… | |
… | |
64 | |
64 | |
65 | package CBOR::XS; |
65 | package CBOR::XS; |
66 | |
66 | |
67 | use common::sense; |
67 | use common::sense; |
68 | |
68 | |
69 | our $VERSION = 1.11; |
69 | our $VERSION = 1.5; |
70 | our @ISA = qw(Exporter); |
70 | our @ISA = qw(Exporter); |
71 | |
71 | |
72 | our @EXPORT = qw(encode_cbor decode_cbor); |
72 | our @EXPORT = qw(encode_cbor decode_cbor); |
73 | |
73 | |
74 | use Exporter; |
74 | use Exporter; |
… | |
… | |
218 | isn't prepared for this will not leak memory. |
218 | isn't prepared for this will not leak memory. |
219 | |
219 | |
220 | If C<$enable> is false (the default), then C<decode> will throw an error |
220 | If C<$enable> is false (the default), then C<decode> will throw an error |
221 | when it encounters a self-referential/cyclic data structure. |
221 | when it encounters a self-referential/cyclic data structure. |
222 | |
222 | |
|
|
223 | FUTURE DIRECTION: the motivation behind this option is to avoid I<real> |
|
|
224 | cycles - future versions of this module might chose to decode cyclic data |
|
|
225 | structures using weak references when this option is off, instead of |
|
|
226 | throwing an error. |
|
|
227 | |
223 | This option does not affect C<encode> in any way - shared values and |
228 | This option does not affect C<encode> in any way - shared values and |
224 | references will always be decoded properly if present. |
229 | references will always be encoded properly if present. |
225 | |
230 | |
226 | =item $cbor = $cbor->pack_strings ([$enable]) |
231 | =item $cbor = $cbor->pack_strings ([$enable]) |
227 | |
232 | |
228 | =item $enabled = $cbor->get_pack_strings |
233 | =item $enabled = $cbor->get_pack_strings |
229 | |
234 | |
… | |
… | |
242 | the standard CBOR way. |
247 | the standard CBOR way. |
243 | |
248 | |
244 | This option does not affect C<decode> in any way - string references will |
249 | This option does not affect C<decode> in any way - string references will |
245 | always be decoded properly if present. |
250 | always be decoded properly if present. |
246 | |
251 | |
|
|
252 | =item $cbor = $cbor->text_keys ([$enable]) |
|
|
253 | |
|
|
254 | =item $enabled = $cbor->get_text_keys |
|
|
255 | |
|
|
256 | If C<$enabled> is true (or missing), then C<encode> will encode all |
|
|
257 | perl hash keys as CBOR text strings/UTF-8 string, upgrading them as needed. |
|
|
258 | |
|
|
259 | If C<$enable> is false (the default), then C<encode> will encode hash keys |
|
|
260 | normally - upgraded perl strings (strings internally encoded as UTF-8) as |
|
|
261 | CBOR text strings, and downgraded perl strings as CBOR byte strings. |
|
|
262 | |
|
|
263 | This option does not affect C<decode> in any way. |
|
|
264 | |
|
|
265 | This option is useful for interoperability with CBOR decoders that don't |
|
|
266 | treat byte strings as a form of text. It is especially useful as Perl |
|
|
267 | gives very little control over hash keys. |
|
|
268 | |
|
|
269 | Enabling this option can be slow, as all downgraded hash keys that are |
|
|
270 | encoded need to be scanned and converted to UTF-8. |
|
|
271 | |
|
|
272 | =item $cbor = $cbor->text_strings ([$enable]) |
|
|
273 | |
|
|
274 | =item $enabled = $cbor->get_text_strings |
|
|
275 | |
|
|
276 | This option works similar to C<text_keys>, above, but works on all strings |
|
|
277 | (including hash keys), so C<text_keys> has no further effect after |
|
|
278 | enabling C<text_strings>. |
|
|
279 | |
|
|
280 | If C<$enabled> is true (or missing), then C<encode> will encode all perl |
|
|
281 | strings as CBOR text strings/UTF-8 strings, upgrading them as needed. |
|
|
282 | |
|
|
283 | If C<$enable> is false (the default), then C<encode> will encode strings |
|
|
284 | normally (but see C<text_keys>) - upgraded perl strings (strings |
|
|
285 | internally encoded as UTF-8) as CBOR text strings, and downgraded perl |
|
|
286 | strings as CBOR byte strings. |
|
|
287 | |
|
|
288 | This option does not affect C<decode> in any way. |
|
|
289 | |
|
|
290 | This option has similar advantages and disadvantages as C<text_keys>. In |
|
|
291 | addition, this option effectively removes the ability to encode byte |
|
|
292 | strings, which might break some C<FREEZE> and C<TO_CBOR> methods that rely |
|
|
293 | on this, such as bignum encoding, so this option is mainly useful for very |
|
|
294 | simple data. |
|
|
295 | |
247 | =item $cbor = $cbor->validate_utf8 ([$enable]) |
296 | =item $cbor = $cbor->validate_utf8 ([$enable]) |
248 | |
297 | |
249 | =item $enabled = $cbor->get_validate_utf8 |
298 | =item $enabled = $cbor->get_validate_utf8 |
250 | |
299 | |
251 | If C<$enable> is true (or missing), then C<decode> will validate that |
300 | If C<$enable> is true (or missing), then C<decode> will validate that |
… | |
… | |
256 | The concept of "valid UTF-8" used is perl's concept, which is a superset |
305 | The concept of "valid UTF-8" used is perl's concept, which is a superset |
257 | of the official UTF-8. |
306 | of the official UTF-8. |
258 | |
307 | |
259 | If C<$enable> is false (the default), then C<decode> will blindly accept |
308 | If C<$enable> is false (the default), then C<decode> will blindly accept |
260 | UTF-8 data, marking them as valid UTF-8 in the resulting data structure |
309 | UTF-8 data, marking them as valid UTF-8 in the resulting data structure |
261 | regardless of whether thats true or not. |
310 | regardless of whether that's true or not. |
262 | |
311 | |
263 | Perl isn't too happy about corrupted UTF-8 in strings, but should |
312 | Perl isn't too happy about corrupted UTF-8 in strings, but should |
264 | generally not crash or do similarly evil things. Extensions might be not |
313 | generally not crash or do similarly evil things. Extensions might be not |
265 | so forgiving, so it's recommended to turn on this setting if you receive |
314 | so forgiving, so it's recommended to turn on this setting if you receive |
266 | untrusted CBOR. |
315 | untrusted CBOR. |
… | |
… | |
333 | CBOR::XS->new->decode_prefix ("......") |
382 | CBOR::XS->new->decode_prefix ("......") |
334 | => ("...", 3) |
383 | => ("...", 3) |
335 | |
384 | |
336 | =back |
385 | =back |
337 | |
386 | |
|
|
387 | =head2 INCREMENTAL PARSING |
|
|
388 | |
|
|
389 | In some cases, there is the need for incremental parsing of JSON |
|
|
390 | texts. While this module always has to keep both CBOR text and resulting |
|
|
391 | Perl data structure in memory at one time, it does allow you to parse a |
|
|
392 | CBOR stream incrementally, using a similar to using "decode_prefix" to see |
|
|
393 | if a full CBOR object is available, but is much more efficient. |
|
|
394 | |
|
|
395 | It basically works by parsing as much of a CBOR string as possible - if |
|
|
396 | the CBOR data is not complete yet, the pasrer will remember where it was, |
|
|
397 | to be able to restart when more data has been accumulated. Once enough |
|
|
398 | data is available to either decode a complete CBOR value or raise an |
|
|
399 | error, a real decode will be attempted. |
|
|
400 | |
|
|
401 | A typical use case would be a network protocol that consists of sending |
|
|
402 | and receiving CBOR-encoded messages. The solution that works with CBOR and |
|
|
403 | about anything else is by prepending a length to every CBOR value, so the |
|
|
404 | receiver knows how many octets to read. More compact (and slightly slower) |
|
|
405 | would be to just send CBOR values back-to-back, as C<CBOR::XS> knows where |
|
|
406 | a CBOR value ends, and doesn't need an explicit length. |
|
|
407 | |
|
|
408 | The following methods help with this: |
|
|
409 | |
|
|
410 | =over 4 |
|
|
411 | |
|
|
412 | =item @decoded = $cbor->incr_parse ($buffer) |
|
|
413 | |
|
|
414 | This method attempts to decode exactly one CBOR value from the beginning |
|
|
415 | of the given C<$buffer>. The value is removed from the C<$buffer> on |
