now();
            const auto diff_abs =
               now >= response.utc_midpoint() ? now - response.utc_midpoint() : response.utc_midpoint() - now;
            if(diff_abs > (response.utc_radius() + std::chrono::seconds(tolerance))) {
               error_output() << "ERROR: Local clock mismatch\n";
               set_return_code(1);
               return;
            }
            output() << " Local clock match";
         }
         if(chain) {
            chain->append({response_raw, public_key, blind}, max_chain_size);
         }
         output() << '\n';
      }

      void go() override {
         const auto max_chain_size = get_arg_sz("max-chain-size");
         const auto chain_file = get_arg("chain-file");
         const auto servers_file = get_arg_or("servers-file", "");
         const auto host = get_arg_or("host", "");
         const auto pk = get_arg_or("pubkey", "");

         std::unique_ptr<Botan::Roughtime::Chain> chain;
         if(!chain_file.empty() && max_chain_size >= 1) {
            try {
               chain = std::make_unique<Botan::Roughtime::Chain>(slurp_file_as_str(chain_file));
            } catch(const CLI_IO_Error&) {
               // file is to still be created
               chain = std::make_unique<Botan::Roughtime::Chain>();
            }
         }

         const bool from_servers_file = !servers_file.empty();
         const bool from_host_and_pk = !host.empty() && !pk.empty();
         if(from_servers_file == from_host_and_pk) {
            error_output() << "Please specify either --servers-file or --host and --pubkey\n";
            set_return_code(1);
            return;
         }

         if(!servers_file.empty()) {
            const auto servers = Botan::Roughtime::servers_from_str(slurp_file_as_str(servers_file));

            for(const auto& s : servers) {
               output() << std::setw(25) << std::left << s.name() << ": ";
               for(const auto& a : s.addresses()) {
                  try {
                     query(chain, max_chain_size, a, s.public_key());
                     break;
                  } catch(const std::exception& ex)  //network error, try next address
                  {
                     error_output() << ex.what() << '\n';
                  }
               }
            }

         } else {
            query(chain, max_chain_size, host, Botan::Ed25519_PublicKey(Botan::base64_decode(pk)));
         }

         if(chain) {
            std::ofstream out(chain_file);
            out << chain->to_string();
         }
      }
};

BOTAN_REGISTER_COMMAND("roughtime", Roughtime);

