… | |
… | |
48 | Regarding compactness, C<CBOR::XS>-encoded data structures are usually |
48 | Regarding compactness, C<CBOR::XS>-encoded data structures are usually |
49 | about 20% smaller than the same data encoded as (compact) JSON or |
49 | about 20% smaller than the same data encoded as (compact) JSON or |
50 | L<Storable>. |
50 | L<Storable>. |
51 | |
51 | |
52 | In addition to the core CBOR data format, this module implements a |
52 | In addition to the core CBOR data format, this module implements a |
53 | number of extensions, to support cyclic and shared data structures (see |
53 | number of extensions, to support cyclic and shared data structures |
54 | C<allow_sharing>), string deduplication (see C<pack_strings>) and scalar |
54 | (see C<allow_sharing> and C<allow_cycles>), string deduplication (see |
55 | references (always enabled). |
55 | C<pack_strings>) and scalar references (always enabled). |
56 | |
56 | |
57 | The primary goal of this module is to be I<correct> and the secondary goal |
57 | The primary goal of this module is to be I<correct> and the secondary goal |
58 | is to be I<fast>. To reach the latter goal it was written in C. |
58 | is to be I<fast>. To reach the latter goal it was written in C. |
59 | |
59 | |
60 | See MAPPING, below, on how CBOR::XS maps perl values to CBOR values and |
60 | See MAPPING, below, on how CBOR::XS maps perl values to CBOR values and |
… | |
… | |
64 | |
64 | |
65 | package CBOR::XS; |
65 | package CBOR::XS; |
66 | |
66 | |
67 | use common::sense; |
67 | use common::sense; |
68 | |
68 | |
69 | our $VERSION = '1.0'; |
69 | our $VERSION = 1.5; |
70 | our @ISA = qw(Exporter); |
70 | our @ISA = qw(Exporter); |
71 | |
71 | |
72 | our @EXPORT = qw(encode_cbor decode_cbor); |
72 | our @EXPORT = qw(encode_cbor decode_cbor); |
73 | |
73 | |
74 | use Exporter; |
74 | use Exporter; |
… | |
… | |
180 | reference to the earlier value. |
180 | reference to the earlier value. |
181 | |
181 | |
182 | This means that such values will only be encoded once, and will not result |
182 | This means that such values will only be encoded once, and will not result |
183 | in a deep cloning of the value on decode, in decoders supporting the value |
183 | in a deep cloning of the value on decode, in decoders supporting the value |
184 | sharing extension. This also makes it possible to encode cyclic data |
184 | sharing extension. This also makes it possible to encode cyclic data |
185 | structures. |
185 | structures (which need C<allow_cycles> to ne enabled to be decoded by this |
|
|
186 | module). |
186 | |
187 | |
187 | It is recommended to leave it off unless you know your |
188 | It is recommended to leave it off unless you know your |
188 | communication partner supports the value sharing extensions to CBOR |
189 | communication partner supports the value sharing extensions to CBOR |
189 | (L<http://cbor.schmorp.de/value-sharing>), as without decoder support, the |
190 | (L<http://cbor.schmorp.de/value-sharing>), as without decoder support, the |
190 | resulting data structure might be unusable. |
191 | resulting data structure might be unusable. |
191 | |
192 | |
192 | Detecting shared values incurs a runtime overhead when values are encoded |
193 | Detecting shared values incurs a runtime overhead when values are encoded |
193 | that have a reference counter large than one, and might unnecessarily |
194 | that have a reference counter large than one, and might unnecessarily |
194 | increase the encoded size, as potentially shared values are encode as |
195 | increase the encoded size, as potentially shared values are encode as |
195 | sharable whether or not they are actually shared. |
196 | shareable whether or not they are actually shared. |
196 | |
197 | |
197 | At the moment, only targets of references can be shared (e.g. scalars, |
198 | At the moment, only targets of references can be shared (e.g. scalars, |
198 | arrays or hashes pointed to by a reference). Weirder constructs, such as |
199 | arrays or hashes pointed to by a reference). Weirder constructs, such as |
199 | an array with multiple "copies" of the I<same> string, which are hard but |
200 | an array with multiple "copies" of the I<same> string, which are hard but |
200 | not impossible to create in Perl, are not supported (this is the same as |
201 | not impossible to create in Perl, are not supported (this is the same as |
… | |
… | |
205 | structures cannot be encoded in this mode. |
206 | structures cannot be encoded in this mode. |
206 | |
207 | |
207 | This option does not affect C<decode> in any way - shared values and |
208 | This option does not affect C<decode> in any way - shared values and |
208 | references will always be decoded properly if present. |
209 | references will always be decoded properly if present. |
209 | |
210 | |
|
|
211 | =item $cbor = $cbor->allow_cycles ([$enable]) |
|
|
212 | |
|
|
213 | =item $enabled = $cbor->get_allow_cycles |
|
|
214 | |
|
|
215 | If C<$enable> is true (or missing), then C<decode> will happily decode |
|
|
216 | self-referential (cyclic) data structures. By default these will not be |
|
|
217 | decoded, as they need manual cleanup to avoid memory leaks, so code that |
|
|
218 | isn't prepared for this will not leak memory. |
|
|
219 | |
|
|
220 | If C<$enable> is false (the default), then C<decode> will throw an error |
|
|
221 | when it encounters a self-referential/cyclic data structure. |
|
|
222 | |
|
|
223 | FUTURE DIRECTION: the motivation behind this option is to avoid I<real> |
|
|
224 | cycles - future versions of this module might chose to decode cyclic data |
|
|
225 | structures using weak references when this option is off, instead of |
|
|
226 | throwing an error. |
|
|
227 | |
|
|
228 | This option does not affect C<encode> in any way - shared values and |
|
|
229 | references will always be encoded properly if present. |
|
|
230 | |
210 | =item $cbor = $cbor->pack_strings ([$enable]) |
231 | =item $cbor = $cbor->pack_strings ([$enable]) |
211 | |
232 | |
212 | =item $enabled = $cbor->get_pack_strings |
233 | =item $enabled = $cbor->get_pack_strings |
213 | |
234 | |
214 | If C<$enable> is true (or missing), then C<encode> will try not to encode |
235 | If C<$enable> is true (or missing), then C<encode> will try not to encode |
… | |
… | |
226 | the standard CBOR way. |
247 | the standard CBOR way. |
227 | |
248 | |
228 | This option does not affect C<decode> in any way - string references will |
249 | This option does not affect C<decode> in any way - string references will |
229 | always be decoded properly if present. |
250 | always be decoded properly if present. |
230 | |
251 | |
|
|
252 | =item $cbor = $cbor->text_keys ([$enable]) |
|
|
253 | |
|
|
254 | =item $enabled = $cbor->get_text_keys |
|
|
255 | |
|
|
256 | If C<$enabled> is true (or missing), then C<encode> will encode all |
|
|
257 | perl hash keys as CBOR text strings/UTF-8 string, upgrading them as needed. |
|
|
258 | |
|
|
259 | If C<$enable> is false (the default), then C<encode> will encode hash keys |
|
|
260 | normally - upgraded perl strings (strings internally encoded as UTF-8) as |
|
|
261 | CBOR text strings, and downgraded perl strings as CBOR byte strings. |
|
|
262 | |
|
|
263 | This option does not affect C<decode> in any way. |
|
|
264 | |
|
|
265 | This option is useful for interoperability with CBOR decoders that don't |
|
|
266 | treat byte strings as a form of text. It is especially useful as Perl |
|
|
267 | gives very little control over hash keys. |
|
|
268 | |
|
|
269 | Enabling this option can be slow, as all downgraded hash keys that are |
|
|
270 | encoded need to be scanned and converted to UTF-8. |
|
|
271 | |
|
|
272 | =item $cbor = $cbor->text_strings ([$enable]) |
|
|
273 | |
|
|
274 | =item $enabled = $cbor->get_text_strings |
|
|
275 | |
|
|
276 | This option works similar to C<text_keys>, above, but works on all strings |
|
|
277 | (including hash keys), so C<text_keys> has no further effect after |
|
|
278 | enabling C<text_strings>. |
|
|
279 | |
|
|
280 | If C<$enabled> is true (or missing), then C<encode> will encode all perl |
|
|
281 | strings as CBOR text strings/UTF-8 strings, upgrading them as needed. |
|
|
282 | |
|
|
283 | If C<$enable> is false (the default), then C<encode> will encode strings |
|
|
284 | normally (but see C<text_keys>) - upgraded perl strings (strings |
|
|
285 | internally encoded as UTF-8) as CBOR text strings, and downgraded perl |
|
|
286 | strings as CBOR byte strings. |
|
|
287 | |
|
|
288 | This option does not affect C<decode> in any way. |
|
|
289 | |
|
|
290 | This option has similar advantages and disadvantages as C<text_keys>. In |
|
|
291 | addition, this option effectively removes the ability to encode byte |
|
|
292 | strings, which might break some C<FREEZE> and C<TO_CBOR> methods that rely |
|
|
293 | on this, such as bignum encoding, so this option is mainly useful for very |
|
|
294 | simple data. |
|
|
295 | |
|
|
296 | =item $cbor = $cbor->validate_utf8 ([$enable]) |
|
|
297 | |
|
|
298 | =item $enabled = $cbor->get_validate_utf8 |
|
|
299 | |
|
|
300 | If C<$enable> is true (or missing), then C<decode> will validate that |
|
|
301 | elements (text strings) containing UTF-8 data in fact contain valid UTF-8 |
|
|
302 | data (instead of blindly accepting it). This validation obviously takes |
|
|
303 | extra time during decoding. |
|
|
304 | |
|
|
305 | The concept of "valid UTF-8" used is perl's concept, which is a superset |
|
|
306 | of the official UTF-8. |
|
|
307 | |
|
|
308 | If C<$enable> is false (the default), then C<decode> will blindly accept |
|
|
309 | UTF-8 data, marking them as valid UTF-8 in the resulting data structure |
|
|
310 | regardless of whether that's true or not. |
|
|
311 | |
|
|
312 | Perl isn't too happy about corrupted UTF-8 in strings, but should |
|
|
313 | generally not crash or do similarly evil things. Extensions might be not |
|
|
314 | so forgiving, so it's recommended to turn on this setting if you receive |
|
|
315 | untrusted CBOR. |
|
|
316 | |
|
|
317 | This option does not affect C<encode> in any way - strings that are |
|
|
318 | supposedly valid UTF-8 will simply be dumped into the resulting CBOR |
|
|
319 | string without checking whether that is, in fact, true or not. |
|
|
320 | |
231 | =item $cbor = $cbor->filter ([$cb->($tag, $value)]) |
321 | =item $cbor = $cbor->filter ([$cb->($tag, $value)]) |
232 | |
322 | |
233 | =item $cb_or_undef = $cbor->get_filter |
323 | =item $cb_or_undef = $cbor->get_filter |
234 | |
324 | |
235 | Sets or replaces the tagged value decoding filter (when C<$cb> is |
325 | Sets or replaces the tagged value decoding filter (when C<$cb> is |
… | |
… | |
292 | CBOR::XS->new->decode_prefix ("......") |
382 | CBOR::XS->new->decode_prefix ("......") |
293 | => ("...", 3) |
383 | => ("...", 3) |
294 | |
384 | |
295 | =back |
385 | =back |
296 | |
386 | |
|
|
387 | =head2 INCREMENTAL PARSING |
|
|
388 | |
|
|
389 | In some cases, there is the need for incremental parsing of JSON |
|
|
390 | texts. While this module always has to keep both CBOR text and resulting |
|
|
391 | Perl data structure in memory at one time, it does allow you to parse a |
|
|
392 | CBOR stream incrementally, using a similar to using "decode_prefix" to see |
|
|
393 | if a full CBOR object is available, but is much more efficient. |
|
|
394 | |
|
|
395 | It basically works by parsing as much of a CBOR string as possible - if |
|
|
396 | the CBOR data is not complete yet, the pasrer will remember where it was, |
|
|
397 | to be able to restart when more data has been accumulated. Once enough |
|
|
398 | data is available to either decode a complete CBOR value or raise an |
|
|
399 | error, a real decode will be attempted. |
|
|
400 | |
|
|
401 | A typical use case would be a network protocol that consists of sending |
|
|
402 | and receiving CBOR-encoded messages. The solution that works with CBOR and |
|
|
403 | about anything else is by prepending a length to every CBOR value, so the |
|
|
404 | receiver knows how many octets to read. More compact (and slightly slower) |
|
|
405 | would be to just send CBOR values back-to-back, as C<CBOR::XS> knows where |
|
|
406 | a CBOR value ends, and doesn't need an explicit length. |
|
|
407 | |
|
|
408 | The following methods help with this: |
|
|
409 | |
|
|
410 | =over 4 |
|
|
411 | |
|
|
412 | =item @decoded = $cbor->incr_parse ($buffer) |
|
|
413 | |
|
|
414 | This method attempts to decode exactly one CBOR value from the beginning |
|
|
415 | of the given C<$buffer>. The value is removed from the C<$buffer> on |
|
|
416 | success. When C<$buffer> doesn't contain a complete value yet, it returns |
|
|
417 | nothing. Finally, when the C<$buffer> doesn't start with something |
|
|
418 | that could ever be a valid CBOR value, it raises an exception, just as |
|
|
419 | C<decode> would. In the latter case the decoder state is undefined and |
|
|
420 | must be reset before being able to parse further. |
|
|
421 | |
|
|
422 | This method modifies the C<$buffer> in place. When no CBOR value can be |
|
|
423 | decoded, the decoder stores the current string offset. On the next call, |
|
|
424 | continues decoding at the place where it stopped before. For this to make |
|
|
425 | sense, the C<$buffer> must begin with the same octets as on previous |
|
|
426 | unsuccessful calls. |
|
|
427 | |
|
|
428 | You can call this method in scalar context, in which case it either |
|
|
429 | returns a decoded value or C<undef>. This makes it impossible to |
|
|
430 | distinguish between CBOR null values (which decode to C<undef>) and an |
|
|
431 | unsuccessful decode, which is often acceptable. |
|
|
432 | |
|
|
433 | =item @decoded = $cbor->incr_parse_multiple ($buffer) |
|
|
434 | |
|
|
435 | Same as C<incr_parse>, but attempts to decode as many CBOR values as |
|
|
436 | possible in one go, instead of at most one. Calls to C<incr_parse> and |
|
|
437 | C<incr_parse_multiple> can be interleaved. |
|
|
438 | |
|
|
439 | =item $cbor->incr_reset |
|
|
440 | |
|
|
441 | Resets the incremental decoder. This throws away any saved state, so that |
|
|
442 | subsequent calls to C<incr_parse> or C<incr_parse_multiple> start to parse |
|
|
443 | a new CBOR value from the beginning of the C<$buffer> again. |
|
|
444 | |
|
|
445 | This method can be caled at any time, but it I<must> be called if you want |
|
|
446 | to change your C<$buffer> or there was a decoding error and you want to |
|
|
447 | reuse the C<$cbor> object for future incremental parsings. |
|
|
448 | |
|
|
449 | =back |
|
|
450 | |
297 | |
451 | |
298 | =head1 MAPPING |
452 | =head1 MAPPING |
299 | |
453 | |
300 | This section describes how CBOR::XS maps Perl values to CBOR values and |
454 | This section describes how CBOR::XS maps Perl values to CBOR values and |
301 | vice versa. These mappings are designed to "do the right thing" in most |
455 | vice versa. These mappings are designed to "do the right thing" in most |
… | |
… | |
371 | |
525 | |
372 | =item hash references |
526 | =item hash references |
373 | |
527 | |
374 | Perl hash references become CBOR maps. As there is no inherent ordering in |
528 | Perl hash references become CBOR maps. As there is no inherent ordering in |
375 | hash keys (or CBOR maps), they will usually be encoded in a pseudo-random |
529 | hash keys (or CBOR maps), they will usually be encoded in a pseudo-random |
376 | order. This order can be different each time a hahs is encoded. |
530 | order. This order can be different each time a hash is encoded. |
377 | |
531 | |
378 | Currently, tied hashes will use the indefinite-length format, while normal |
532 | Currently, tied hashes will use the indefinite-length format, while normal |
379 | hashes will use the fixed-length format. |
533 | hashes will use the fixed-length format. |
380 | |
534 | |
381 | =item array references |
535 | =item array references |
… | |
… | |
434 | my $x = 3.1; # some variable containing a number |
588 | my $x = 3.1; # some variable containing a number |
435 | "$x"; # stringified |
589 | "$x"; # stringified |
436 | $x .= ""; # another, more awkward way to stringify |
590 | $x .= ""; # another, more awkward way to stringify |
437 | print $x; # perl does it for you, too, quite often |
591 | print $x; # perl does it for you, too, quite often |
438 | |
592 | |
439 | You can force whether a string ie encoded as byte or text string by using |
593 | You can force whether a string is encoded as byte or text string by using |
440 | C<utf8::upgrade> and C<utf8::downgrade>): |
594 | C<utf8::upgrade> and C<utf8::downgrade> (if C<text_strings> is disabled): |
441 | |
595 | |
442 | utf8::upgrade $x; # encode $x as text string |
596 | utf8::upgrade $x; # encode $x as text string |
443 | utf8::downgrade $x; # encode $x as byte string |
597 | utf8::downgrade $x; # encode $x as byte string |
444 | |
598 | |
445 | Perl doesn't define what operations up- and downgrade strings, so if the |
599 | Perl doesn't define what operations up- and downgrade strings, so if the |
446 | difference between byte and text is important, you should up- or downgrade |
600 | difference between byte and text is important, you should up- or downgrade |
447 | your string as late as possible before encoding. |
601 | your string as late as possible before encoding. You can also force the |
|
|
602 | use of CBOR text strings by using C<text_keys> or C<text_strings>. |
448 | |
603 | |
449 | You can force the type to be a CBOR number by numifying it: |
604 | You can force the type to be a CBOR number by numifying it: |
450 | |
605 | |
451 | my $x = "3"; # some variable containing a string |
606 | my $x = "3"; # some variable containing a string |
452 | $x += 0; # numify it, ensuring it will be dumped as a number |
607 | $x += 0; # numify it, ensuring it will be dumped as a number |
… | |
… | |
465 | |
620 | |
466 | =back |
621 | =back |
467 | |
622 | |
468 | =head2 OBJECT SERIALISATION |
623 | =head2 OBJECT SERIALISATION |
469 | |
624 | |
|
|
625 | This module implements both a CBOR-specific and the generic |
|
|
626 | L<Types::Serialier> object serialisation protocol. The following |
|
|
627 | subsections explain both methods. |
|
|
628 | |
|
|
629 | =head3 ENCODING |
|
|
630 | |
470 | This module knows two way to serialise a Perl object: The CBOR-specific |
631 | This module knows two way to serialise a Perl object: The CBOR-specific |
471 | way, and the generic way. |
632 | way, and the generic way. |
472 | |
633 | |
473 | Whenever the encoder encounters a Perl object that it cnanot serialise |
634 | Whenever the encoder encounters a Perl object that it cannot serialise |
474 | directly (most of them), it will first look up the C<TO_CBOR> method on |
635 | directly (most of them), it will first look up the C<TO_CBOR> method on |
475 | it. |
636 | it. |
476 | |
637 | |
477 | If it has a C<TO_CBOR> method, it will call it with the object as only |
638 | If it has a C<TO_CBOR> method, it will call it with the object as only |
478 | argument, and expects exactly one return value, which it will then |
639 | argument, and expects exactly one return value, which it will then |
… | |
… | |
484 | |
645 | |
485 | The C<FREEZE> method can return any number of values (i.e. zero or |
646 | The C<FREEZE> method can return any number of values (i.e. zero or |
486 | more). These will be encoded as CBOR perl object, together with the |
647 | more). These will be encoded as CBOR perl object, together with the |
487 | classname. |
648 | classname. |
488 | |
649 | |
|
|
650 | These methods I<MUST NOT> change the data structure that is being |
|
|
651 | serialised. Failure to comply to this can result in memory corruption - |
|
|
652 | and worse. |
|
|
653 | |
489 | If an object supports neither C<TO_CBOR> nor C<FREEZE>, encoding will fail |
654 | If an object supports neither C<TO_CBOR> nor C<FREEZE>, encoding will fail |
490 | with an error. |
655 | with an error. |
491 | |
656 | |
|
|
657 | =head3 DECODING |
|
|
658 | |
492 | Objects encoded via C<TO_CBOR> cannot be automatically decoded, but |
659 | Objects encoded via C<TO_CBOR> cannot (normally) be automatically decoded, |
493 | objects encoded via C<FREEZE> can be decoded using the following protocol: |
660 | but objects encoded via C<FREEZE> can be decoded using the following |
|
|
661 | protocol: |
494 | |
662 | |
495 | When an encoded CBOR perl object is encountered by the decoder, it will |
663 | When an encoded CBOR perl object is encountered by the decoder, it will |
496 | look up the C<THAW> method, by using the stored classname, and will fail |
664 | look up the C<THAW> method, by using the stored classname, and will fail |
497 | if the method cannot be found. |
665 | if the method cannot be found. |
498 | |
666 | |
499 | After the lookup it will call the C<THAW> method with the stored classname |
667 | After the lookup it will call the C<THAW> method with the stored classname |
500 | as first argument, the constant string C<CBOR> as second argument, and all |
668 | as first argument, the constant string C<CBOR> as second argument, and all |
501 | values returned by C<FREEZE> as remaining arguments. |
669 | values returned by C<FREEZE> as remaining arguments. |
502 | |
670 | |
503 | =head4 EXAMPLES |
671 | =head3 EXAMPLES |
504 | |
672 | |
505 | Here is an example C<TO_CBOR> method: |
673 | Here is an example C<TO_CBOR> method: |
506 | |
674 | |
507 | sub My::Object::TO_CBOR { |
675 | sub My::Object::TO_CBOR { |
508 | my ($obj) = @_; |
676 | my ($obj) = @_; |
… | |
… | |
540 | "$self" # encode url string |
708 | "$self" # encode url string |
541 | } |
709 | } |
542 | |
710 | |
543 | sub URI::THAW { |
711 | sub URI::THAW { |
544 | my ($class, $serialiser, $uri) = @_; |
712 | my ($class, $serialiser, $uri) = @_; |
545 | |
|
|
546 | $class->new ($uri) |
713 | $class->new ($uri) |
547 | } |
714 | } |
548 | |
715 | |
549 | Unlike C<TO_CBOR>, multiple values can be returned by C<FREEZE>. For |
716 | Unlike C<TO_CBOR>, multiple values can be returned by C<FREEZE>. For |
550 | example, a C<FREEZE> method that returns "type", "id" and "variant" values |
717 | example, a C<FREEZE> method that returns "type", "id" and "variant" values |
… | |
… | |
681 | additional tags (such as base64url). |
848 | additional tags (such as base64url). |
682 | |
849 | |
683 | =head2 ENFORCED TAGS |
850 | =head2 ENFORCED TAGS |
684 | |
851 | |
685 | These tags are always handled when decoding, and their handling cannot be |
852 | These tags are always handled when decoding, and their handling cannot be |
686 | overriden by the user. |
853 | overridden by the user. |
687 | |
854 | |
688 | =over 4 |
855 | =over 4 |
689 | |
856 | |
690 | =item 26 (perl-object, L<http://cbor.schmorp.de/perl-object>) |
857 | =item 26 (perl-object, L<http://cbor.schmorp.de/perl-object>) |
691 | |
858 | |
692 | These tags are automatically created (and decoded) for serialisable |
859 | These tags are automatically created (and decoded) for serialisable |
693 | objects using the C<FREEZE/THAW> methods (the L<Types::Serialier> object |
860 | objects using the C<FREEZE/THAW> methods (the L<Types::Serialier> object |
694 | serialisation protocol). See L<OBJECT SERIALISATION> for details. |
861 | serialisation protocol). See L<OBJECT SERIALISATION> for details. |
695 | |
862 | |
696 | =item 28, 29 (sharable, sharedref, L <http://cbor.schmorp.de/value-sharing>) |
863 | =item 28, 29 (shareable, sharedref, L<http://cbor.schmorp.de/value-sharing>) |
697 | |
864 | |
698 | These tags are automatically decoded when encountered, resulting in |
865 | These tags are automatically decoded when encountered (and they do not |
|
|
866 | result in a cyclic data structure, see C<allow_cycles>), resulting in |
699 | shared values in the decoded object. They are only encoded, however, when |
867 | shared values in the decoded object. They are only encoded, however, when |
700 | C<allow_sharable> is enabled. |
868 | C<allow_sharing> is enabled. |
701 | |
869 | |
|
|
870 | Not all shared values can be successfully decoded: values that reference |
|
|
871 | themselves will I<currently> decode as C<undef> (this is not the same |
|
|
872 | as a reference pointing to itself, which will be represented as a value |
|
|
873 | that contains an indirect reference to itself - these will be decoded |
|
|
874 | properly). |
|
|
875 | |
|
|
876 | Note that considerably more shared value data structures can be decoded |
|
|
877 | than will be encoded - currently, only values pointed to by references |
|
|
878 | will be shared, others will not. While non-reference shared values can be |
|
|
879 | generated in Perl with some effort, they were considered too unimportant |
|
|
880 | to be supported in the encoder. The decoder, however, will decode these |
|
|
881 | values as shared values. |
|
|
882 | |
702 | =item 256, 25 (stringref-namespace, stringref, L <http://cbor.schmorp.de/stringref>) |
883 | =item 256, 25 (stringref-namespace, stringref, L<http://cbor.schmorp.de/stringref>) |
703 | |
884 | |
704 | These tags are automatically decoded when encountered. They are only |
885 | These tags are automatically decoded when encountered. They are only |
705 | encoded, however, when C<pack_strings> is enabled. |
886 | encoded, however, when C<pack_strings> is enabled. |
706 | |
887 | |
707 | =item 22098 (indirection, L<http://cbor.schmorp.de/indirection>) |
888 | =item 22098 (indirection, L<http://cbor.schmorp.de/indirection>) |
708 | |
889 | |
709 | This tag is automatically generated when a reference are encountered (with |
890 | This tag is automatically generated when a reference are encountered (with |
710 | the exception of hash and array refernces). It is converted to a reference |
891 | the exception of hash and array references). It is converted to a reference |
711 | when decoding. |
892 | when decoding. |
712 | |
893 | |
713 | =item 55799 (self-describe CBOR, RFC 7049) |
894 | =item 55799 (self-describe CBOR, RFC 7049) |
714 | |
895 | |
715 | This value is not generated on encoding (unless explicitly requested by |
896 | This value is not generated on encoding (unless explicitly requested by |
… | |
… | |
718 | =back |
899 | =back |
719 | |
900 | |
720 | =head2 NON-ENFORCED TAGS |
901 | =head2 NON-ENFORCED TAGS |
721 | |
902 | |
722 | These tags have default filters provided when decoding. Their handling can |
903 | These tags have default filters provided when decoding. Their handling can |
723 | be overriden by changing the C<%CBOR::XS::FILTER> entry for the tag, or by |
904 | be overridden by changing the C<%CBOR::XS::FILTER> entry for the tag, or by |
724 | providing a custom C<filter> callback when decoding. |
905 | providing a custom C<filter> callback when decoding. |
725 | |
906 | |
726 | When they result in decoding into a specific Perl class, the module |
907 | When they result in decoding into a specific Perl class, the module |
727 | usually provides a corresponding C<TO_CBOR> method as well. |
908 | usually provides a corresponding C<TO_CBOR> method as well. |
728 | |
909 | |
… | |
… | |
731 | provide these modules. The decoding usually fails with an exception if the |
912 | provide these modules. The decoding usually fails with an exception if the |
732 | required module cannot be loaded. |
913 | required module cannot be loaded. |
733 | |
914 | |
734 | =over 4 |
915 | =over 4 |
735 | |
916 | |
|
|
917 | =item 0, 1 (date/time string, seconds since the epoch) |
|
|
918 | |
|
|
919 | These tags are decoded into L<Time::Piece> objects. The corresponding |
|
|
920 | C<Time::Piece::TO_CBOR> method always encodes into tag 1 values currently. |
|
|
921 | |
|
|
922 | The L<Time::Piece> API is generally surprisingly bad, and fractional |
|
|
923 | seconds are only accidentally kept intact, so watch out. On the plus side, |
|
|
924 | the module comes with perl since 5.10, which has to count for something. |
|
|
925 | |
736 | =item 2, 3 (positive/negative bignum) |
926 | =item 2, 3 (positive/negative bignum) |
737 | |
927 | |
738 | These tags are decoded into L<Math::BigInt> objects. The corresponding |
928 | These tags are decoded into L<Math::BigInt> objects. The corresponding |
739 | C<Math::BigInt::TO_CBOR> method encodes "small" bigints into normal CBOR |
929 | C<Math::BigInt::TO_CBOR> method encodes "small" bigints into normal CBOR |
740 | integers, and others into positive/negative CBOR bignums. |
930 | integers, and others into positive/negative CBOR bignums. |
741 | |
931 | |
742 | =item 4, 5 (decimal fraction/bigfloat) |
932 | =item 4, 5, 264, 265 (decimal fraction/bigfloat) |
743 | |
933 | |
744 | Both decimal fractions and bigfloats are decoded into L<Math::BigFloat> |
934 | Both decimal fractions and bigfloats are decoded into L<Math::BigFloat> |
745 | objects. The corresponding C<Math::BigFloat::TO_CBOR> method I<always> |
935 | objects. The corresponding C<Math::BigFloat::TO_CBOR> method I<always> |
746 | encodes into a decimal fraction. |
936 | encodes into a decimal fraction (either tag 4 or 264). |
747 | |
937 | |
748 | CBOR cannot represent bigfloats with I<very> large exponents - conversion |
938 | NaN and infinities are not encoded properly, as they cannot be represented |
749 | of such big float objects is undefined. |
939 | in CBOR. |
750 | |
940 | |
751 | Also, NaN and infinities are not encoded properly. |
941 | See L<BIGNUM SECURITY CONSIDERATIONS> for more info. |
752 | |
942 | |
753 | =item 21, 22, 23 (expected later JSON conversion) |
943 | =item 21, 22, 23 (expected later JSON conversion) |
754 | |
944 | |
755 | CBOR::XS is not a CBOR-to-JSON converter, and will simply ignore these |
945 | CBOR::XS is not a CBOR-to-JSON converter, and will simply ignore these |
756 | tags. |
946 | tags. |
… | |
… | |
761 | C<URI::TO_CBOR> method again results in a CBOR URI value. |
951 | C<URI::TO_CBOR> method again results in a CBOR URI value. |
762 | |
952 | |
763 | =back |
953 | =back |
764 | |
954 | |
765 | =cut |
955 | =cut |
766 | |
|
|
767 | our %FILTER = ( |
|
|
768 | # 0 # rfc4287 datetime, utf-8 |
|
|
769 | # 1 # unix timestamp, any |
|
|
770 | |
|
|
771 | 2 => sub { # pos bigint |
|
|
772 | require Math::BigInt; |
|
|
773 | Math::BigInt->new ("0x" . unpack "H*", pop) |
|
|
774 | }, |
|
|
775 | |
|
|
776 | 3 => sub { # neg bigint |
|
|
777 | require Math::BigInt; |
|
|
778 | -Math::BigInt->new ("0x" . unpack "H*", pop) |
|
|
779 | }, |
|
|
780 | |
|
|
781 | 4 => sub { # decimal fraction, array |
|
|
782 | require Math::BigFloat; |
|
|
783 | Math::BigFloat->new ($_[1][1] . "E" . $_[1][0]) |
|
|
784 | }, |
|
|
785 | |
|
|
786 | 5 => sub { # bigfloat, array |
|
|
787 | require Math::BigFloat; |
|
|
788 | scalar Math::BigFloat->new ($_[1][1])->blsft ($_[1][0], 2) |
|
|
789 | }, |
|
|
790 | |
|
|
791 | 21 => sub { pop }, # expected conversion to base64url encoding |
|
|
792 | 22 => sub { pop }, # expected conversion to base64 encoding |
|
|
793 | 23 => sub { pop }, # expected conversion to base16 encoding |
|
|
794 | |
|
|
795 | # 24 # embedded cbor, byte string |
|
|
796 | |
|
|
797 | 32 => sub { |
|
|
798 | require URI; |
|
|
799 | URI->new (pop) |
|
|
800 | }, |
|
|
801 | |
|
|
802 | # 33 # base64url rfc4648, utf-8 |
|
|
803 | # 34 # base64 rfc46484, utf-8 |
|
|
804 | # 35 # regex pcre/ecma262, utf-8 |
|
|
805 | # 36 # mime message rfc2045, utf-8 |
|
|
806 | ); |
|
|
807 | |
|
|
808 | |
956 | |
809 | =head1 CBOR and JSON |
957 | =head1 CBOR and JSON |
810 | |
958 | |
811 | CBOR is supposed to implement a superset of the JSON data model, and is, |
959 | CBOR is supposed to implement a superset of the JSON data model, and is, |
812 | with some coercion, able to represent all JSON texts (something that other |
960 | with some coercion, able to represent all JSON texts (something that other |
… | |
… | |
854 | Also keep in mind that CBOR::XS might leak contents of your Perl data |
1002 | Also keep in mind that CBOR::XS might leak contents of your Perl data |
855 | structures in its error messages, so when you serialise sensitive |
1003 | structures in its error messages, so when you serialise sensitive |
856 | information you might want to make sure that exceptions thrown by CBOR::XS |
1004 | information you might want to make sure that exceptions thrown by CBOR::XS |
857 | will not end up in front of untrusted eyes. |
1005 | will not end up in front of untrusted eyes. |
858 | |
1006 | |
|
|
1007 | |
|
|
1008 | =head1 BIGNUM SECURITY CONSIDERATIONS |
|
|
1009 | |
|
|
1010 | CBOR::XS provides a C<TO_CBOR> method for both L<Math::BigInt> and |
|
|
1011 | L<Math::BigFloat> that tries to encode the number in the simplest possible |
|
|
1012 | way, that is, either a CBOR integer, a CBOR bigint/decimal fraction (tag |
|
|
1013 | 4) or an arbitrary-exponent decimal fraction (tag 264). |
|
|
1014 | |
|
|
1015 | It will also understand base-2 bigfloat or arbitrary-exponent bigfloats |
|
|
1016 | (tags 5 and 265), but it will never generate these on its own. |
|
|
1017 | |
|
|
1018 | Using the built-in L<Math::BigInt::Calc> support, encoding and decoding |
|
|
1019 | decimal fractions is generally fast. Decoding bigints can be slow for very |
|
|
1020 | big numbers, and decoding bigfloats or arbitrary-exponent bigfloats can be |
|
|
1021 | extremely slow (minutes, decades) for large exponents. |
|
|
1022 | |
|
|
1023 | Additionally, L<Math::BigInt> can take advantage of other bignum |
|
|
1024 | libraries, such as L<Math::GMP>, which cannot handle big |
|
|
1025 | floats with large exponents, and might simply abort or crash your program, |
|
|
1026 | due to their code quality. |
|
|
1027 | |
|
|
1028 | This can be a concern if you want to parse untrusted CBOR. If it is, you |
|
|
1029 | need to disable decoding of tag 2 (bigint) and 3 (negative bigint) types, |
|
|
1030 | which will also disable bigfloat support (to be sure, you can also disable |
|
|
1031 | types 4, 5, 264 and 265). |
|
|
1032 | |
|
|
1033 | |
859 | =head1 CBOR IMPLEMENTATION NOTES |
1034 | =head1 CBOR IMPLEMENTATION NOTES |
860 | |
1035 | |
861 | This section contains some random implementation notes. They do not |
1036 | This section contains some random implementation notes. They do not |
862 | describe guaranteed behaviour, but merely behaviour as-is implemented |
1037 | describe guaranteed behaviour, but merely behaviour as-is implemented |
863 | right now. |
1038 | right now. |
… | |
… | |
871 | Only the double data type is supported for NV data types - when Perl uses |
1046 | Only the double data type is supported for NV data types - when Perl uses |
872 | long double to represent floating point values, they might not be encoded |
1047 | long double to represent floating point values, they might not be encoded |
873 | properly. Half precision types are accepted, but not encoded. |
1048 | properly. Half precision types are accepted, but not encoded. |
874 | |
1049 | |
875 | Strict mode and canonical mode are not implemented. |
1050 | Strict mode and canonical mode are not implemented. |
|
|
1051 | |
|
|
1052 | |
|
|
1053 | =head1 LIMITATIONS ON PERLS WITHOUT 64-BIT INTEGER SUPPORT |
|
|
1054 | |
|
|
1055 | On perls that were built without 64 bit integer support (these are rare |
|
|
1056 | nowadays, even on 32 bit architectures, as all major Perl distributions |
|
|
1057 | are built with 64 bit integer support), support for any kind of 64 bit |
|
|
1058 | integer in CBOR is very limited - most likely, these 64 bit values will |
|
|
1059 | be truncated, corrupted, or otherwise not decoded correctly. This also |
|
|
1060 | includes string, array and map sizes that are stored as 64 bit integers. |
876 | |
1061 | |
877 | |
1062 | |
878 | =head1 THREADS |
1063 | =head1 THREADS |
879 | |
1064 | |
880 | This module is I<not> guaranteed to be thread safe and there are no |
1065 | This module is I<not> guaranteed to be thread safe and there are no |
… | |
… | |
895 | service. I put the contact address into my modules for a reason. |
1080 | service. I put the contact address into my modules for a reason. |
896 | |
1081 | |
897 | =cut |
1082 | =cut |
898 | |
1083 | |
899 | our %FILTER = ( |
1084 | our %FILTER = ( |
900 | # 0 # rfc4287 datetime, utf-8 |
1085 | 0 => sub { # rfc4287 datetime, utf-8 |
901 | # 1 # unix timestamp, any |
1086 | require Time::Piece; |
|
|
1087 | # Time::Piece::Strptime uses the "incredibly flexible date parsing routine" |
|
|
1088 | # from FreeBSD, which can't parse ISO 8601, RFC3339, RFC4287 or much of anything |
|
|
1089 | # else either. Whats incredibe over standard strptime totally escapes me. |
|
|
1090 | # doesn't do fractional times, either. sigh. |
|
|
1091 | # In fact, it's all a lie, it uses whatever strptime it wants, and of course, |
|
|
1092 | # they are all incompatible. The openbsd one simply ignores %z (but according to the |
|
|
1093 | # docs, it would be much more incredibly flexible indeed. If it worked, that is.). |
|
|
1094 | scalar eval { |
|
|
1095 | my $s = $_[1]; |
|
|
1096 | |
|
|
1097 | $s =~ s/Z$/+00:00/; |
|
|
1098 | $s =~ s/(\.[0-9]+)?([+-][0-9][0-9]):([0-9][0-9])$// |
|
|
1099 | or die; |
|
|
1100 | |
|
|
1101 | my $b = $1 - ($2 * 60 + $3) * 60; # fractional part + offset. hopefully |
|
|
1102 | my $d = Time::Piece->strptime ($s, "%Y-%m-%dT%H:%M:%S"); |
|
|
1103 | |
|
|
1104 | Time::Piece::gmtime ($d->epoch + $b) |
|
|
1105 | } || die "corrupted CBOR date/time string ($_[0])"; |
|
|
1106 | }, |
|
|
1107 | |
|
|
1108 | 1 => sub { # seconds since the epoch, possibly fractional |
|
|
1109 | require Time::Piece; |
|
|
1110 | scalar Time::Piece::gmtime (pop) |
|
|
1111 | }, |
902 | |
1112 | |
903 | 2 => sub { # pos bigint |
1113 | 2 => sub { # pos bigint |
904 | require Math::BigInt; |
1114 | require Math::BigInt; |
905 | Math::BigInt->new ("0x" . unpack "H*", pop) |
1115 | Math::BigInt->from_hex ("0x" . unpack "H*", pop) |
906 | }, |
1116 | }, |
907 | |
1117 | |
908 | 3 => sub { # neg bigint |
1118 | 3 => sub { # neg bigint |
909 | require Math::BigInt; |
1119 | require Math::BigInt; |
910 | -Math::BigInt->new ("0x" . unpack "H*", pop) |
1120 | -Math::BigInt->from_hex ("0x" . unpack "H*", pop) |
911 | }, |
1121 | }, |
912 | |
1122 | |
913 | 4 => sub { # decimal fraction, array |
1123 | 4 => sub { # decimal fraction, array |
914 | require Math::BigFloat; |
1124 | require Math::BigFloat; |
915 | Math::BigFloat->new ($_[1][1] . "E" . $_[1][0]) |
1125 | Math::BigFloat->new ($_[1][1] . "E" . $_[1][0]) |
916 | }, |
1126 | }, |
917 | |
1127 | |
918 | 5 => sub { # bigfloat, array |
1128 | 5 => sub { # bigfloat, array |
919 | require Math::BigFloat; |
1129 | require Math::BigFloat; |
920 | scalar Math::BigFloat->new ($_[1][1])->blsft ($_[1][0], 2) |
1130 | scalar Math::BigFloat->new ($_[1][1]) * Math::BigFloat->new (2)->bpow ($_[1][0]) |
921 | }, |
1131 | }, |
922 | |
1132 | |
923 | 21 => sub { pop }, # expected conversion to base64url encoding |
1133 | 21 => sub { pop }, # expected conversion to base64url encoding |
924 | 22 => sub { pop }, # expected conversion to base64 encoding |
1134 | 22 => sub { pop }, # expected conversion to base64 encoding |
925 | 23 => sub { pop }, # expected conversion to base16 encoding |
1135 | 23 => sub { pop }, # expected conversion to base16 encoding |
… | |
… | |
933 | |
1143 | |
934 | # 33 # base64url rfc4648, utf-8 |
1144 | # 33 # base64url rfc4648, utf-8 |
935 | # 34 # base64 rfc46484, utf-8 |
1145 | # 34 # base64 rfc46484, utf-8 |
936 | # 35 # regex pcre/ecma262, utf-8 |
1146 | # 35 # regex pcre/ecma262, utf-8 |
937 | # 36 # mime message rfc2045, utf-8 |
1147 | # 36 # mime message rfc2045, utf-8 |
|
|
1148 | |
|
|
1149 | 264 => sub { # decimal fraction with arbitrary exponent |
|
|
1150 | require Math::BigFloat; |
|
|
1151 | Math::BigFloat->new ($_[1][1] . "E" . $_[1][0]) |
|
|
1152 | }, |
|
|
1153 | |
|
|
1154 | 265 => sub { # bigfloat with arbitrary exponent |
|
|
1155 | require Math::BigFloat; |
|
|
1156 | scalar Math::BigFloat->new ($_[1][1]) * Math::BigFloat->new (2)->bpow ($_[1][0]) |
|
|
1157 | }, |
938 | ); |
1158 | ); |
939 | |
1159 | |
940 | sub CBOR::XS::default_filter { |
1160 | sub CBOR::XS::default_filter { |
941 | &{ $FILTER{$_[0]} or return } |
1161 | &{ $FILTER{$_[0]} or return } |
942 | } |
1162 | } |
943 | |
1163 | |
944 | sub URI::TO_CBOR { |
1164 | sub URI::TO_CBOR { |
945 | my $uri = $_[0]->as_string; |
1165 | my $uri = $_[0]->as_string; |
946 | utf8::upgrade $uri; |
1166 | utf8::upgrade $uri; |
947 | CBOR::XS::tag 32, $uri |
1167 | tag 32, $uri |
948 | } |
1168 | } |
949 | |
1169 | |
950 | sub Math::BigInt::TO_CBOR { |
1170 | sub Math::BigInt::TO_CBOR { |
951 | if ($_[0] >= -2147483648 && $_[0] <= 2147483647) { |
1171 | if (-2147483648 <= $_[0] && $_[0] <= 2147483647) { |
952 | $_[0]->numify |
1172 | $_[0]->numify |
953 | } else { |
1173 | } else { |
954 | my $hex = substr $_[0]->as_hex, 2; |
1174 | my $hex = substr $_[0]->as_hex, 2; |
955 | $hex = "0$hex" if 1 & length $hex; # sigh |
1175 | $hex = "0$hex" if 1 & length $hex; # sigh |
956 | CBOR::XS::tag $_[0] >= 0 ? 2 : 3, pack "H*", $hex |
1176 | tag $_[0] >= 0 ? 2 : 3, pack "H*", $hex |
957 | } |
1177 | } |
958 | } |
1178 | } |
959 | |
1179 | |
960 | sub Math::BigFloat::TO_CBOR { |
1180 | sub Math::BigFloat::TO_CBOR { |
961 | my ($m, $e) = $_[0]->parts; |
1181 | my ($m, $e) = $_[0]->parts; |
|
|
1182 | |
|
|
1183 | -9223372036854775808 <= $e && $e <= 18446744073709551615 |
962 | CBOR::XS::tag 4, [$e->numify, $m] |
1184 | ? tag 4, [$e->numify, $m] |
|
|
1185 | : tag 264, [$e, $m] |
|
|
1186 | } |
|
|
1187 | |
|
|
1188 | sub Time::Piece::TO_CBOR { |
|
|
1189 | tag 1, 0 + $_[0]->epoch |
963 | } |
1190 | } |
964 | |
1191 | |
965 | XSLoader::load "CBOR::XS", $VERSION; |
1192 | XSLoader::load "CBOR::XS", $VERSION; |
966 | |
1193 | |
967 | =head1 SEE ALSO |
1194 | =head1 SEE ALSO |