1 |
root |
1.1 |
=head1 NAME |
2 |
|
|
|
3 |
root |
1.4 |
Convert::BER::XS - I<very> low level BER en-/decoding |
4 |
root |
1.1 |
|
5 |
|
|
=head1 SYNOPSIS |
6 |
|
|
|
7 |
|
|
use Convert::BER::XS ':all'; |
8 |
|
|
|
9 |
root |
1.20 |
my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
10 |
root |
1.6 |
or die "unable to decode SNMP message"; |
11 |
root |
1.1 |
|
12 |
root |
1.13 |
# The above results in a data structure consisting of |
13 |
root |
1.29 |
# (class, tag, flags, data) |
14 |
root |
1.13 |
# tuples. Below is such a message, SNMPv1 trap |
15 |
root |
1.6 |
# with a Cisco mac change notification. |
16 |
root |
1.13 |
# Did you know that Cisco is in the news almost |
17 |
root |
1.20 |
# every week because of some backdoor password |
18 |
root |
1.13 |
# or other extremely stupid security bug? |
19 |
root |
1.3 |
|
20 |
|
|
[ ASN_UNIVERSAL, ASN_SEQUENCE, 1, |
21 |
|
|
[ |
22 |
root |
1.25 |
[ ASN_UNIVERSAL, ASN_INTEGER, 0, 0 ], # snmp version 1 |
23 |
root |
1.3 |
[ ASN_UNIVERSAL, 4, 0, "public" ], # community |
24 |
root |
1.6 |
[ ASN_CONTEXT, 4, 1, # CHOICE, constructed - trap PDU |
25 |
root |
1.3 |
[ |
26 |
|
|
[ ASN_UNIVERSAL, ASN_OBJECT_IDENTIFIER, 0, "1.3.6.1.4.1.9.9.215.2" ], # enterprise oid |
27 |
root |
1.20 |
[ ASN_APPLICATION, SNMP_IPADDRESS, 0, "10.0.0.1" ], # SNMP IpAddress |
28 |
root |
1.25 |
[ ASN_UNIVERSAL, ASN_INTEGER, 0, 6 ], # generic trap |
29 |
|
|
[ ASN_UNIVERSAL, ASN_INTEGER, 0, 1 ], # specific trap |
30 |
root |
1.20 |
[ ASN_APPLICATION, SNMP_TIMETICKS, 0, 1817903850 ], # SNMP TimeTicks |
31 |
root |
1.3 |
[ ASN_UNIVERSAL, ASN_SEQUENCE, 1, # the varbindlist |
32 |
|
|
[ |
33 |
|
|
[ ASN_UNIVERSAL, ASN_SEQUENCE, 1, # a single varbind, "key value" pair |
34 |
|
|
[ |
35 |
root |
1.8 |
[ ASN_UNIVERSAL, ASN_OBJECT_IDENTIFIER, 0, "1.3.6.1.4.1.9.9.215.1.1.8.1.2.1" ], |
36 |
root |
1.3 |
[ ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "...data..." # the value |
37 |
|
|
] |
38 |
|
|
] |
39 |
|
|
], |
40 |
|
|
... |
41 |
root |
1.36 |
# let's dump it, for debugging |
42 |
|
|
|
43 |
|
|
ber_dump $ber, $Convert::BER::XS::SNMP_PROFILE; |
44 |
root |
1.3 |
|
45 |
|
|
# let's decode it a bit with some helper functions |
46 |
|
|
|
47 |
root |
1.1 |
my $msg = ber_is_seq $ber |
48 |
|
|
or die "SNMP message does not start with a sequence"; |
49 |
|
|
|
50 |
root |
1.25 |
ber_is $msg->[0], ASN_UNIVERSAL, ASN_INTEGER, 0 |
51 |
root |
1.1 |
or die "SNMP message does not start with snmp version\n"; |
52 |
|
|
|
53 |
root |
1.3 |
# message is SNMP v1 or v2c? |
54 |
root |
1.1 |
if ($msg->[0][BER_DATA] == 0 || $msg->[0][BER_DATA] == 1) { |
55 |
|
|
|
56 |
root |
1.3 |
# message is v1 trap? |
57 |
root |
1.1 |
if (ber_is $msg->[2], ASN_CONTEXT, 4, 1) { |
58 |
|
|
my $trap = $msg->[2][BER_DATA]; |
59 |
|
|
|
60 |
|
|
# check whether trap is a cisco mac notification mac changed message |
61 |
|
|
if ( |
62 |
|
|
(ber_is_oid $trap->[0], "1.3.6.1.4.1.9.9.215.2") # cmnInterfaceObjects |
63 |
root |
1.25 |
and (ber_is_int $trap->[2], 6) |
64 |
|
|
and (ber_is_int $trap->[3], 1) # mac changed msg |
65 |
root |
1.1 |
) { |
66 |
|
|
... and so on |
67 |
|
|
|
68 |
root |
1.4 |
# finally, let's encode it again and hope it results in the same bit pattern |
69 |
|
|
|
70 |
root |
1.20 |
my $buf = ber_encode $ber, $Convert::BER::XS::SNMP_PROFILE; |
71 |
root |
1.4 |
|
72 |
root |
1.1 |
=head1 DESCRIPTION |
73 |
|
|
|
74 |
root |
1.7 |
WARNING: Before release 1.0, the API is not considered stable in any way. |
75 |
|
|
|
76 |
root |
1.4 |
This module implements a I<very> low level BER/DER en-/decoder. |
77 |
root |
1.1 |
|
78 |
root |
1.20 |
It is tuned for low memory and high speed, while still maintaining some |
79 |
root |
1.1 |
level of user-friendlyness. |
80 |
|
|
|
81 |
root |
1.19 |
=head2 EXPORT TAGS AND CONSTANTS |
82 |
|
|
|
83 |
|
|
By default this module doesn't export any symbols, but if you don't want |
84 |
root |
1.23 |
to break your keyboard, editor or eyesight with extremely long names, I |
85 |
root |
1.19 |
recommend importing the C<:all> tag. Still, you can selectively import |
86 |
root |
1.21 |
things. |
87 |
root |
1.19 |
|
88 |
|
|
=over |
89 |
|
|
|
90 |
root |
1.21 |
=item C<:all> |
91 |
root |
1.19 |
|
92 |
root |
1.23 |
All of the below. Really. Recommended for at least first steps, or if you |
93 |
root |
1.19 |
don't care about a few kilobytes of wasted memory (and namespace). |
94 |
|
|
|
95 |
root |
1.21 |
=item C<:const> |
96 |
root |
1.19 |
|
97 |
root |
1.23 |
All of the strictly ASN.1-related constants defined by this module, the |
98 |
root |
1.19 |
same as C<:const_asn :const_index>. Notably, this does not contain |
99 |
|
|
C<:const_ber_type> and C<:const_snmp>. |
100 |
|
|
|
101 |
|
|
A good set to get everything you need to decode and match BER data would be |
102 |
|
|
C<:decode :const>. |
103 |
|
|
|
104 |
root |
1.22 |
=item C<:const_index> |
105 |
root |
1.19 |
|
106 |
|
|
The BER tuple array index constants: |
107 |
|
|
|
108 |
root |
1.28 |
BER_CLASS BER_TAG BER_FLAGS BER_DATA |
109 |
root |
1.19 |
|
110 |
|
|
=item C<:const_asn> |
111 |
|
|
|
112 |
root |
1.23 |
ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
113 |
|
|
exactly thw two topmost bits from the identifier octet shifted 6 bits to |
114 |
root |
1.19 |
the right): |
115 |
|
|
|
116 |
|
|
ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
117 |
|
|
|
118 |
|
|
ASN tag values (some of which are aliases, such as C<ASN_OID>). Their |
119 |
|
|
numerical value corresponds exactly to the numbers used in BER/X.690. |
120 |
|
|
|
121 |
root |
1.36 |
ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OID |
122 |
|
|
ASN_OBJECT_IDENTIFIER ASN_OBJECT_DESCRIPTOR ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
123 |
root |
1.19 |
ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
124 |
|
|
ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
125 |
|
|
ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
126 |
|
|
ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
127 |
|
|
|
128 |
|
|
=item C<:const_ber_type> |
129 |
|
|
|
130 |
|
|
The BER type constants, explained in the PROFILES section. |
131 |
|
|
|
132 |
|
|
BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
133 |
|
|
BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
134 |
|
|
BER_TYPE_IPADDRESS BER_TYPE_CROAK |
135 |
|
|
|
136 |
|
|
=item C<:const_snmp> |
137 |
|
|
|
138 |
|
|
Constants only relevant to SNMP. These are the tag values used by SNMP in |
139 |
|
|
the C<ASN_APPLICATION> namespace and have the exact numerical value as in |
140 |
|
|
BER/RFC 2578. |
141 |
|
|
|
142 |
root |
1.33 |
SNMP_IPADDRESS SNMP_COUNTER32 SNMP_UNSIGNED32 SNMP_GAUGE32 |
143 |
|
|
SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
144 |
root |
1.19 |
|
145 |
|
|
=item C<:decode> |
146 |
|
|
|
147 |
|
|
C<ber_decode> and the match helper functions: |
148 |
|
|
|
149 |
root |
1.34 |
ber_decode ber-decode_prefix |
150 |
|
|
ber_is ber_is_seq ber_is_int ber_is_oid |
151 |
root |
1.36 |
ber_dump |
152 |
root |
1.19 |
|
153 |
|
|
=item C<:encode> |
154 |
|
|
|
155 |
|
|
C<ber_encode> and the construction helper functions: |
156 |
|
|
|
157 |
root |
1.34 |
ber_encode |
158 |
|
|
ber_int |
159 |
root |
1.19 |
|
160 |
|
|
=back |
161 |
|
|
|
162 |
root |
1.4 |
=head2 ASN.1/BER/DER/... BASICS |
163 |
|
|
|
164 |
root |
1.15 |
ASN.1 is a strange language that can be used to describe protocols and |
165 |
root |
1.4 |
data structures. It supports various mappings to JSON, XML, but most |
166 |
|
|
importantly, to a various binary encodings such as BER, that is the topic |
167 |
root |
1.27 |
of this module, and is used in SNMP, LDAP or X.509 for example. |
168 |
root |
1.4 |
|
169 |
|
|
While ASN.1 defines a schema that is useful to interpret encoded data, |
170 |
root |
1.12 |
the BER encoding is actually somewhat self-describing: you might not know |
171 |
root |
1.4 |
whether something is a string or a number or a sequence or something else, |
172 |
|
|
but you can nevertheless decode the overall structure, even if you end up |
173 |
|
|
with just a binary blob for the actual value. |
174 |
|
|
|
175 |
|
|
This works because BER values are tagged with a type and a namespace, |
176 |
root |
1.15 |
and also have a flag that says whether a value consists of subvalues (is |
177 |
root |
1.4 |
"constructed") or not (is "primitive"). |
178 |
|
|
|
179 |
root |
1.25 |
Tags are simple integers, and ASN.1 defines a somewhat weird assortment |
180 |
|
|
of those - for example, you have one integers and 16(!) different |
181 |
root |
1.23 |
string types, but there is no Unsigned32 type for example. Different |
182 |
root |
1.4 |
applications work around this in different ways, for example, SNMP defines |
183 |
|
|
application-specific Gauge32, Counter32 and Unsigned32, which are mapped |
184 |
|
|
to two different tags: you can distinguish between Counter32 and the |
185 |
|
|
others, but not between Gause32 and Unsigned32, without the ASN.1 schema. |
186 |
|
|
|
187 |
|
|
Ugh. |
188 |
|
|
|
189 |
|
|
=head2 DECODED BER REPRESENTATION |
190 |
|
|
|
191 |
|
|
This module represents every BER value as a 4-element tuple (actually an |
192 |
|
|
array-reference): |
193 |
|
|
|
194 |
root |
1.28 |
[CLASS, TAG, FLAGS, DATA] |
195 |
root |
1.4 |
|
196 |
root |
1.23 |
For example: |
197 |
|
|
|
198 |
root |
1.25 |
[ASN_UNIVERSAL, ASN_INTEGER, 0, 177] # the integer 177 |
199 |
root |
1.23 |
[ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "john"] # the string "john" |
200 |
|
|
[ASN_UNIVERSAL, ASN_OID, 0, "1.3.6.133"] # some OID |
201 |
root |
1.24 |
[ASN_UNIVERSAL, ASN_SEQUENCE, 1, [ [ASN_UNIVERSAL... # a sequence |
202 |
root |
1.23 |
|
203 |
root |
1.6 |
To avoid non-descriptive hardcoded array index numbers, this module |
204 |
|
|
defines symbolic constants to access these members: C<BER_CLASS>, |
205 |
root |
1.28 |
C<BER_TAG>, C<BER_FLAGS> and C<BER_DATA>. |
206 |
root |
1.6 |
|
207 |
|
|
Also, the first three members are integers with a little caveat: for |
208 |
|
|
performance reasons, these are readonly and shared, so you must not modify |
209 |
|
|
them (increment, assign to them etc.) in any way. You may modify the |
210 |
|
|
I<DATA> member, and you may re-assign the array itself, e.g.: |
211 |
|
|
|
212 |
|
|
$ber = ber_decode $binbuf; |
213 |
|
|
|
214 |
|
|
# the following is NOT legal: |
215 |
root |
1.28 |
$ber->[BER_CLASS] = ASN_PRIVATE; # ERROR, CLASS/TAG/FLAGS are READ ONLY(!) |
216 |
root |
1.6 |
|
217 |
|
|
# but all of the following are fine: |
218 |
|
|
$ber->[BER_DATA] = "string"; |
219 |
root |
1.25 |
$ber->[BER_DATA] = [ASN_UNIVERSAL, ASN_INTEGER, 0, 123]; |
220 |
root |
1.11 |
@$ber = (ASN_APPLICATION, SNMP_TIMETICKS, 0, 1000); |
221 |
root |
1.6 |
|
222 |
root |
1.4 |
I<CLASS> is something like a namespace for I<TAG>s - there is the |
223 |
|
|
C<ASN_UNIVERSAL> namespace which defines tags common to all ASN.1 |
224 |
|
|
implementations, the C<ASN_APPLICATION> namespace which defines tags for |
225 |
|
|
specific applications (for example, the SNMP C<Unsigned32> type is in this |
226 |
|
|
namespace), a special-purpose context namespace (C<ASN_CONTEXT>, used e.g. |
227 |
|
|
for C<CHOICE>) and a private namespace (C<ASN_PRIVATE>). |
228 |
|
|
|
229 |
|
|
The meaning of the I<TAG> depends on the namespace, and defines a |
230 |
root |
1.24 |
(partial) interpretation of the data value. For example, SNMP defines |
231 |
|
|
extra tags in the C<ASN_APPLICATION> namespace, and to take full advantage |
232 |
|
|
of these, you need to tell this module how to handle those via profiles. |
233 |
root |
1.4 |
|
234 |
|
|
The most common tags in the C<ASN_UNIVERSAL> namespace are |
235 |
root |
1.25 |
C<ASN_INTEGER>, C<ASN_BIT_STRING>, C<ASN_NULL>, C<ASN_OCTET_STRING>, |
236 |
root |
1.4 |
C<ASN_OBJECT_IDENTIFIER>, C<ASN_SEQUENCE>, C<ASN_SET> and |
237 |
|
|
C<ASN_IA5_STRING>. |
238 |
|
|
|
239 |
root |
1.24 |
The most common tags in SNMP's C<ASN_APPLICATION> namespace are |
240 |
|
|
C<SNMP_COUNTER32>, C<SNMP_UNSIGNED32>, C<SNMP_TIMETICKS> and |
241 |
|
|
C<SNMP_COUNTER64>. |
242 |
root |
1.4 |
|
243 |
root |
1.28 |
The I<FLAGS> value is really just a boolean at this time (but might |
244 |
|
|
get extended) - if it is C<0>, the value is "primitive" and contains |
245 |
|
|
no subvalues, kind of like a non-reference perl scalar. If it is C<1>, |
246 |
|
|
then the value is "constructed" which just means it contains a list of |
247 |
|
|
subvalues which this module will en-/decode as BER tuples themselves. |
248 |
|
|
|
249 |
|
|
The I<DATA> value is either a reference to an array of further tuples |
250 |
|
|
(if the value is I<FLAGS>), some decoded representation of the value, if |
251 |
|
|
this module knows how to decode it (e.g. for the integer types above) or |
252 |
|
|
a binary string with the raw octets if this module doesn't know how to |
253 |
root |
1.4 |
interpret the namespace/tag. |
254 |
|
|
|
255 |
|
|
Thus, you can always decode a BER data structure and at worst you get a |
256 |
|
|
string in place of some nice decoded value. |
257 |
|
|
|
258 |
|
|
See the SYNOPSIS for an example of such an encoded tuple representation. |
259 |
|
|
|
260 |
root |
1.7 |
=head2 DECODING AND ENCODING |
261 |
|
|
|
262 |
|
|
=over |
263 |
|
|
|
264 |
root |
1.34 |
=item $tuple = ber_decode $bindata[, $profile] |
265 |
root |
1.7 |
|
266 |
|
|
Decodes binary BER data in C<$bindata> and returns the resulting BER |
267 |
|
|
tuple. Croaks on any decoding error, so the returned C<$tuple> is always |
268 |
|
|
valid. |
269 |
|
|
|
270 |
root |
1.24 |
How tags are interpreted is defined by the second argument, which must |
271 |
|
|
be a C<Convert::BER::XS::Profile> object. If it is missing, the default |
272 |
|
|
profile will be used (C<$Convert::BER::XS::DEFAULT_PROFILE>). |
273 |
|
|
|
274 |
|
|
In addition to rolling your own, this module provides a |
275 |
|
|
C<$Convert::BER::XS::SNMP_PROFILE> that knows about the additional SNMP |
276 |
|
|
types. |
277 |
root |
1.7 |
|
278 |
root |
1.25 |
Example: decode a BER blob using the default profile - SNMP values will be |
279 |
|
|
decided as raw strings. |
280 |
|
|
|
281 |
|
|
$tuple = ber_decode $data; |
282 |
|
|
|
283 |
|
|
Example: as above, but use the provided SNMP profile. |
284 |
|
|
|
285 |
|
|
$tuple = ber_encode $data, $Convert::BER::XS::SNMP_PROFILE; |
286 |
|
|
|
287 |
root |
1.34 |
=item ($tuple, $bytes) = ber_decode_prefix $bindata[, $profile] |
288 |
|
|
|
289 |
|
|
Works like C<ber_decode>, except it doesn't croak when there is data after |
290 |
|
|
the BER data, but instead returns the decoded value and the number of |
291 |
|
|
bytes it decoded. |
292 |
|
|
|
293 |
|
|
This is useful when you have BER data at the start of a buffer and other |
294 |
|
|
data after, and you need to find the length. |
295 |
|
|
|
296 |
|
|
Also, since BER is self-delimited, this can be used to decode multiple BER |
297 |
|
|
values joined together. |
298 |
|
|
|
299 |
root |
1.24 |
=item $bindata = ber_encode $tuple[, $profile] |
300 |
|
|
|
301 |
|
|
Encodes the BER tuple into a BER/DER data structure. AS with |
302 |
|
|
Cyber_decode>, an optional profile can be given. |
303 |
root |
1.7 |
|
304 |
root |
1.28 |
The encoded data should be both BER and DER ("shortest form") compliant |
305 |
|
|
unless the input says otherwise (e.g. it uses constructed strings). |
306 |
|
|
|
307 |
root |
1.7 |
=back |
308 |
|
|
|
309 |
root |
1.6 |
=head2 HELPER FUNCTIONS |
310 |
|
|
|
311 |
|
|
Working with a 4-tuple for every value can be annoying. Or, rather, I<is> |
312 |
|
|
annoying. To reduce this a bit, this module defines a number of helper |
313 |
root |
1.24 |
functions, both to match BER tuples and to construct BER tuples: |
314 |
root |
1.6 |
|
315 |
|
|
=head3 MATCH HELPERS |
316 |
|
|
|
317 |
root |
1.24 |
These functions accept a BER tuple as first argument and either partially |
318 |
root |
1.6 |
or fully match it. They often come in two forms, one which exactly matches |
319 |
|
|
a value, and one which only matches the type and returns the value. |
320 |
|
|
|
321 |
|
|
They do check whether valid tuples are passed in and croak otherwise. As |
322 |
|
|
a ease-of-use exception, they usually also accept C<undef> instead of a |
323 |
root |
1.24 |
tuple reference, in which case they silently fail to match. |
324 |
root |
1.6 |
|
325 |
|
|
=over |
326 |
|
|
|
327 |
root |
1.29 |
=item $bool = ber_is $tuple, $class, $tag, $flags, $data |
328 |
root |
1.6 |
|
329 |
root |
1.24 |
This takes a BER C<$tuple> and matches its elements against the provided |
330 |
root |
1.6 |
values, all of which are optional - values that are either missing or |
331 |
|
|
C<undef> will be ignored, the others will be matched exactly (e.g. as if |
332 |
|
|
you used C<==> or C<eq> (for C<$data>)). |
333 |
|
|
|
334 |
|
|
Some examples: |
335 |
|
|
|
336 |
|
|
ber_is $tuple, ASN_UNIVERSAL, ASN_SEQUENCE, 1 |
337 |
|
|
orf die "tuple is not an ASN SEQUENCE"; |
338 |
|
|
|
339 |
|
|
ber_is $tuple, ASN_UNIVERSAL, ASN_NULL |
340 |
|
|
or die "tuple is not an ASN NULL value"; |
341 |
|
|
|
342 |
root |
1.25 |
ber_is $tuple, ASN_UNIVERSAL, ASN_INTEGER, 0, 50 |
343 |
root |
1.6 |
or die "BER integer must be 50"; |
344 |
|
|
|
345 |
|
|
=item $seq = ber_is_seq $tuple |
346 |
|
|
|
347 |
|
|
Returns the sequence members (the array of subvalues) if the C<$tuple> is |
348 |
|
|
an ASN SEQUENCE, i.e. the C<BER_DATA> member. If the C<$tuple> is not a |
349 |
|
|
sequence it returns C<undef>. For example, SNMP version 1/2c/3 packets all |
350 |
|
|
consist of an outer SEQUENCE value: |
351 |
|
|
|
352 |
|
|
my $ber = ber_decode $snmp_data; |
353 |
|
|
|
354 |
|
|
my $snmp = ber_is_seq $ber |
355 |
|
|
or die "SNMP packet invalid: does not start with SEQUENCE"; |
356 |
|
|
|
357 |
|
|
# now we know $snmp is a sequence, so decode the SNMP version |
358 |
|
|
|
359 |
root |
1.25 |
my $version = ber_is_int $snmp->[0] |
360 |
root |
1.6 |
or die "SNMP packet invalid: does not start with version number"; |
361 |
|
|
|
362 |
root |
1.25 |
=item $bool = ber_is_int $tuple, $int |
363 |
root |
1.6 |
|
364 |
root |
1.25 |
Returns a true value if the C<$tuple> represents an ASN INTEGER with |
365 |
|
|
the value C<$int>. |
366 |
root |
1.6 |
|
367 |
root |
1.25 |
=item $int = ber_is_int $tuple |
368 |
root |
1.6 |
|
369 |
root |
1.25 |
Returns true (and extracts the integer value) if the C<$tuple> is an |
370 |
|
|
C<ASN_INTEGER>. For C<0>, this function returns a special value that is 0 |
371 |
|
|
but true. |
372 |
root |
1.6 |
|
373 |
|
|
=item $bool = ber_is_oid $tuple, $oid_string |
374 |
|
|
|
375 |
|
|
Returns true if the C<$tuple> represents an ASN_OBJECT_IDENTIFIER |
376 |
root |
1.12 |
that exactly matches C<$oid_string>. Example: |
377 |
root |
1.6 |
|
378 |
|
|
ber_is_oid $tuple, "1.3.6.1.4" |
379 |
|
|
or die "oid must be 1.3.6.1.4"; |
380 |
|
|
|
381 |
|
|
=item $oid = ber_is_oid $tuple |
382 |
|
|
|
383 |
|
|
Returns true (and extracts the OID string) if the C<$tuple> is an ASN |
384 |
|
|
OBJECT IDENTIFIER. Otherwise, it returns C<undef>. |
385 |
|
|
|
386 |
|
|
=back |
387 |
|
|
|
388 |
|
|
=head3 CONSTRUCTION HELPERS |
389 |
|
|
|
390 |
|
|
=over |
391 |
|
|
|
392 |
root |
1.25 |
=item $tuple = ber_int $value |
393 |
root |
1.6 |
|
394 |
root |
1.25 |
Constructs a new C<ASN_INTEGER> tuple. |
395 |
root |
1.6 |
|
396 |
|
|
=back |
397 |
|
|
|
398 |
root |
1.2 |
=head2 RELATIONSHIP TO L<Convert::BER> and L<Convert::ASN1> |
399 |
|
|
|
400 |
|
|
This module is I<not> the XS version of L<Convert::BER>, but a different |
401 |
|
|
take at doing the same thing. I imagine this module would be a good base |
402 |
root |
1.4 |
for speeding up either of these, or write a similar module, or write your |
403 |
root |
1.2 |
own LDAP or SNMP module for example. |
404 |
|
|
|
405 |
root |
1.1 |
=cut |
406 |
|
|
|
407 |
|
|
package Convert::BER::XS; |
408 |
|
|
|
409 |
|
|
use common::sense; |
410 |
|
|
|
411 |
|
|
use XSLoader (); |
412 |
|
|
use Exporter qw(import); |
413 |
|
|
|
414 |
root |
1.13 |
our $VERSION; |
415 |
root |
1.1 |
|
416 |
root |
1.13 |
BEGIN { |
417 |
root |
1.35 |
$VERSION = '1.0'; |
418 |
root |
1.13 |
XSLoader::load __PACKAGE__, $VERSION; |
419 |
|
|
} |
420 |
root |
1.1 |
|
421 |
|
|
our %EXPORT_TAGS = ( |
422 |
root |
1.19 |
const_index => [qw( |
423 |
root |
1.28 |
BER_CLASS BER_TAG BER_FLAGS BER_DATA |
424 |
root |
1.19 |
)], |
425 |
root |
1.36 |
const_asn_class => [qw( |
426 |
|
|
ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
427 |
|
|
)], |
428 |
|
|
const_asn_tag => [qw( |
429 |
|
|
ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OID ASN_OBJECT_IDENTIFIER |
430 |
|
|
ASN_OBJECT_DESCRIPTOR ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
431 |
root |
1.13 |
ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
432 |
|
|
ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
433 |
|
|
ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
434 |
|
|
ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
435 |
root |
1.19 |
)], |
436 |
|
|
const_ber_type => [qw( |
437 |
root |
1.13 |
BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
438 |
|
|
BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
439 |
|
|
BER_TYPE_IPADDRESS BER_TYPE_CROAK |
440 |
|
|
)], |
441 |
|
|
const_snmp => [qw( |
442 |
root |
1.33 |
SNMP_IPADDRESS SNMP_COUNTER32 SNMP_GAUGE32 SNMP_UNSIGNED32 |
443 |
|
|
SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
444 |
root |
1.4 |
)], |
445 |
root |
1.19 |
decode => [qw( |
446 |
root |
1.34 |
ber_decode ber_decode_prefix |
447 |
root |
1.25 |
ber_is ber_is_seq ber_is_int ber_is_oid |
448 |
root |
1.36 |
ber_dump |
449 |
root |
1.4 |
)], |
450 |
root |
1.19 |
encode => [qw( |
451 |
root |
1.4 |
ber_encode |
452 |
root |
1.25 |
ber_int |
453 |
root |
1.1 |
)], |
454 |
|
|
); |
455 |
|
|
|
456 |
|
|
our @EXPORT_OK = map @$_, values %EXPORT_TAGS; |
457 |
|
|
|
458 |
root |
1.36 |
$EXPORT_TAGS{all} = \@EXPORT_OK; |
459 |
|
|
$EXPORT_TAGS{const_asn} = [map @{ $EXPORT_TAGS{$_} }, qw(const_asn_class const_asn_tag)]; |
460 |
|
|
$EXPORT_TAGS{const} = [map @{ $EXPORT_TAGS{$_} }, qw(const_index const_asn)]; |
461 |
|
|
|
462 |
|
|
our $DEFAULT_PROFILE = new Convert::BER::XS::Profile; |
463 |
|
|
|
464 |
|
|
$DEFAULT_PROFILE->_set_default; |
465 |
|
|
|
466 |
|
|
# additional SNMP application types |
467 |
|
|
our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
468 |
|
|
|
469 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
470 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
471 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
472 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
473 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
474 |
|
|
|
475 |
|
|
=head2 DEBUGGING |
476 |
|
|
|
477 |
|
|
To aid debugging, you cna call the C<ber_dump> function to print a "nice" |
478 |
|
|
representation to STDOUT. |
479 |
|
|
|
480 |
|
|
=over |
481 |
|
|
|
482 |
root |
1.37 |
=item ber_dump $tuple[, $profile[, $prefix]] |
483 |
root |
1.36 |
|
484 |
|
|
In addition to specifying the BER C<$tuple> to dump, youc an also specify |
485 |
|
|
a C<$profile> and a C<$prefix> string that is printed in front of each line. |
486 |
|
|
|
487 |
|
|
If C<$profile> is C<$Convert::BER::XS::SNMP_PROFILE>, then C<ber_dump> |
488 |
|
|
will try to improve its output for SNMP data. |
489 |
|
|
|
490 |
|
|
The output usually contains three columns, the "human readable" tag, the |
491 |
|
|
BER type used to decode it, and the data value. |
492 |
|
|
|
493 |
|
|
This function is somewhat slow and uses a number of heuristics and tricks, |
494 |
|
|
so it really is only suitable for debug prints. |
495 |
|
|
|
496 |
|
|
Example output: |
497 |
|
|
|
498 |
|
|
SEQUENCE |
499 |
|
|
| OCTET_STRING bytes 800063784300454045045400000001 |
500 |
|
|
| OCTET_STRING bytes |
501 |
|
|
| CONTEXT (7) bytes CONSTRUCTED |
502 |
|
|
| | INTEGER int 1058588941 |
503 |
|
|
| | INTEGER int 0 |
504 |
|
|
| | INTEGER int 0 |
505 |
|
|
| | SEQUENCE |
506 |
|
|
| | | SEQUENCE |
507 |
|
|
| | | | OID oid 1.3.6.1.2.1.1.3.0 |
508 |
|
|
| | | | TIMETICKS int 638085796 |
509 |
|
|
|
510 |
|
|
=cut |
511 |
|
|
|
512 |
|
|
# reverse enum, very slow and ugly hack |
513 |
|
|
sub _re { |
514 |
|
|
my ($export_tag, $value) = @_; |
515 |
|
|
|
516 |
|
|
for my $symbol (@{ $EXPORT_TAGS{$export_tag} }) { |
517 |
|
|
$value == eval $symbol |
518 |
|
|
and return $symbol; |
519 |
|
|
} |
520 |
|
|
|
521 |
|
|
"($value)" |
522 |
|
|
} |
523 |
|
|
|
524 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
525 |
|
|
|
526 |
|
|
sub _ber_dump { |
527 |
|
|
my ($ber, $profile, $indent) = @_; |
528 |
|
|
|
529 |
|
|
if (my $seq = ber_is_seq $ber) { |
530 |
|
|
printf "%sSEQUENCE\n", $indent; |
531 |
|
|
&_ber_dump ($_, $profile, "$indent| ") |
532 |
|
|
for @$seq; |
533 |
|
|
} else { |
534 |
|
|
my $asn = $ber->[BER_CLASS] == ASN_UNIVERSAL; |
535 |
|
|
|
536 |
|
|
my $class = _re const_asn_class => $ber->[BER_CLASS]; |
537 |
|
|
my $tag = $asn ? _re const_asn_tag => $ber->[BER_TAG] : $ber->[BER_TAG]; |
538 |
|
|
my $type = _re const_ber_type => $profile->get ($ber->[BER_CLASS], $ber->[BER_TAG]); |
539 |
|
|
my $data = $ber->[BER_DATA]; |
540 |
|
|
|
541 |
|
|
if ($profile == $SNMP_PROFILE and $ber->[BER_CLASS] == ASN_APPLICATION) { |
542 |
|
|
$tag = _re const_snmp => $ber->[BER_TAG]; |
543 |
root |
1.38 |
} elsif (!$asn) { |
544 |
|
|
$tag = "$class ($tag)"; |
545 |
root |
1.36 |
} |
546 |
|
|
|
547 |
|
|
$class =~ s/^ASN_//; |
548 |
|
|
$tag =~ s/^(ASN_|SNMP_)//; |
549 |
|
|
$type =~ s/^BER_TYPE_//; |
550 |
|
|
|
551 |
|
|
if ($ber->[BER_FLAGS]) { |
552 |
|
|
printf "$indent%-16.16s %-6.6s CONSTRUCTED\n", $tag, lc $type; |
553 |
|
|
&_ber_dump ($_, $profile, "$indent| ") |
554 |
|
|
for @$data; |
555 |
|
|
} else { |
556 |
|
|
if ($data =~ y/\x20-\x7e//c > 10 or $data =~ /\x00./s) { |
557 |
|
|
# assume binary |
558 |
|
|
$data = unpack "H*", $data; |
559 |
|
|
substr $data, 40, 1e9, "..." if 40 < length $data; |
560 |
|
|
} else { |
561 |
|
|
$data =~ s/[^\x20-\x7e]/./g; |
562 |
|
|
$data = "\"$data\"" if $type =~ /string/i; |
563 |
|
|
substr $data, 40, 1e9, "..." if 40 < length $data; |
564 |
|
|
} |
565 |
|
|
|
566 |
|
|
printf "$indent%-16.16s %-6.6s %s\n", $tag, lc $type, $data; |
567 |
|
|
} |
568 |
|
|
} |
569 |
|
|
} |
570 |
|
|
|
571 |
|
|
sub ber_dump($;$$) { |
572 |
|
|
_ber_dump $_[0], $_[1] || $DEFAULT_PROFILE, $_[2]; |
573 |
|
|
} |
574 |
root |
1.4 |
|
575 |
root |
1.13 |
=head1 PROFILES |
576 |
|
|
|
577 |
|
|
While any BER data can be correctly encoded and decoded out of the box, it |
578 |
|
|
can be inconvenient to have to manually decode some values into a "better" |
579 |
|
|
format: for instance, SNMP TimeTicks values are decoded into the raw octet |
580 |
|
|
strings of their BER representation, which is quite hard to decode. With |
581 |
|
|
profiles, you can change which class/tag combinations map to which decoder |
582 |
|
|
function inside C<ber_decode> (and of course also which encoder functions |
583 |
|
|
are used in C<ber_encode>). |
584 |
|
|
|
585 |
|
|
This works by mapping specific class/tag combinations to an internal "ber |
586 |
|
|
type". |
587 |
|
|
|
588 |
|
|
The default profile supports the standard ASN.1 types, but no |
589 |
|
|
application-specific ones. This means that class/tag combinations not in |
590 |
|
|
the base set of ASN.1 are decoded into their raw octet strings. |
591 |
|
|
|
592 |
root |
1.15 |
C<Convert::BER::XS> defines two profile variables you can use out of the box: |
593 |
root |
1.13 |
|
594 |
|
|
=over |
595 |
|
|
|
596 |
|
|
=item C<$Convert::BER::XS::DEFAULT_PROFILE> |
597 |
|
|
|
598 |
|
|
This is the default profile, i.e. the profile that is used when no |
599 |
|
|
profile is specified for de-/encoding. |
600 |
|
|
|
601 |
root |
1.15 |
You can modify it, but remember that this modifies the defaults for all |
602 |
|
|
callers that rely on the default profile. |
603 |
root |
1.13 |
|
604 |
|
|
=item C<$Convert::BER::XS::SNMP_PROFILE> |
605 |
|
|
|
606 |
|
|
A profile with mappings for SNMP-specific application tags added. This is |
607 |
|
|
useful when de-/encoding SNMP data. |
608 |
|
|
|
609 |
|
|
Example: |
610 |
root |
1.15 |
|
611 |
root |
1.13 |
$ber = ber_decode $data, $Convert::BER::XS::SNMP_PROFILE; |
612 |
|
|
|
613 |
|
|
=back |
614 |
|
|
|
615 |
|
|
=head2 The Convert::BER::XS::Profile class |
616 |
|
|
|
617 |
|
|
=over |
618 |
|
|
|
619 |
|
|
=item $profile = new Convert::BER::XS::Profile |
620 |
|
|
|
621 |
|
|
Create a new profile. The profile will be identical to the default |
622 |
|
|
profile. |
623 |
|
|
|
624 |
|
|
=item $profile->set ($class, $tag, $type) |
625 |
|
|
|
626 |
|
|
Sets the mapping for the given C<$class>/C<$tag> combination to C<$type>, |
627 |
|
|
which must be one of the C<BER_TYPE_*> constants. |
628 |
|
|
|
629 |
|
|
Note that currently, the mapping is stored in a flat array, so large |
630 |
|
|
values of C<$tag> will consume large amounts of memory. |
631 |
|
|
|
632 |
|
|
Example: |
633 |
root |
1.15 |
|
634 |
root |
1.13 |
$profile = new Convert::BER::XS::Profile; |
635 |
|
|
$profile->set (ASN_APPLICATION, SNMP_COUNTER32, BER_TYPE_INT); |
636 |
|
|
$ber = ber_decode $data, $profile; |
637 |
|
|
|
638 |
|
|
=item $type = $profile->get ($class, $tag) |
639 |
|
|
|
640 |
|
|
Returns the BER type mapped to the given C<$class>/C<$tag> combination. |
641 |
|
|
|
642 |
|
|
=back |
643 |
|
|
|
644 |
|
|
=head2 BER TYPES |
645 |
|
|
|
646 |
|
|
This lists the predefined BER types - you can map any C<CLASS>/C<TAG> |
647 |
|
|
combination to any C<BER_TYPE_*>. |
648 |
|
|
|
649 |
|
|
=over |
650 |
|
|
|
651 |
|
|
=item C<BER_TYPE_BYTES> |
652 |
|
|
|
653 |
|
|
The raw octets of the value. This is the default type for unknown tags and |
654 |
|
|
de-/encodes the value as if it were an octet string, i.e. by copying the |
655 |
|
|
raw bytes. |
656 |
|
|
|
657 |
|
|
=item C<BER_TYPE_UTF8> |
658 |
|
|
|
659 |
|
|
Like C<BER_TYPE_BYTES>, but decodes the value as if it were a UTF-8 string |
660 |
|
|
(without validation!) and encodes a perl unicode string into a UTF-8 BER |
661 |
|
|
string. |
662 |
|
|
|
663 |
|
|
=item C<BER_TYPE_UCS2> |
664 |
|
|
|
665 |
|
|
Similar to C<BER_TYPE_UTF8>, but treats the BER value as UCS-2 encoded |
666 |
root |
1.14 |
string. |
667 |
root |
1.13 |
|
668 |
|
|
=item C<BER_TYPE_UCS4> |
669 |
|
|
|
670 |
|
|
Similar to C<BER_TYPE_UTF8>, but treats the BER value as UCS-4 encoded |
671 |
root |
1.14 |
string. |
672 |
root |
1.13 |
|
673 |
|
|
=item C<BER_TYPE_INT> |
674 |
|
|
|
675 |
|
|
Encodes and decodes a BER integer value to a perl integer scalar. This |
676 |
|
|
should correctly handle 64 bit signed and unsigned values. |
677 |
|
|
|
678 |
|
|
=item C<BER_TYPE_OID> |
679 |
|
|
|
680 |
|
|
Encodes and decodes an OBJECT IDENTIFIER into dotted form without leading |
681 |
|
|
dot, e.g. C<1.3.6.1.213>. |
682 |
|
|
|
683 |
|
|
=item C<BER_TYPE_RELOID> |
684 |
|
|
|
685 |
root |
1.15 |
Same as C<BER_TYPE_OID> but uses relative object identifier |
686 |
|
|
encoding: ASN.1 has this hack of encoding the first two OID components |
687 |
|
|
into a single integer in a weird attempt to save an insignificant amount |
688 |
|
|
of space in an otherwise wasteful encoding, and relative OIDs are |
689 |
|
|
basically OIDs without this hack. The practical difference is that the |
690 |
|
|
second component of an OID can only have the values 1..40, while relative |
691 |
|
|
OIDs do not have this restriction. |
692 |
root |
1.13 |
|
693 |
|
|
=item C<BER_TYPE_NULL> |
694 |
|
|
|
695 |
|
|
Decodes an C<ASN_NULL> value into C<undef>, and always encodes a |
696 |
|
|
C<ASN_NULL> type, regardless of the perl value. |
697 |
|
|
|
698 |
|
|
=item C<BER_TYPE_BOOL> |
699 |
|
|
|
700 |
|
|
Decodes an C<ASN_BOOLEAN> value into C<0> or C<1>, and encodes a perl |
701 |
|
|
boolean value into an C<ASN_BOOLEAN>. |
702 |
|
|
|
703 |
|
|
=item C<BER_TYPE_REAL> |
704 |
|
|
|
705 |
|
|
Decodes/encodes a BER real value. NOT IMPLEMENTED. |
706 |
|
|
|
707 |
|
|
=item C<BER_TYPE_IPADDRESS> |
708 |
|
|
|
709 |
root |
1.15 |
Decodes/encodes a four byte string into an IPv4 dotted-quad address string |
710 |
|
|
in Perl. Given the obsolete nature of this type, this is a low-effort |
711 |
root |
1.13 |
implementation that simply uses C<sprintf> and C<sscanf>-style conversion, |
712 |
root |
1.15 |
so it won't handle all string forms supported by C<inet_aton> for example. |
713 |
root |
1.13 |
|
714 |
|
|
=item C<BER_TYPE_CROAK> |
715 |
|
|
|
716 |
|
|
Always croaks when encountered during encoding or decoding - the |
717 |
|
|
default behaviour when encountering an unknown type is to treat it as |
718 |
|
|
C<BER_TYPE_BYTES>. When you don't want that but instead prefer a hard |
719 |
root |
1.16 |
error for some types, then C<BER_TYPE_CROAK> is for you. |
720 |
root |
1.13 |
|
721 |
|
|
=back |
722 |
|
|
|
723 |
root |
1.30 |
=head2 Example Profile |
724 |
|
|
|
725 |
|
|
The following creates a profile suitable for SNMP - it's exactly identical |
726 |
|
|
to the C<$Convert::BER::XS::SNMP_PROFILE> profile. |
727 |
|
|
|
728 |
|
|
our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
729 |
|
|
|
730 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
731 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
732 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
733 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
734 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
735 |
|
|
$SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
736 |
|
|
|
737 |
root |
1.19 |
=head2 LIMITATIONS/NOTES |
738 |
root |
1.13 |
|
739 |
|
|
This module can only en-/decode 64 bit signed and unsigned integers, and |
740 |
|
|
only when your perl supports those. |
741 |
root |
1.4 |
|
742 |
root |
1.19 |
This module does not generally care about ranges, i.e. it will happily |
743 |
root |
1.25 |
de-/encode 64 bit integers into an C<ASN_INTEGER> value, or a negative |
744 |
root |
1.19 |
number into an C<SNMP_COUNTER64>. |
745 |
|
|
|
746 |
root |
1.16 |
OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
747 |
root |
1.19 |
much larger than e.g. the one imposed by SNMP or other protocols,a nd is |
748 |
|
|
about 4kB. |
749 |
root |
1.4 |
|
750 |
root |
1.28 |
Indefinite length encoding is not supported. |
751 |
|
|
|
752 |
|
|
Constructed strings are decoded just fine, but there should be a way to |
753 |
|
|
join them for convenience. |
754 |
|
|
|
755 |
root |
1.19 |
REAL values are not supported and will currently croak. |
756 |
root |
1.14 |
|
757 |
root |
1.32 |
The encoder and decoder tend to accept more formats than should be |
758 |
|
|
strictly supported. |
759 |
|
|
|
760 |
root |
1.14 |
This module has undergone little to no testing so far. |
761 |
|
|
|
762 |
root |
1.17 |
=head2 ITHREADS SUPPORT |
763 |
|
|
|
764 |
|
|
This module is unlikely to work when the (officially discouraged) ithreads |
765 |
|
|
are in use. |
766 |
|
|
|
767 |
root |
1.1 |
=head1 AUTHOR |
768 |
|
|
|
769 |
|
|
Marc Lehmann <schmorp@schmorp.de> |
770 |
|
|
http://software.schmorp.de/pkg/Convert-BER-XS |
771 |
|
|
|
772 |
|
|
=cut |
773 |
|
|
|
774 |
root |
1.36 |
1; |
775 |
|
|
|