|
|
416 | success. When C<$buffer> doesn't contain a complete value yet, it returns |
|
|
417 | nothing. Finally, when the C<$buffer> doesn't start with something |
|
|
418 | that could ever be a valid CBOR value, it raises an exception, just as |
|
|
419 | C<decode> would. In the latter case the decoder state is undefined and |
|
|
420 | must be reset before being able to parse further. |
|
|
421 | |
|
|
422 | This method modifies the C<$buffer> in place. When no CBOR value can be |
|
|
423 | decoded, the decoder stores the current string offset. On the next call, |
|
|
424 | continues decoding at the place where it stopped before. For this to make |
|
|
425 | sense, the C<$buffer> must begin with the same octets as on previous |
|
|
426 | unsuccessful calls. |
|
|
427 | |
|
|
428 | You can call this method in scalar context, in which case it either |
|
|
429 | returns a decoded value or C<undef>. This makes it impossible to |
|
|
430 | distinguish between CBOR null values (which decode to C<undef>) and an |
|
|
431 | unsuccessful decode, which is often acceptable. |
|
|
432 | |
|
|
433 | =item @decoded = $cbor->incr_parse_multiple ($buffer) |
|
|
434 | |
|
|
435 | Same as C<incr_parse>, but attempts to decode as many CBOR values as |
|
|
436 | possible in one go, instead of at most one. Calls to C<incr_parse> and |
|
|
437 | C<incr_parse_multiple> can be interleaved. |
|
|
438 | |
|
|
439 | =item $cbor->incr_reset |
|
|
440 | |
|
|
441 | Resets the incremental decoder. This throws away any saved state, so that |
|
|
442 | subsequent calls to C<incr_parse> or C<incr_parse_multiple> start to parse |
|
|
443 | a new CBOR value from the beginning of the C<$buffer> again. |
|
|
444 | |
|
|
445 | This method can be caled at any time, but it I<must> be called if you want |
|
|
446 | to change your C<$buffer> or there was a decoding error and you want to |
|
|
447 | reuse the C<$cbor> object for future incremental parsings. |
|
|
448 | |
|
|
449 | =back |
|
|
450 | |
338 | |
451 | |
339 | =head1 MAPPING |
452 | =head1 MAPPING |
340 | |
453 | |
341 | This section describes how CBOR::XS maps Perl values to CBOR values and |
454 | This section describes how CBOR::XS maps Perl values to CBOR values and |
342 | vice versa. These mappings are designed to "do the right thing" in most |
455 | vice versa. These mappings are designed to "do the right thing" in most |
… | |
… | |
412 | |
525 | |
413 | =item hash references |
526 | =item hash references |
414 | |
527 | |
415 | Perl hash references become CBOR maps. As there is no inherent ordering in |
528 | Perl hash references become CBOR maps. As there is no inherent ordering in |
416 | hash keys (or CBOR maps), they will usually be encoded in a pseudo-random |
529 | hash keys (or CBOR maps), they will usually be encoded in a pseudo-random |
417 | order. This order can be different each time a hahs is encoded. |
530 | order. This order can be different each time a hash is encoded. |
418 | |
531 | |
419 | Currently, tied hashes will use the indefinite-length format, while normal |
532 | Currently, tied hashes will use the indefinite-length format, while normal |
420 | hashes will use the fixed-length format. |
533 | hashes will use the fixed-length format. |
421 | |
534 | |
422 | =item array references |
535 | =item array references |
… | |
… | |
475 | my $x = 3.1; # some variable containing a number |
588 | my $x = 3.1; # some variable containing a number |
476 | "$x"; # stringified |
589 | "$x"; # stringified |
477 | $x .= ""; # another, more awkward way to stringify |
590 | $x .= ""; # another, more awkward way to stringify |
478 | print $x; # perl does it for you, too, quite often |
591 | print $x; # perl does it for you, too, quite often |
479 | |
592 | |
480 | You can force whether a string ie encoded as byte or text string by using |
593 | You can force whether a string is encoded as byte or text string by using |
481 | C<utf8::upgrade> and C<utf8::downgrade>): |
594 | C<utf8::upgrade> and C<utf8::downgrade> (if C<text_strings> is disabled): |
482 | |
595 | |
483 | utf8::upgrade $x; # encode $x as text string |
596 | utf8::upgrade $x; # encode $x as text string |
484 | utf8::downgrade $x; # encode $x as byte string |
597 | utf8::downgrade $x; # encode $x as byte string |
485 | |
598 | |
486 | Perl doesn't define what operations up- and downgrade strings, so if the |
599 | Perl doesn't define what operations up- and downgrade strings, so if the |
487 | difference between byte and text is important, you should up- or downgrade |
600 | difference between byte and text is important, you should up- or downgrade |
488 | your string as late as possible before encoding. |
601 | your string as late as possible before encoding. You can also force the |
|
|
602 | use of CBOR text strings by using C<text_keys> or C<text_strings>. |
489 | |
603 | |
490 | You can force the type to be a CBOR number by numifying it: |
604 | You can force the type to be a CBOR number by numifying it: |
491 | |
605 | |
492 | my $x = "3"; # some variable containing a string |
606 | my $x = "3"; # some variable containing a string |
493 | $x += 0; # numify it, ensuring it will be dumped as a number |
607 | $x += 0; # numify it, ensuring it will be dumped as a number |
… | |
… | |
594 | "$self" # encode url string |
708 | "$self" # encode url string |
595 | } |
709 | } |
596 | |
710 | |
597 | sub URI::THAW { |
711 | sub URI::THAW { |
598 | my ($class, $serialiser, $uri) = @_; |
712 | my ($class, $serialiser, $uri) = @_; |
599 | |
|
|
600 | $class->new ($uri) |
713 | $class->new ($uri) |
601 | } |
714 | } |
602 | |
715 | |
603 | Unlike C<TO_CBOR>, multiple values can be returned by C<FREEZE>. For |
716 | Unlike C<TO_CBOR>, multiple values can be returned by C<FREEZE>. For |
604 | example, a C<FREEZE> method that returns "type", "id" and "variant" values |
717 | example, a C<FREEZE> method that returns "type", "id" and "variant" values |
… | |
… | |
735 | additional tags (such as base64url). |
848 | additional tags (such as base64url). |
736 | |
849 | |
737 | =head2 ENFORCED TAGS |
850 | =head2 ENFORCED TAGS |
738 | |
851 | |
739 | These tags are always handled when decoding, and their handling cannot be |
852 | These tags are always handled when decoding, and their handling cannot be |
740 | overriden by the user. |
853 | overridden by the user. |
741 | |
854 | |
742 | =over 4 |
855 | =over 4 |
743 | |
856 | |
744 | =item 26 (perl-object, L<http://cbor.schmorp.de/perl-object>) |
857 | =item 26 (perl-object, L<http://cbor.schmorp.de/perl-object>) |
745 | |
858 | |
746 | These tags are automatically created (and decoded) for serialisable |
859 | These tags are automatically created (and decoded) for serialisable |
747 | objects using the C<FREEZE/THAW> methods (the L<Types::Serialier> object |
860 | objects using the C<FREEZE/THAW> methods (the L<Types::Serialier> object |
748 | serialisation protocol). See L<OBJECT SERIALISATION> for details. |
861 | serialisation protocol). See L<OBJECT SERIALISATION> for details. |
749 | |
862 | |
750 | =item 28, 29 (shareable, sharedref, L <http://cbor.schmorp.de/value-sharing>) |
863 | =item 28, 29 (shareable, sharedref, L<http://cbor.schmorp.de/value-sharing>) |
751 | |
864 | |
752 | These tags are automatically decoded when encountered (and they do not |
865 | These tags are automatically decoded when encountered (and they do not |
753 | result in a cyclic data structure, see C<allow_cycles>), resulting in |
866 | result in a cyclic data structure, see C<allow_cycles>), resulting in |
754 | shared values in the decoded object. They are only encoded, however, when |
867 | shared values in the decoded object. They are only encoded, however, when |
755 | C<allow_sharing> is enabled. |
868 | C<allow_sharing> is enabled. |
… | |
… | |
765 | will be shared, others will not. While non-reference shared values can be |
878 | will be shared, others will not. While non-reference shared values can be |
766 | generated in Perl with some effort, they were considered too unimportant |
879 | generated in Perl with some effort, they were considered too unimportant |
767 | to be supported in the encoder. The decoder, however, will decode these |
880 | to be supported in the encoder. The decoder, however, will decode these |
768 | values as shared values. |
881 | values as shared values. |
769 | |
882 | |
770 | =item 256, 25 (stringref-namespace, stringref, L <http://cbor.schmorp.de/stringref>) |
883 | =item 256, 25 (stringref-namespace, stringref, L<http://cbor.schmorp.de/stringref>) |
771 | |
884 | |
772 | These tags are automatically decoded when encountered. They are only |
885 | These tags are automatically decoded when encountered. They are only |
773 | encoded, however, when C<pack_strings> is enabled. |
886 | encoded, however, when C<pack_strings> is enabled. |
774 | |
887 | |
775 | =item 22098 (indirection, L<http://cbor.schmorp.de/indirection>) |
888 | =item 22098 (indirection, L<http://cbor.schmorp.de/indirection>) |
776 | |
889 | |
777 | This tag is automatically generated when a reference are encountered (with |
890 | This tag is automatically generated when a reference are encountered (with |
778 | the exception of hash and array refernces). It is converted to a reference |
891 | the exception of hash and array references). It is converted to a reference |
779 | when decoding. |
892 | when decoding. |
780 | |
893 | |
781 | =item 55799 (self-describe CBOR, RFC 7049) |
894 | =item 55799 (self-describe CBOR, RFC 7049) |
782 | |
895 | |
783 | This value is not generated on encoding (unless explicitly requested by |
896 | This value is not generated on encoding (unless explicitly requested by |
… | |
… | |
786 | =back |
899 | =back |
787 | |
900 | |
788 | =head2 NON-ENFORCED TAGS |
901 | =head2 NON-ENFORCED TAGS |
789 | |
902 | |
790 | These tags have default filters provided when decoding. Their handling can |
903 | These tags have default filters provided when decoding. Their handling can |
791 | be overriden by changing the C<%CBOR::XS::FILTER> entry for the tag, or by |
904 | be overridden by changing the C<%CBOR::XS::FILTER> entry for the tag, or by |
792 | providing a custom C<filter> callback when decoding. |
905 | providing a custom C<filter> callback when decoding. |
793 | |
906 | |
794 | When they result in decoding into a specific Perl class, the module |
907 | When they result in decoding into a specific Perl class, the module |
795 | usually provides a corresponding C<TO_CBOR> method as well. |
908 | usually provides a corresponding C<TO_CBOR> method as well. |
796 | |
909 | |
… | |
… | |
814 | |
927 | |
815 | These tags are decoded into L<Math::BigInt> objects. The corresponding |
928 | These tags are decoded into L<Math::BigInt> objects. The corresponding |
816 | C<Math::BigInt::TO_CBOR> method encodes "small" bigints into normal CBOR |
929 | C<Math::BigInt::TO_CBOR> method encodes "small" bigints into normal CBOR |
817 | integers, and others into positive/negative CBOR bignums. |
930 | integers, and others into positive/negative CBOR bignums. |
818 | |
931 | |
819 | =item 4, 5 (decimal fraction/bigfloat) |
932 | =item 4, 5, 264, 265 (decimal fraction/bigfloat) |
820 | |
933 | |
821 | Both decimal fractions and bigfloats are decoded into L<Math::BigFloat> |
934 | Both decimal fractions and bigfloats are decoded into L<Math::BigFloat> |
822 | objects. The corresponding C<Math::BigFloat::TO_CBOR> method I<always> |
935 | objects. The corresponding C<Math::BigFloat::TO_CBOR> method I<always> |
823 | encodes into a decimal fraction. |
936 | encodes into a decimal fraction (either tag 4 or 264). |
824 | |
937 | |
825 | CBOR cannot represent bigfloats with I<very> large exponents - conversion |
938 | NaN and infinities are not encoded properly, as they cannot be represented |
826 | of such big float objects is undefined. |
939 | in CBOR. |
827 | |
940 | |
828 | Also, NaN and infinities are not encoded properly. |
941 | See L<BIGNUM SECURITY CONSIDERATIONS> for more info. |
|
|
942 | |
|
|
943 | =item 30 (rational numbers) |
|
|
944 | |
|
|
945 | These tags are decoded into L<Math::BigRat> objects. The corresponding |
|
|
946 | C<Math::BigRat::TO_CBOR> method encodes rational numbers with denominator |
|
|
947 | C<1> via their numerator only, i.e., they become normal integers or |
|
|
948 | C<bignums>. |
|
|
949 | |
|
|
950 | See L<BIGNUM SECURITY CONSIDERATIONS> for more info. |
829 | |
951 | |
830 | =item 21, 22, 23 (expected later JSON conversion) |
952 | =item 21, 22, 23 (expected later JSON conversion) |
831 | |
953 | |
832 | CBOR::XS is not a CBOR-to-JSON converter, and will simply ignore these |
954 | CBOR::XS is not a CBOR-to-JSON converter, and will simply ignore these |
833 | tags. |
955 | tags. |
… | |
… | |
838 | C<URI::TO_CBOR> method again results in a CBOR URI value. |
960 | C<URI::TO_CBOR> method again results in a CBOR URI value. |
839 | |
961 | |
840 | =back |
962 | =back |
841 | |
963 | |
842 | =cut |
964 | =cut |
843 | |
|
|
844 | our %FILTER = ( |
|
|
845 | # 0 # rfc4287 datetime, utf-8 |
|
|
846 | # 1 # unix timestamp, any |
|
|
847 | |
|
|
848 | 2 => sub { # pos bigint |
|
|
849 | require Math::BigInt; |
|
|
850 | Math::BigInt->new ("0x" . unpack "H*", pop) |
|
|
851 | }, |
|
|
852 | |
|
|
853 | 3 => sub { # neg bigint |
|
|
854 | require Math::BigInt; |
|
|
855 | -Math::BigInt->new ("0x" . unpack "H*", pop) |
|
|
856 | }, |
|
|
857 | |
|
|
858 | 4 => sub { # decimal fraction, array |
|
|
859 | require Math::BigFloat; |
|
|
860 | Math::BigFloat->new ($_[1][1] . "E" . $_[1][0]) |
|
|
861 | }, |
|
|
862 | |
|
|
863 | 5 => sub { # bigfloat, array |
|
|
864 | require Math::BigFloat; |
|
|
865 | scalar Math::BigFloat->new ($_[1][1])->blsft ($_[1][0], 2) |
|
|
866 | }, |
|
|
867 | |
|
|
868 | 21 => sub { pop }, # expected conversion to base64url encoding |
|
|
869 | 22 => sub { pop }, # expected conversion to base64 encoding |
|
|
870 | 23 => sub { pop }, # expected conversion to base16 encoding |
|
|
871 | |
|
|
872 | # 24 # embedded cbor, byte string |
|
|
873 | |
|
|
874 | 32 => sub { |
|
|
875 | require URI; |
|
|
876 | URI->new (pop) |
|
|
877 | }, |
|
|
878 | |
|
|
879 | # 33 # base64url rfc4648, utf-8 |
|
|
880 | # 34 # base64 rfc46484, utf-8 |
|
|
881 | # 35 # regex pcre/ecma262, utf-8 |
|
|
882 | # 36 # mime message rfc2045, utf-8 |
|
|
883 | ); |
|
|
884 | |
|
|
885 | |
965 | |
886 | =head1 CBOR and JSON |
966 | =head1 CBOR and JSON |
887 | |
967 | |
888 | CBOR is supposed to implement a superset of the JSON data model, and is, |
968 | CBOR is supposed to implement a superset of the JSON data model, and is, |
889 | with some coercion, able to represent all JSON texts (something that other |
969 | with some coercion, able to represent all JSON texts (something that other |
… | |
… | |
931 | Also keep in mind that CBOR::XS might leak contents of your Perl data |
1011 | Also keep in mind that CBOR::XS might leak contents of your Perl data |
932 | structures in its error messages, so when you serialise sensitive |
1012 | structures in its error messages, so when you serialise sensitive |
933 | information you might want to make sure that exceptions thrown by CBOR::XS |
1013 | information you might want to make sure that exceptions thrown by CBOR::XS |
934 | will not end up in front of untrusted eyes. |
1014 | will not end up in front of untrusted eyes. |
935 | |
1015 | |
|
|
1016 | |
|
|
1017 | =head1 BIGNUM SECURITY CONSIDERATIONS |
|
|
1018 | |
|
|
1019 | CBOR::XS provides a C<TO_CBOR> method for both L<Math::BigInt> and |
|
|
1020 | L<Math::BigFloat> that tries to encode the number in the simplest possible |
|
|
1021 | way, that is, either a CBOR integer, a CBOR bigint/decimal fraction (tag |
|
|
1022 | 4) or an arbitrary-exponent decimal fraction (tag 264). Rational numbers |
|
|
1023 | (L<Math::BigRat>, tag 30) can also contain bignums as members. |
|
|
1024 | |
|
|
1025 | CBOR::XS will also understand base-2 bigfloat or arbitrary-exponent |
|
|
1026 | bigfloats (tags 5 and 265), but it will never generate these on its own. |
|
|
1027 | |
|
|
1028 | Using the built-in L<Math::BigInt::Calc> support, encoding and decoding |
|
|
1029 | decimal fractions is generally fast. Decoding bigints can be slow for very |
|
|
1030 | big numbers (tens of thousands of digits, something that could potentially |
|
|
1031 | be caught by limiting the size of CBOR texts), and decoding bigfloats or |
|
|
1032 | arbitrary-exponent bigfloats can be I<extremely> slow (minutes, decades) |
|
|
1033 | for large exponents (roughly 40 bit and longer). |
|
|
1034 | |
|
|
1035 | Additionally, L<Math::BigInt> can take advantage of other bignum |
|
|
1036 | libraries, such as L<Math::GMP>, which cannot handle big floats with large |
|
|
1037 | exponents, and might simply abort or crash your program, due to their code |
|
|
1038 | quality. |
|
|
1039 | |
|
|
1040 | This can be a concern if you want to parse untrusted CBOR. If it is, you |
|
|
1041 | might want to disable decoding of tag 2 (bigint) and 3 (negative bigint) |
|
|
1042 | types. You should also disable types 5 and 265, as these can be slow even |
|
|
1043 | without bigints. |
|
|
1044 | |
|
|
1045 | Disabling bigints will also partially or fully disable types that rely on |
|
|
1046 | them, e.g. rational numbers that use bignums. |
|
|
1047 | |
|
|
1048 | |
936 | =head1 CBOR IMPLEMENTATION NOTES |
1049 | =head1 CBOR IMPLEMENTATION NOTES |
937 | |
1050 | |
938 | This section contains some random implementation notes. They do not |
1051 | This section contains some random implementation notes. They do not |
939 | describe guaranteed behaviour, but merely behaviour as-is implemented |
1052 | describe guaranteed behaviour, but merely behaviour as-is implemented |
940 | right now. |
1053 | right now. |
… | |
… | |
953 | |
1066 | |
954 | |
1067 | |
955 | =head1 LIMITATIONS ON PERLS WITHOUT 64-BIT INTEGER SUPPORT |
1068 | =head1 LIMITATIONS ON PERLS WITHOUT 64-BIT INTEGER SUPPORT |
956 | |
1069 | |
957 | On perls that were built without 64 bit integer support (these are rare |
1070 | On perls that were built without 64 bit integer support (these are rare |
958 | nowadays, even on 32 bit architectures), support for any kind of 64 bit |
1071 | nowadays, even on 32 bit architectures, as all major Perl distributions |
|
|
1072 | are built with 64 bit integer support), support for any kind of 64 bit |
959 | integer in CBOR is very limited - most likely, these 64 bit values will |
1073 | integer in CBOR is very limited - most likely, these 64 bit values will |
960 | be truncated, corrupted, or otherwise not decoded correctly. This also |
1074 | be truncated, corrupted, or otherwise not decoded correctly. This also |
961 | includes string, array and map sizes that are stored as 64 bit integers. |
1075 | includes string, array and map sizes that are stored as 64 bit integers. |
962 | |
1076 | |
963 | |
1077 | |
… | |
… | |
988 | # Time::Piece::Strptime uses the "incredibly flexible date parsing routine" |
1102 | # Time::Piece::Strptime uses the "incredibly flexible date parsing routine" |
989 | # from FreeBSD, which can't parse ISO 8601, RFC3339, RFC4287 or much of anything |
1103 | # from FreeBSD, which can't parse ISO 8601, RFC3339, RFC4287 or much of anything |
990 | # else either. Whats incredibe over standard strptime totally escapes me. |
1104 | # else either. Whats incredibe over standard strptime totally escapes me. |
991 | # doesn't do fractional times, either. sigh. |
1105 | # doesn't do fractional times, either. sigh. |
992 | # In fact, it's all a lie, it uses whatever strptime it wants, and of course, |
1106 | # In fact, it's all a lie, it uses whatever strptime it wants, and of course, |
993 | # they are all incomptible. The openbsd one simply ignores %z (but according to the |
1107 | # they are all incompatible. The openbsd one simply ignores %z (but according to the |
994 | # docs, it would be much more incredibly flexible indeed. If it worked, that is.). |
1108 | # docs, it would be much more incredibly flexible indeed. If it worked, that is.). |
995 | scalar eval { |
1109 | scalar eval { |
996 | my $s = $_[1]; |
1110 | my $s = $_[1]; |
997 | |
1111 | |
998 | $s =~ s/Z$/+00:00/; |
1112 | $s =~ s/Z$/+00:00/; |
… | |
… | |
1024 | 4 => sub { # decimal fraction, array |
1138 | 4 => sub { # decimal fraction, array |
1025 | require Math::BigFloat; |
1139 | require Math::BigFloat; |
1026 | Math::BigFloat->new ($_[1][1] . "E" . $_[1][0]) |
1140 | Math::BigFloat->new ($_[1][1] . "E" . $_[1][0]) |
1027 | }, |
1141 | }, |
1028 | |
1142 | |
|
|
1143 | 264 => sub { # decimal fraction with arbitrary exponent |
|
|
1144 | require Math::BigFloat; |
|
|
1145 | Math::BigFloat->new ($_[1][1] . "E" . $_[1][0]) |
|
|
1146 | }, |
|
|
1147 | |
1029 | 5 => sub { # bigfloat, array |
1148 | 5 => sub { # bigfloat, array |
1030 | require Math::BigFloat; |
1149 | require Math::BigFloat; |
1031 | scalar Math::BigFloat->new ($_[1][1])->blsft ($_[1][0], 2) |
1150 | scalar Math::BigFloat->new ($_[1][1]) * Math::BigFloat->new (2)->bpow ($_[1][0]) |
|
|
1151 | }, |
|
|
1152 | |
|
|
1153 | 265 => sub { # bigfloat with arbitrary exponent |
|
|
1154 | require Math::BigFloat; |
|
|
1155 | scalar Math::BigFloat->new ($_[1][1]) * Math::BigFloat->new (2)->bpow ($_[1][0]) |
|
|
1156 | }, |
|
|
1157 | |
|
|
1158 | 30 => sub { # rational number |
|
|
1159 | require Math::BigRat; |
|
|
1160 | Math::BigRat->new ("$_[1][0]/$_[1][1]") # separate parameters only work in recent versons |
1032 | }, |
1161 | }, |
1033 | |
1162 | |
1034 | 21 => sub { pop }, # expected conversion to base64url encoding |
1163 | 21 => sub { pop }, # expected conversion to base64url encoding |
1035 | 22 => sub { pop }, # expected conversion to base64 encoding |
1164 | 22 => sub { pop }, # expected conversion to base64 encoding |
1036 | 23 => sub { pop }, # expected conversion to base16 encoding |
1165 | 23 => sub { pop }, # expected conversion to base16 encoding |
… | |
… | |
1057 | utf8::upgrade $uri; |
1186 | utf8::upgrade $uri; |
1058 | tag 32, $uri |
1187 | tag 32, $uri |
1059 | } |
1188 | } |
1060 | |
1189 | |
1061 | sub Math::BigInt::TO_CBOR { |
1190 | sub Math::BigInt::TO_CBOR { |
1062 | if ($_[0] >= -2147483648 && $_[0] <= 2147483647) { |
1191 | if (-2147483648 <= $_[0] && $_[0] <= 2147483647) { |
1063 | $_[0]->numify |
1192 | $_[0]->numify |
1064 | } else { |
1193 | } else { |
1065 | my $hex = substr $_[0]->as_hex, 2; |
1194 | my $hex = substr $_[0]->as_hex, 2; |
1066 | $hex = "0$hex" if 1 & length $hex; # sigh |
1195 | $hex = "0$hex" if 1 & length $hex; # sigh |
1067 | tag $_[0] >= 0 ? 2 : 3, pack "H*", $hex |
1196 | tag $_[0] >= 0 ? 2 : 3, pack "H*", $hex |
1068 | } |
1197 | } |
1069 | } |
1198 | } |
1070 | |
1199 | |
1071 | sub Math::BigFloat::TO_CBOR { |
1200 | sub Math::BigFloat::TO_CBOR { |
1072 | my ($m, $e) = $_[0]->parts; |
1201 | my ($m, $e) = $_[0]->parts; |
|
|
1202 | |
|
|
1203 | -9223372036854775808 <= $e && $e <= 18446744073709551615 |
1073 | tag 4, [$e->numify, $m] |
1204 | ? tag 4, [$e->numify, $m] |
|
|
1205 | : tag 264, [$e, $m] |
1074 | } |
1206 | } |
1075 | |
1207 | |
|
|
1208 | sub Math::BigRat::TO_CBOR { |
|
|
1209 | my ($n, $d) = $_[0]->parts; |
|
|
1210 | |
|
|
1211 | $d == 1 |
|
|
1212 | ? $n |
|
|
1213 | : tag 30, [$n, $d] |
|
|
1214 | } |
|
|
1215 | |
1076 | sub Time::Piece::TO_CBOR { |
1216 | sub Time::Piece::TO_CBOR { |
1077 | tag 1, $_[0]->epoch |
1217 | tag 1, 0 + $_[0]->epoch |
1078 | } |
1218 | } |
1079 | |
1219 | |
1080 | XSLoader::load "CBOR::XS", $VERSION; |
1220 | XSLoader::load "CBOR::XS", $VERSION; |
1081 | |
1221 | |
1082 | =head1 SEE ALSO |
1222 | =head1 SEE ALSO |