}  // namespace

}  // namespace Botan_CLI

#endif

1	/*
2	* Roughtime
3	* (C) 2019 Nuno Goncalves <nunojpg@gmail.com>
4	*
5	* Botan is released under the Simplified BSD License (see license.txt)
6	*/
7
8	#include "cli.h"
9
10	#if defined(BOTAN_HAS_ROUGHTIME)
11
12	#include <botan/base64.h>
13	#include <botan/ed25519.h>
14	#include <botan/roughtime.h>
15	#include <botan/internal/calendar.h>
16
17	#include <fstream>
18	#include <iomanip>
19	#include <sstream>
20
21	namespace Botan_CLI {
22
23	namespace {
24
25	// Format the time point as YYYY-MM-DDTHH:MM:SS in UTC
26	std::string format_utc_datetime(const std::chrono::system_clock::time_point& tp) {	9✔
27	const Botan::calendar_point c(tp);	9✔
28	std::ostringstream out;	9✔
29	out << std::setfill('0') << std::setw(4) << c.year() << "-" << std::setw(2) << c.month() << "-" << std::setw(2)	9✔
30	<< c.day() << "T" << std::setw(2) << c.hour() << ":" << std::setw(2) << c.minutes() << ":" << std::setw(2)	9✔
31	<< c.seconds();	9✔
32	return out.str();	18✔
33	}	9✔
34
35	class RoughtimeCheck final : public Command {
36	public:
37	RoughtimeCheck() : Command("roughtime_check --raw-time chain-file") {}	8✔
38
39	std::string group() const override { return "misc"; }	1✔
40
41	std::string description() const override { return "Parse and validate Roughtime chain file"; }	1✔
42
43	void go() override {	3✔
44	const auto chain = Botan::Roughtime::Chain(slurp_file_as_str(get_arg("chain-file")));	6✔
45	unsigned i = 0;	3✔
46	for(const auto& response : chain.responses()) {	9✔
47	output() << std::setw(3) << ++i << ": UTC ";	6✔
48	if(flag_set("raw-time")) {	6✔
49	output()	1✔
50	<< Botan::Roughtime::Response::sys_microseconds64(response.utc_midpoint()).time_since_epoch().count();	1✔
51	} else {
52	output() << format_utc_datetime(response.utc_midpoint());	10✔
53	}
54	output() << " (+-" << Botan::Roughtime::Response::microseconds32(response.utc_radius()).count() << "us)\n";	6✔
55	}	2✔
56	}	2✔
57	};
58
59	BOTAN_REGISTER_COMMAND("roughtime_check", RoughtimeCheck);	4✔
60
61	class Roughtime final : public Command {
62	public:
63	Roughtime() :	7✔
64	Command(
65	"roughtime --raw-time --chain-file=roughtime-chain --max-chain-size=128 --check-local-clock=60 --host= --pubkey= --servers-file=") {	7✔
66	}	7✔
67
68	std::string help_text() const override {	×
69	return Command::help_text() + R"(	×
70
71	--servers-file=<filename>
72	List of servers that will queried in sequence.
73
74	File contents syntax:
75	<name> <key type> <base 64 encoded public key> <protocol> <host:port>
76
77	Example servers:
78	Cloudflare-Roughtime ed25519 0GD7c3yP8xEc4Zl2zeuN2SlLvDVVocjsPSL8/Rl/7zg= udp roughtime.cloudflare.com:2003
79	Google-Sandbox-Roughtime ed25519 etPaaIxcBMY1oUeGpwvPMCJMwlRVNxv51KK/tktoJTQ= udp roughtime.sandbox.google.com:2002
80
81	--chain-file=<filename>
82	Successful queries are appended to this file.
83	If limit of --max-chain-size records is reached, the oldest records are truncated.
84	This queries records can be replayed using command roughtime_check <chain-file>.
85
86	File contents syntax:
87	<key type> <base 64 encoded public key> <base 64 encoded blind or nonce> <base 64 encoded server response>
88	)";
89	}
90
91	std::string group() const override { return "misc"; }	1✔
92
93	std::string description() const override { return "Retrieve time from Roughtime server"; }	1✔
94
95	void query(std::unique_ptr<Botan::Roughtime::Chain>& chain,	5✔
96	const size_t max_chain_size,
97	const std::string& address,
98	const Botan::Ed25519_PublicKey& public_key) {
99	Botan::Roughtime::Nonce nonce{};	5✔
100	Botan::Roughtime::Nonce blind{};	5✔
101	if(chain) {	5✔
102	blind = Botan::Roughtime::Nonce(rng());	3✔
103	nonce = chain->next_nonce(blind);	3✔
104	} else {
105	nonce = Botan::Roughtime::Nonce(rng());	2✔
106	}
107	const auto response_raw = Botan::Roughtime::online_request(address, nonce, std::chrono::seconds(5));	5✔
108	const auto response = Botan::Roughtime::Response::from_bits(response_raw, nonce);	5✔
109	if(flag_set("raw-time")) {	5✔
110	output()	1✔
111	<< "UTC "	1✔
112	<< Botan::Roughtime::Response::sys_microseconds64(response.utc_midpoint()).time_since_epoch().count();	1✔
113	} else {
114	output() << "UTC " << format_utc_datetime(response.utc_midpoint());	8✔
115	}
116	output() << " (+-" << Botan::Roughtime::Response::microseconds32(response.utc_radius()).count() << "us)";	5✔
117	if(!response.validate(public_key)) {	5✔
118	error_output() << "ERROR: Public key does not match!\n";	1✔
119	set_return_code(1);	1✔
120	return;	1✔
121	}
122	const auto tolerance = get_arg_sz("check-local-clock");	4✔
123	if(tolerance > 0) {	4✔
124	const auto now = std::chrono::system_clock::now();	1✔
125	const auto diff_abs =	1✔
126	now >= response.utc_midpoint() ? now - response.utc_midpoint() : response.utc_midpoint() - now;	1✔
127	if(diff_abs > (response.utc_radius() + std::chrono::seconds(tolerance))) {	1✔
128	error_output() << "ERROR: Local clock mismatch\n";	1✔
129	set_return_code(1);	1✔
130	return;	1✔
131	}
132	output() << " Local clock match";	×
133	}
134	if(chain) {	3✔
135	chain->append({response_raw, public_key, blind}, max_chain_size);	3✔
136	}
137	output() << '\n';	3✔
138	}	5✔
139
140	void go() override {	6✔
141	const auto max_chain_size = get_arg_sz("max-chain-size");	6✔
142	const auto chain_file = get_arg("chain-file");	6✔
143	const auto servers_file = get_arg_or("servers-file", "");	12✔
144	const auto host = get_arg_or("host", "");	12✔
145	const auto pk = get_arg_or("pubkey", "");	12✔
146
147	std::unique_ptr<Botan::Roughtime::Chain> chain;	6✔
148	if(!chain_file.empty() && max_chain_size >= 1) {	6✔
149	try {	4✔
150	chain = std::make_unique<Botan::Roughtime::Chain>(slurp_file_as_str(chain_file));	6✔
151	} catch(const CLI_IO_Error&) {	2✔
152	// file is to still be created
153	chain = std::make_unique<Botan::Roughtime::Chain>();	4✔
154	}	2✔
155	}
156
157	const bool from_servers_file = !servers_file.empty();	6✔
158	const bool from_host_and_pk = !host.empty() && !pk.empty();	6✔
159	if(from_servers_file == from_host_and_pk) {	6✔
160	error_output() << "Please specify either --servers-file or --host and --pubkey\n";	1✔
161	set_return_code(1);	1✔
162	return;	1✔
163	}
164
165	if(!servers_file.empty()) {	5✔
166	const auto servers = Botan::Roughtime::servers_from_str(slurp_file_as_str(servers_file));	3✔
167
168	for(const auto& s : servers) {	6✔
169	output() << std::setw(25) << std::left << s.name() << ": ";	3✔
170	for(const auto& a : s.addresses()) {	3✔
171	try {	3✔
172	query(chain, max_chain_size, a, s.public_key());	3✔
173	break;
174	} catch(const std::exception& ex) //network error, try next address	×
175	{
176	error_output() << ex.what() << '\n';	×
177	}	×
178	}
179	}
180
181	} else {	3✔
182	query(chain, max_chain_size, host, Botan::Ed25519_PublicKey(Botan::base64_decode(pk)));	4✔
183	}
184
185	if(chain) {	5✔
186	std::ofstream out(chain_file);	3✔
187	out << chain->to_string();	6✔
188	}	3✔
189	}	6✔
190	};
191
192	BOTAN_REGISTER_COMMAND("roughtime", Roughtime);	7✔
193
194	} // namespace
195
196	} // namespace Botan_CLI
197
198	#endif

randombit / botan / 27806188297

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous