1 | =head1 NAME |
1 | =head1 NAME |
2 | |
2 | |
3 | Convert::BER::XS - I<very> low level BER decoding |
3 | Convert::BER::XS - I<very> low level BER en-/decoding |
4 | |
4 | |
5 | =head1 SYNOPSIS |
5 | =head1 SYNOPSIS |
6 | |
6 | |
7 | use Convert::BER::XS ':all'; |
7 | use Convert::BER::XS ':all'; |
8 | |
8 | |
9 | my $ber = ber_decode $buf |
9 | my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
10 | or die "unable to decode SNMP v1/v2c Message"; |
10 | or die "unable to decode SNMP message"; |
|
|
11 | |
|
|
12 | # The above results in a data structure consisting of |
|
|
13 | # (class, tag, flags, data) |
|
|
14 | # tuples. Below is such a message, SNMPv1 trap |
|
|
15 | # with a Cisco mac change notification. |
|
|
16 | # Did you know that Cisco is in the news almost |
|
|
17 | # every week because of some backdoor password |
|
|
18 | # or other extremely stupid security bug? |
|
|
19 | |
|
|
20 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, |
|
|
21 | [ |
|
|
22 | [ ASN_UNIVERSAL, ASN_INTEGER, 0, 0 ], # snmp version 1 |
|
|
23 | [ ASN_UNIVERSAL, 4, 0, "public" ], # community |
|
|
24 | [ ASN_CONTEXT, 4, 1, # CHOICE, constructed - trap PDU |
|
|
25 | [ |
|
|
26 | [ ASN_UNIVERSAL, ASN_OBJECT_IDENTIFIER, 0, "1.3.6.1.4.1.9.9.215.2" ], # enterprise oid |
|
|
27 | [ ASN_APPLICATION, SNMP_IPADDRESS, 0, "10.0.0.1" ], # SNMP IpAddress |
|
|
28 | [ ASN_UNIVERSAL, ASN_INTEGER, 0, 6 ], # generic trap |
|
|
29 | [ ASN_UNIVERSAL, ASN_INTEGER, 0, 1 ], # specific trap |
|
|
30 | [ ASN_APPLICATION, SNMP_TIMETICKS, 0, 1817903850 ], # SNMP TimeTicks |
|
|
31 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, # the varbindlist |
|
|
32 | [ |
|
|
33 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, # a single varbind, "key value" pair |
|
|
34 | [ |
|
|
35 | [ ASN_UNIVERSAL, ASN_OBJECT_IDENTIFIER, 0, "1.3.6.1.4.1.9.9.215.1.1.8.1.2.1" ], |
|
|
36 | [ ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "...data..." # the value |
|
|
37 | ] |
|
|
38 | ] |
|
|
39 | ], |
|
|
40 | ... |
|
|
41 | # let's dump it, for debugging |
|
|
42 | |
|
|
43 | ber_dump $ber, $Convert::BER::XS::SNMP_PROFILE; |
|
|
44 | |
|
|
45 | # let's decode it a bit with some helper functions |
11 | |
46 | |
12 | my $msg = ber_is_seq $ber |
47 | my $msg = ber_is_seq $ber |
13 | or die "SNMP message does not start with a sequence"; |
48 | or die "SNMP message does not start with a sequence"; |
14 | |
49 | |
15 | ber_is $msg->[0], ASN_UNIVERSAL, ASN_INTEGER32, 0 |
50 | ber_is $msg->[0], ASN_UNIVERSAL, ASN_INTEGER, 0 |
16 | or die "SNMP message does not start with snmp version\n"; |
51 | or die "SNMP message does not start with snmp version\n"; |
17 | |
52 | |
|
|
53 | # message is SNMP v1 or v2c? |
18 | if ($msg->[0][BER_DATA] == 0 || $msg->[0][BER_DATA] == 1) { |
54 | if ($msg->[0][BER_DATA] == 0 || $msg->[0][BER_DATA] == 1) { |
|
|
55 | |
19 | # message is SNMP v1 or v2c |
56 | # message is v1 trap? |
20 | |
|
|
21 | if (ber_is $msg->[2], ASN_CONTEXT, 4, 1) { |
57 | if (ber_is $msg->[2], ASN_CONTEXT, 4, 1) { |
22 | # message is v1 trap |
|
|
23 | my $trap = $msg->[2][BER_DATA]; |
58 | my $trap = $msg->[2][BER_DATA]; |
24 | |
59 | |
25 | # check whether trap is a cisco mac notification mac changed message |
60 | # check whether trap is a cisco mac notification mac changed message |
26 | if ( |
61 | if ( |
27 | (ber_is_oid $trap->[0], "1.3.6.1.4.1.9.9.215.2") # cmnInterfaceObjects |
62 | (ber_is_oid $trap->[0], "1.3.6.1.4.1.9.9.215.2") # cmnInterfaceObjects |
28 | and (ber_is_i32 $trap->[2], 6) |
63 | and (ber_is_int $trap->[2], 6) |
29 | and (ber_is_i32 $trap->[3], 1) # mac changed msg |
64 | and (ber_is_int $trap->[3], 1) # mac changed msg |
30 | ) { |
65 | ) { |
31 | ... and so on |
66 | ... and so on |
32 | |
67 | |
|
|
68 | # finally, let's encode it again and hope it results in the same bit pattern |
|
|
69 | |
|
|
70 | my $buf = ber_encode $ber, $Convert::BER::XS::SNMP_PROFILE; |
|
|
71 | |
33 | =head1 DESCRIPTION |
72 | =head1 DESCRIPTION |
34 | |
73 | |
|
|
74 | WARNING: Before release 1.0, the API is not considered stable in any way. |
|
|
75 | |
35 | This module implements a I<very> low level BER/DER decoder, and in the |
76 | This module implements a I<very> low level BER/DER en-/decoder. |
36 | future, probably also an encoder (tell me if you want an encoder, this |
|
|
37 | might speed up the process of getting one). |
|
|
38 | |
77 | |
39 | If is tuned for low memory and high speed, while still maintaining some |
78 | It is tuned for low memory and high speed, while still maintaining some |
40 | level of user-friendlyness. |
79 | level of user-friendlyness. |
41 | |
80 | |
42 | Currently, not much is documented, as this is an initial release to |
81 | =head2 EXPORT TAGS AND CONSTANTS |
43 | reserve CPAN namespace, stay tuned for a few days. |
82 | |
|
|
83 | By default this module doesn't export any symbols, but if you don't want |
|
|
84 | to break your keyboard, editor or eyesight with extremely long names, I |
|
|
85 | recommend importing the C<:all> tag. Still, you can selectively import |
|
|
86 | things. |
|
|
87 | |
|
|
88 | =over |
|
|
89 | |
|
|
90 | =item C<:all> |
|
|
91 | |
|
|
92 | All of the below. Really. Recommended for at least first steps, or if you |
|
|
93 | don't care about a few kilobytes of wasted memory (and namespace). |
|
|
94 | |
|
|
95 | =item C<:const> |
|
|
96 | |
|
|
97 | All of the strictly ASN.1-related constants defined by this module, the |
|
|
98 | same as C<:const_asn :const_index>. Notably, this does not contain |
|
|
99 | C<:const_ber_type> and C<:const_snmp>. |
|
|
100 | |
|
|
101 | A good set to get everything you need to decode and match BER data would be |
|
|
102 | C<:decode :const>. |
|
|
103 | |
|
|
104 | =item C<:const_index> |
|
|
105 | |
|
|
106 | The BER tuple array index constants: |
|
|
107 | |
|
|
108 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
|
|
109 | |
|
|
110 | =item C<:const_asn> |
|
|
111 | |
|
|
112 | ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
|
|
113 | exactly thw two topmost bits from the identifier octet shifted 6 bits to |
|
|
114 | the right): |
|
|
115 | |
|
|
116 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
|
|
117 | |
|
|
118 | ASN tag values (some of which are aliases, such as C<ASN_OID>). Their |
|
|
119 | numerical value corresponds exactly to the numbers used in BER/X.690. |
|
|
120 | |
|
|
121 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OID |
|
|
122 | ASN_OBJECT_IDENTIFIER ASN_OBJECT_DESCRIPTOR ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
|
|
123 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
|
|
124 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
|
|
125 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
|
|
126 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
|
|
127 | |
|
|
128 | =item C<:const_ber_type> |
|
|
129 | |
|
|
130 | The BER type constants, explained in the PROFILES section. |
|
|
131 | |
|
|
132 | BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
|
|
133 | BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
|
|
134 | BER_TYPE_IPADDRESS BER_TYPE_CROAK |
|
|
135 | |
|
|
136 | =item C<:const_snmp> |
|
|
137 | |
|
|
138 | Constants only relevant to SNMP. These are the tag values used by SNMP in |
|
|
139 | the C<ASN_APPLICATION> namespace and have the exact numerical value as in |
|
|
140 | BER/RFC 2578. |
|
|
141 | |
|
|
142 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_UNSIGNED32 SNMP_GAUGE32 |
|
|
143 | SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
|
|
144 | |
|
|
145 | =item C<:decode> |
|
|
146 | |
|
|
147 | C<ber_decode> and the match helper functions: |
|
|
148 | |
|
|
149 | ber_decode ber-decode_prefix |
|
|
150 | ber_is ber_is_seq ber_is_int ber_is_oid |
|
|
151 | ber_dump |
|
|
152 | |
|
|
153 | =item C<:encode> |
|
|
154 | |
|
|
155 | C<ber_encode> and the construction helper functions: |
|
|
156 | |
|
|
157 | ber_encode |
|
|
158 | ber_int |
|
|
159 | |
|
|
160 | =back |
|
|
161 | |
|
|
162 | =head2 ASN.1/BER/DER/... BASICS |
|
|
163 | |
|
|
164 | ASN.1 is a strange language that can be used to describe protocols and |
|
|
165 | data structures. It supports various mappings to JSON, XML, but most |
|
|
166 | importantly, to a various binary encodings such as BER, that is the topic |
|
|
167 | of this module, and is used in SNMP, LDAP or X.509 for example. |
|
|
168 | |
|
|
169 | While ASN.1 defines a schema that is useful to interpret encoded data, |
|
|
170 | the BER encoding is actually somewhat self-describing: you might not know |
|
|
171 | whether something is a string or a number or a sequence or something else, |
|
|
172 | but you can nevertheless decode the overall structure, even if you end up |
|
|
173 | with just a binary blob for the actual value. |
|
|
174 | |
|
|
175 | This works because BER values are tagged with a type and a namespace, |
|
|
176 | and also have a flag that says whether a value consists of subvalues (is |
|
|
177 | "constructed") or not (is "primitive"). |
|
|
178 | |
|
|
179 | Tags are simple integers, and ASN.1 defines a somewhat weird assortment |
|
|
180 | of those - for example, you have one integers and 16(!) different |
|
|
181 | string types, but there is no Unsigned32 type for example. Different |
|
|
182 | applications work around this in different ways, for example, SNMP defines |
|
|
183 | application-specific Gauge32, Counter32 and Unsigned32, which are mapped |
|
|
184 | to two different tags: you can distinguish between Counter32 and the |
|
|
185 | others, but not between Gause32 and Unsigned32, without the ASN.1 schema. |
|
|
186 | |
|
|
187 | Ugh. |
|
|
188 | |
|
|
189 | =head2 DECODED BER REPRESENTATION |
|
|
190 | |
|
|
191 | This module represents every BER value as a 4-element tuple (actually an |
|
|
192 | array-reference): |
|
|
193 | |
|
|
194 | [CLASS, TAG, FLAGS, DATA] |
|
|
195 | |
|
|
196 | For example: |
|
|
197 | |
|
|
198 | [ASN_UNIVERSAL, ASN_INTEGER, 0, 177] # the integer 177 |
|
|
199 | [ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "john"] # the string "john" |
|
|
200 | [ASN_UNIVERSAL, ASN_OID, 0, "1.3.6.133"] # some OID |
|
|
201 | [ASN_UNIVERSAL, ASN_SEQUENCE, 1, [ [ASN_UNIVERSAL... # a sequence |
|
|
202 | |
|
|
203 | To avoid non-descriptive hardcoded array index numbers, this module |
|
|
204 | defines symbolic constants to access these members: C<BER_CLASS>, |
|
|
205 | C<BER_TAG>, C<BER_FLAGS> and C<BER_DATA>. |
|
|
206 | |
|
|
207 | Also, the first three members are integers with a little caveat: for |
|
|
208 | performance reasons, these are readonly and shared, so you must not modify |
|
|
209 | them (increment, assign to them etc.) in any way. You may modify the |
|
|
210 | I<DATA> member, and you may re-assign the array itself, e.g.: |
|
|
211 | |
|
|
212 | $ber = ber_decode $binbuf; |
|
|
213 | |
|
|
214 | # the following is NOT legal: |
|
|
215 | $ber->[BER_CLASS] = ASN_PRIVATE; # ERROR, CLASS/TAG/FLAGS are READ ONLY(!) |
|
|
216 | |
|
|
217 | # but all of the following are fine: |
|
|
218 | $ber->[BER_DATA] = "string"; |
|
|
219 | $ber->[BER_DATA] = [ASN_UNIVERSAL, ASN_INTEGER, 0, 123]; |
|
|
220 | @$ber = (ASN_APPLICATION, SNMP_TIMETICKS, 0, 1000); |
|
|
221 | |
|
|
222 | I<CLASS> is something like a namespace for I<TAG>s - there is the |
|
|
223 | C<ASN_UNIVERSAL> namespace which defines tags common to all ASN.1 |
|
|
224 | implementations, the C<ASN_APPLICATION> namespace which defines tags for |
|
|
225 | specific applications (for example, the SNMP C<Unsigned32> type is in this |
|
|
226 | namespace), a special-purpose context namespace (C<ASN_CONTEXT>, used e.g. |
|
|
227 | for C<CHOICE>) and a private namespace (C<ASN_PRIVATE>). |
|
|
228 | |
|
|
229 | The meaning of the I<TAG> depends on the namespace, and defines a |
|
|
230 | (partial) interpretation of the data value. For example, SNMP defines |
|
|
231 | extra tags in the C<ASN_APPLICATION> namespace, and to take full advantage |
|
|
232 | of these, you need to tell this module how to handle those via profiles. |
|
|
233 | |
|
|
234 | The most common tags in the C<ASN_UNIVERSAL> namespace are |
|
|
235 | C<ASN_INTEGER>, C<ASN_BIT_STRING>, C<ASN_NULL>, C<ASN_OCTET_STRING>, |
|
|
236 | C<ASN_OBJECT_IDENTIFIER>, C<ASN_SEQUENCE>, C<ASN_SET> and |
|
|
237 | C<ASN_IA5_STRING>. |
|
|
238 | |
|
|
239 | The most common tags in SNMP's C<ASN_APPLICATION> namespace are |
|
|
240 | C<SNMP_COUNTER32>, C<SNMP_UNSIGNED32>, C<SNMP_TIMETICKS> and |
|
|
241 | C<SNMP_COUNTER64>. |
|
|
242 | |
|
|
243 | The I<FLAGS> value is really just a boolean at this time (but might |
|
|
244 | get extended) - if it is C<0>, the value is "primitive" and contains |
|
|
245 | no subvalues, kind of like a non-reference perl scalar. If it is C<1>, |
|
|
246 | then the value is "constructed" which just means it contains a list of |
|
|
247 | subvalues which this module will en-/decode as BER tuples themselves. |
|
|
248 | |
|
|
249 | The I<DATA> value is either a reference to an array of further tuples |
|
|
250 | (if the value is I<FLAGS>), some decoded representation of the value, if |
|
|
251 | this module knows how to decode it (e.g. for the integer types above) or |
|
|
252 | a binary string with the raw octets if this module doesn't know how to |
|
|
253 | interpret the namespace/tag. |
|
|
254 | |
|
|
255 | Thus, you can always decode a BER data structure and at worst you get a |
|
|
256 | string in place of some nice decoded value. |
|
|
257 | |
|
|
258 | See the SYNOPSIS for an example of such an encoded tuple representation. |
|
|
259 | |
|
|
260 | =head2 DECODING AND ENCODING |
|
|
261 | |
|
|
262 | =over |
|
|
263 | |
|
|
264 | =item $tuple = ber_decode $bindata[, $profile] |
|
|
265 | |
|
|
266 | Decodes binary BER data in C<$bindata> and returns the resulting BER |
|
|
267 | tuple. Croaks on any decoding error, so the returned C<$tuple> is always |
|
|
268 | valid. |
|
|
269 | |
|
|
270 | How tags are interpreted is defined by the second argument, which must |
|
|
271 | be a C<Convert::BER::XS::Profile> object. If it is missing, the default |
|
|
272 | profile will be used (C<$Convert::BER::XS::DEFAULT_PROFILE>). |
|
|
273 | |
|
|
274 | In addition to rolling your own, this module provides a |
|
|
275 | C<$Convert::BER::XS::SNMP_PROFILE> that knows about the additional SNMP |
|
|
276 | types. |
|
|
277 | |
|
|
278 | Example: decode a BER blob using the default profile - SNMP values will be |
|
|
279 | decided as raw strings. |
|
|
280 | |
|
|
281 | $tuple = ber_decode $data; |
|
|
282 | |
|
|
283 | Example: as above, but use the provided SNMP profile. |
|
|
284 | |
|
|
285 | $tuple = ber_encode $data, $Convert::BER::XS::SNMP_PROFILE; |
|
|
286 | |
|
|
287 | =item ($tuple, $bytes) = ber_decode_prefix $bindata[, $profile] |
|
|
288 | |
|
|
289 | Works like C<ber_decode>, except it doesn't croak when there is data after |
|
|
290 | the BER data, but instead returns the decoded value and the number of |
|
|
291 | bytes it decoded. |
|
|
292 | |
|
|
293 | This is useful when you have BER data at the start of a buffer and other |
|
|
294 | data after, and you need to find the length. |
|
|
295 | |
|
|
296 | Also, since BER is self-delimited, this can be used to decode multiple BER |
|
|
297 | values joined together. |
|
|
298 | |
|
|
299 | =item $bindata = ber_encode $tuple[, $profile] |
|
|
300 | |
|
|
301 | Encodes the BER tuple into a BER/DER data structure. AS with |
|
|
302 | Cyber_decode>, an optional profile can be given. |
|
|
303 | |
|
|
304 | The encoded data should be both BER and DER ("shortest form") compliant |
|
|
305 | unless the input says otherwise (e.g. it uses constructed strings). |
|
|
306 | |
|
|
307 | =back |
|
|
308 | |
|
|
309 | =head2 HELPER FUNCTIONS |
|
|
310 | |
|
|
311 | Working with a 4-tuple for every value can be annoying. Or, rather, I<is> |
|
|
312 | annoying. To reduce this a bit, this module defines a number of helper |
|
|
313 | functions, both to match BER tuples and to construct BER tuples: |
|
|
314 | |
|
|
315 | =head3 MATCH HELPERS |
|
|
316 | |
|
|
317 | These functions accept a BER tuple as first argument and either partially |
|
|
318 | or fully match it. They often come in two forms, one which exactly matches |
|
|
319 | a value, and one which only matches the type and returns the value. |
|
|
320 | |
|
|
321 | They do check whether valid tuples are passed in and croak otherwise. As |
|
|
322 | a ease-of-use exception, they usually also accept C<undef> instead of a |
|
|
323 | tuple reference, in which case they silently fail to match. |
|
|
324 | |
|
|
325 | =over |
|
|
326 | |
|
|
327 | =item $bool = ber_is $tuple, $class, $tag, $flags, $data |
|
|
328 | |
|
|
329 | This takes a BER C<$tuple> and matches its elements against the provided |
|
|
330 | values, all of which are optional - values that are either missing or |
|
|
331 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
|
|
332 | you used C<==> or C<eq> (for C<$data>)). |
|
|
333 | |
|
|
334 | Some examples: |
|
|
335 | |
|
|
336 | ber_is $tuple, ASN_UNIVERSAL, ASN_SEQUENCE, 1 |
|
|
337 | orf die "tuple is not an ASN SEQUENCE"; |
|
|
338 | |
|
|
339 | ber_is $tuple, ASN_UNIVERSAL, ASN_NULL |
|
|
340 | or die "tuple is not an ASN NULL value"; |
|
|
341 | |
|
|
342 | ber_is $tuple, ASN_UNIVERSAL, ASN_INTEGER, 0, 50 |
|
|
343 | or die "BER integer must be 50"; |
|
|
344 | |
|
|
345 | =item $seq = ber_is_seq $tuple |
|
|
346 | |
|
|
347 | Returns the sequence members (the array of subvalues) if the C<$tuple> is |
|
|
348 | an ASN SEQUENCE, i.e. the C<BER_DATA> member. If the C<$tuple> is not a |
|
|
349 | sequence it returns C<undef>. For example, SNMP version 1/2c/3 packets all |
|
|
350 | consist of an outer SEQUENCE value: |
|
|
351 | |
|
|
352 | my $ber = ber_decode $snmp_data; |
|
|
353 | |
|
|
354 | my $snmp = ber_is_seq $ber |
|
|
355 | or die "SNMP packet invalid: does not start with SEQUENCE"; |
|
|
356 | |
|
|
357 | # now we know $snmp is a sequence, so decode the SNMP version |
|
|
358 | |
|
|
359 | my $version = ber_is_int $snmp->[0] |
|
|
360 | or die "SNMP packet invalid: does not start with version number"; |
|
|
361 | |
|
|
362 | =item $bool = ber_is_int $tuple, $int |
|
|
363 | |
|
|
364 | Returns a true value if the C<$tuple> represents an ASN INTEGER with |
|
|
365 | the value C<$int>. |
|
|
366 | |
|
|
367 | =item $int = ber_is_int $tuple |
|
|
368 | |
|
|
369 | Returns true (and extracts the integer value) if the C<$tuple> is an |
|
|
370 | C<ASN_INTEGER>. For C<0>, this function returns a special value that is 0 |
|
|
371 | but true. |
|
|
372 | |
|
|
373 | =item $bool = ber_is_oid $tuple, $oid_string |
|
|
374 | |
|
|
375 | Returns true if the C<$tuple> represents an ASN_OBJECT_IDENTIFIER |
|
|
376 | that exactly matches C<$oid_string>. Example: |
|
|
377 | |
|
|
378 | ber_is_oid $tuple, "1.3.6.1.4" |
|
|
379 | or die "oid must be 1.3.6.1.4"; |
|
|
380 | |
|
|
381 | =item $oid = ber_is_oid $tuple |
|
|
382 | |
|
|
383 | Returns true (and extracts the OID string) if the C<$tuple> is an ASN |
|
|
384 | OBJECT IDENTIFIER. Otherwise, it returns C<undef>. |
|
|
385 | |
|
|
386 | =back |
|
|
387 | |
|
|
388 | =head3 CONSTRUCTION HELPERS |
|
|
389 | |
|
|
390 | =over |
|
|
391 | |
|
|
392 | =item $tuple = ber_int $value |
|
|
393 | |
|
|
394 | Constructs a new C<ASN_INTEGER> tuple. |
|
|
395 | |
|
|
396 | =back |
44 | |
397 | |
45 | =head2 RELATIONSHIP TO L<Convert::BER> and L<Convert::ASN1> |
398 | =head2 RELATIONSHIP TO L<Convert::BER> and L<Convert::ASN1> |
46 | |
399 | |
47 | This module is I<not> the XS version of L<Convert::BER>, but a different |
400 | This module is I<not> the XS version of L<Convert::BER>, but a different |
48 | take at doing the same thing. I imagine this module would be a good base |
401 | take at doing the same thing. I imagine this module would be a good base |
49 | for speeding up either fo these, or write a similar module, or write your |
402 | for speeding up either of these, or write a similar module, or write your |
50 | own LDAP or SNMP module for example. |
403 | own LDAP or SNMP module for example. |
51 | |
404 | |
52 | =cut |
405 | =cut |
53 | |
406 | |
54 | package Convert::BER::XS; |
407 | package Convert::BER::XS; |
… | |
… | |
56 | use common::sense; |
409 | use common::sense; |
57 | |
410 | |
58 | use XSLoader (); |
411 | use XSLoader (); |
59 | use Exporter qw(import); |
412 | use Exporter qw(import); |
60 | |
413 | |
|
|
414 | our $VERSION; |
|
|
415 | |
|
|
416 | BEGIN { |
61 | our $VERSION = '0.0'; |
417 | $VERSION = '1.0'; |
62 | |
|
|
63 | XSLoader::load __PACKAGE__, $VERSION; |
418 | XSLoader::load __PACKAGE__, $VERSION; |
|
|
419 | } |
64 | |
420 | |
65 | our %EXPORT_TAGS = ( |
421 | our %EXPORT_TAGS = ( |
66 | all => [qw( |
422 | const_index => [qw( |
67 | ber_decode |
423 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
|
|
424 | )], |
|
|
425 | const_asn_class => [qw( |
|
|
426 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
|
|
427 | )], |
|
|
428 | const_asn_tag => [qw( |
|
|
429 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OID ASN_OBJECT_IDENTIFIER |
|
|
430 | ASN_OBJECT_DESCRIPTOR ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
|
|
431 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
|
|
432 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
|
|
433 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
|
|
434 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
|
|
435 | )], |
|
|
436 | const_ber_type => [qw( |
|
|
437 | BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
|
|
438 | BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
|
|
439 | BER_TYPE_IPADDRESS BER_TYPE_CROAK |
|
|
440 | )], |
|
|
441 | const_snmp => [qw( |
|
|
442 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_GAUGE32 SNMP_UNSIGNED32 |
|
|
443 | SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
|
|
444 | )], |
|
|
445 | decode => [qw( |
|
|
446 | ber_decode ber_decode_prefix |
68 | ber_is ber_is_seq ber_is_i32 ber_is_oid |
447 | ber_is ber_is_seq ber_is_int ber_is_oid |
69 | BER_CLASS BER_TAG BER_CONSTRUCTED BER_DATA |
448 | ber_dump |
70 | ASN_BOOLEAN ASN_INTEGER32 ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OBJECT_IDENTIFIER ASN_TAG_BER ASN_TAG_MASK |
449 | )], |
71 | ASN_CONSTRUCTED ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE ASN_CLASS_MASK ASN_CLASS_SHIFT |
450 | encode => [qw( |
72 | ASN_SEQUENCE ASN_IPADDRESS ASN_COUNTER32 ASN_UNSIGNED32 ASN_TIMETICKS ASN_OPAQUE ASN_COUNTER64 |
451 | ber_encode |
|
|
452 | ber_int |
73 | )], |
453 | )], |
74 | ); |
454 | ); |
75 | |
455 | |
76 | our @EXPORT_OK = map @$_, values %EXPORT_TAGS; |
456 | our @EXPORT_OK = map @$_, values %EXPORT_TAGS; |
77 | |
457 | |
78 | 1; |
458 | $EXPORT_TAGS{all} = \@EXPORT_OK; |
|
|
459 | $EXPORT_TAGS{const_asn} = [map @{ $EXPORT_TAGS{$_} }, qw(const_asn_class const_asn_tag)]; |
|
|
460 | $EXPORT_TAGS{const} = [map @{ $EXPORT_TAGS{$_} }, qw(const_index const_asn)]; |
|
|
461 | |
|
|
462 | our $DEFAULT_PROFILE = new Convert::BER::XS::Profile; |
|
|
463 | |
|
|
464 | $DEFAULT_PROFILE->_set_default; |
|
|
465 | |
|
|
466 | # additional SNMP application types |
|
|
467 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
|
|
468 | |
|
|
469 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
|
|
470 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
|
|
471 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
|
|
472 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
|
|
473 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
|
|
474 | |
|
|
475 | =head2 DEBUGGING |
|
|
476 | |
|
|
477 | To aid debugging, you cna call the C<ber_dump> function to print a "nice" |
|
|
478 | representation to STDOUT. |
|
|
479 | |
|
|
480 | =over |
|
|
481 | |
|
|
482 | =item ber_dump $tuple[, $profile[, $prefix]] |
|
|
483 | |
|
|
484 | In addition to specifying the BER C<$tuple> to dump, youc an also specify |
|
|
485 | a C<$profile> and a C<$prefix> string that is printed in front of each line. |
|
|
486 | |
|
|
487 | If C<$profile> is C<$Convert::BER::XS::SNMP_PROFILE>, then C<ber_dump> |
|
|
488 | will try to improve its output for SNMP data. |
|
|
489 | |
|
|
490 | The output usually contains three columns, the "human readable" tag, the |
|
|
491 | BER type used to decode it, and the data value. |
|
|
492 | |
|
|
493 | This function is somewhat slow and uses a number of heuristics and tricks, |
|
|
494 | so it really is only suitable for debug prints. |
|
|
495 | |
|
|
496 | Example output: |
|
|
497 | |
|
|
498 | SEQUENCE |
|
|
499 | | OCTET_STRING bytes 800063784300454045045400000001 |
|
|
500 | | OCTET_STRING bytes |
|
|
501 | | CONTEXT (7) bytes CONSTRUCTED |
|
|
502 | | | INTEGER int 1058588941 |
|
|
503 | | | INTEGER int 0 |
|
|
504 | | | INTEGER int 0 |
|
|
505 | | | SEQUENCE |
|
|
506 | | | | SEQUENCE |
|
|
507 | | | | | OID oid 1.3.6.1.2.1.1.3.0 |
|
|
508 | | | | | TIMETICKS int 638085796 |
|
|
509 | |
|
|
510 | =back |
|
|
511 | |
|
|
512 | =cut |
|
|
513 | |
|
|
514 | # reverse enum, very slow and ugly hack |
|
|
515 | sub _re { |
|
|
516 | my ($export_tag, $value) = @_; |
|
|
517 | |
|
|
518 | for my $symbol (@{ $EXPORT_TAGS{$export_tag} }) { |
|
|
519 | $value == eval $symbol |
|
|
520 | and return $symbol; |
|
|
521 | } |
|
|
522 | |
|
|
523 | "($value)" |
|
|
524 | } |
|
|
525 | |
|
|
526 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
|
|
527 | |
|
|
528 | sub _ber_dump { |
|
|
529 | my ($ber, $profile, $indent) = @_; |
|
|
530 | |
|
|
531 | if (my $seq = ber_is_seq $ber) { |
|
|
532 | printf "%sSEQUENCE\n", $indent; |
|
|
533 | &_ber_dump ($_, $profile, "$indent| ") |
|
|
534 | for @$seq; |
|
|
535 | } else { |
|
|
536 | my $asn = $ber->[BER_CLASS] == ASN_UNIVERSAL; |
|
|
537 | |
|
|
538 | my $class = _re const_asn_class => $ber->[BER_CLASS]; |
|
|
539 | my $tag = $asn ? _re const_asn_tag => $ber->[BER_TAG] : $ber->[BER_TAG]; |
|
|
540 | my $type = _re const_ber_type => $profile->get ($ber->[BER_CLASS], $ber->[BER_TAG]); |
|
|
541 | my $data = $ber->[BER_DATA]; |
|
|
542 | |
|
|
543 | if ($profile == $SNMP_PROFILE and $ber->[BER_CLASS] == ASN_APPLICATION) { |
|
|
544 | $tag = _re const_snmp => $ber->[BER_TAG]; |
|
|
545 | } elsif (!$asn) { |
|
|
546 | $tag = "$class ($tag)"; |
|
|
547 | } |
|
|
548 | |
|
|
549 | $class =~ s/^ASN_//; |
|
|
550 | $tag =~ s/^(ASN_|SNMP_)//; |
|
|
551 | $type =~ s/^BER_TYPE_//; |
|
|
552 | |
|
|
553 | if ($ber->[BER_FLAGS]) { |
|
|
554 | printf "$indent%-16.16s %-6.6s CONSTRUCTED\n", $tag, lc $type; |
|
|
555 | &_ber_dump ($_, $profile, "$indent| ") |
|
|
556 | for @$data; |
|
|
557 | } else { |
|
|
558 | if ($data =~ y/\x20-\x7e//c / (length $data || 1) > 0.2 or $data =~ /\x00./s) { |
|
|
559 | # assume binary |
|
|
560 | $data = unpack "H*", $data; |
|
|
561 | } else { |
|
|
562 | $data =~ s/[^\x20-\x7e]/./g; |
|
|
563 | $data = "\"$data\"" if $type =~ /string/i || !length $data; |
|
|
564 | } |
|
|
565 | |
|
|
566 | substr $data, 40, 1e9, "..." if 40 < length $data; |
|
|
567 | |
|
|
568 | printf "$indent%-16.16s %-6.6s %s\n", $tag, lc $type, $data; |
|
|
569 | } |
|
|
570 | } |
|
|
571 | } |
|
|
572 | |
|
|
573 | sub ber_dump($;$$) { |
|
|
574 | _ber_dump $_[0], $_[1] || $DEFAULT_PROFILE, $_[2]; |
|
|
575 | } |
|
|
576 | |
|
|
577 | =head1 PROFILES |
|
|
578 | |
|
|
579 | While any BER data can be correctly encoded and decoded out of the box, it |
|
|
580 | can be inconvenient to have to manually decode some values into a "better" |
|
|
581 | format: for instance, SNMP TimeTicks values are decoded into the raw octet |
|
|
582 | strings of their BER representation, which is quite hard to decode. With |
|
|
583 | profiles, you can change which class/tag combinations map to which decoder |
|
|
584 | function inside C<ber_decode> (and of course also which encoder functions |
|
|
585 | are used in C<ber_encode>). |
|
|
586 | |
|
|
587 | This works by mapping specific class/tag combinations to an internal "ber |
|
|
588 | type". |
|
|
589 | |
|
|
590 | The default profile supports the standard ASN.1 types, but no |
|
|
591 | application-specific ones. This means that class/tag combinations not in |
|
|
592 | the base set of ASN.1 are decoded into their raw octet strings. |
|
|
593 | |
|
|
594 | C<Convert::BER::XS> defines two profile variables you can use out of the box: |
|
|
595 | |
|
|
596 | =over |
|
|
597 | |
|
|
598 | =item C<$Convert::BER::XS::DEFAULT_PROFILE> |
|
|
599 | |
|
|
600 | This is the default profile, i.e. the profile that is used when no |
|
|
601 | profile is specified for de-/encoding. |
|
|
602 | |
|
|
603 | You can modify it, but remember that this modifies the defaults for all |
|
|
604 | callers that rely on the default profile. |
|
|
605 | |
|
|
606 | =item C<$Convert::BER::XS::SNMP_PROFILE> |
|
|
607 | |
|
|
608 | A profile with mappings for SNMP-specific application tags added. This is |
|
|
609 | useful when de-/encoding SNMP data. |
|
|
610 | |
|
|
611 | Example: |
|
|
612 | |
|
|
613 | $ber = ber_decode $data, $Convert::BER::XS::SNMP_PROFILE; |
|
|
614 | |
|
|
615 | =back |
|
|
616 | |
|
|
617 | =head2 The Convert::BER::XS::Profile class |
|
|
618 | |
|
|
619 | =over |
|
|
620 | |
|
|
621 | =item $profile = new Convert::BER::XS::Profile |
|
|
622 | |
|
|
623 | Create a new profile. The profile will be identical to the default |
|
|
624 | profile. |
|
|
625 | |
|
|
626 | =item $profile->set ($class, $tag, $type) |
|
|
627 | |
|
|
628 | Sets the mapping for the given C<$class>/C<$tag> combination to C<$type>, |
|
|
629 | which must be one of the C<BER_TYPE_*> constants. |
|
|
630 | |
|
|
631 | Note that currently, the mapping is stored in a flat array, so large |
|
|
632 | values of C<$tag> will consume large amounts of memory. |
|
|
633 | |
|
|
634 | Example: |
|
|
635 | |
|
|
636 | $profile = new Convert::BER::XS::Profile; |
|
|
637 | $profile->set (ASN_APPLICATION, SNMP_COUNTER32, BER_TYPE_INT); |
|
|
638 | $ber = ber_decode $data, $profile; |
|
|
639 | |
|
|
640 | =item $type = $profile->get ($class, $tag) |
|
|
641 | |
|
|
642 | Returns the BER type mapped to the given C<$class>/C<$tag> combination. |
|
|
643 | |
|
|
644 | =back |
|
|
645 | |
|
|
646 | =head2 BER TYPES |
|
|
647 | |
|
|
648 | This lists the predefined BER types - you can map any C<CLASS>/C<TAG> |
|
|
649 | combination to any C<BER_TYPE_*>. |
|
|
650 | |
|
|
651 | =over |
|
|
652 | |
|
|
653 | =item C<BER_TYPE_BYTES> |
|
|
654 | |
|
|
655 | The raw octets of the value. This is the default type for unknown tags and |
|
|
656 | de-/encodes the value as if it were an octet string, i.e. by copying the |
|
|
657 | raw bytes. |
|
|
658 | |
|
|
659 | =item C<BER_TYPE_UTF8> |
|
|
660 | |
|
|
661 | Like C<BER_TYPE_BYTES>, but decodes the value as if it were a UTF-8 string |
|
|
662 | (without validation!) and encodes a perl unicode string into a UTF-8 BER |
|
|
663 | string. |
|
|
664 | |
|
|
665 | =item C<BER_TYPE_UCS2> |
|
|
666 | |
|
|
667 | Similar to C<BER_TYPE_UTF8>, but treats the BER value as UCS-2 encoded |
|
|
668 | string. |
|
|
669 | |
|
|
670 | =item C<BER_TYPE_UCS4> |
|
|
671 | |
|
|
672 | Similar to C<BER_TYPE_UTF8>, but treats the BER value as UCS-4 encoded |
|
|
673 | string. |
|
|
674 | |
|
|
675 | =item C<BER_TYPE_INT> |
|
|
676 | |
|
|
677 | Encodes and decodes a BER integer value to a perl integer scalar. This |
|
|
678 | should correctly handle 64 bit signed and unsigned values. |
|
|
679 | |
|
|
680 | =item C<BER_TYPE_OID> |
|
|
681 | |
|
|
682 | Encodes and decodes an OBJECT IDENTIFIER into dotted form without leading |
|
|
683 | dot, e.g. C<1.3.6.1.213>. |
|
|
684 | |
|
|
685 | =item C<BER_TYPE_RELOID> |
|
|
686 | |
|
|
687 | Same as C<BER_TYPE_OID> but uses relative object identifier |
|
|
688 | encoding: ASN.1 has this hack of encoding the first two OID components |
|
|
689 | into a single integer in a weird attempt to save an insignificant amount |
|
|
690 | of space in an otherwise wasteful encoding, and relative OIDs are |
|
|
691 | basically OIDs without this hack. The practical difference is that the |
|
|
692 | second component of an OID can only have the values 1..40, while relative |
|
|
693 | OIDs do not have this restriction. |
|
|
694 | |
|
|
695 | =item C<BER_TYPE_NULL> |
|
|
696 | |
|
|
697 | Decodes an C<ASN_NULL> value into C<undef>, and always encodes a |
|
|
698 | C<ASN_NULL> type, regardless of the perl value. |
|
|
699 | |
|
|
700 | =item C<BER_TYPE_BOOL> |
|
|
701 | |
|
|
702 | Decodes an C<ASN_BOOLEAN> value into C<0> or C<1>, and encodes a perl |
|
|
703 | boolean value into an C<ASN_BOOLEAN>. |
|
|
704 | |
|
|
705 | =item C<BER_TYPE_REAL> |
|
|
706 | |
|
|
707 | Decodes/encodes a BER real value. NOT IMPLEMENTED. |
|
|
708 | |
|
|
709 | =item C<BER_TYPE_IPADDRESS> |
|
|
710 | |
|
|
711 | Decodes/encodes a four byte string into an IPv4 dotted-quad address string |
|
|
712 | in Perl. Given the obsolete nature of this type, this is a low-effort |
|
|
713 | implementation that simply uses C<sprintf> and C<sscanf>-style conversion, |
|
|
714 | so it won't handle all string forms supported by C<inet_aton> for example. |
|
|
715 | |
|
|
716 | =item C<BER_TYPE_CROAK> |
|
|
717 | |
|
|
718 | Always croaks when encountered during encoding or decoding - the |
|
|
719 | default behaviour when encountering an unknown type is to treat it as |
|
|
720 | C<BER_TYPE_BYTES>. When you don't want that but instead prefer a hard |
|
|
721 | error for some types, then C<BER_TYPE_CROAK> is for you. |
|
|
722 | |
|
|
723 | =back |
|
|
724 | |
|
|
725 | =head2 Example Profile |
|
|
726 | |
|
|
727 | The following creates a profile suitable for SNMP - it's exactly identical |
|
|
728 | to the C<$Convert::BER::XS::SNMP_PROFILE> profile. |
|
|
729 | |
|
|
730 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
|
|
731 | |
|
|
732 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
|
|
733 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
|
|
734 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
|
|
735 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
|
|
736 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
|
|
737 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
|
|
738 | |
|
|
739 | =head2 LIMITATIONS/NOTES |
|
|
740 | |
|
|
741 | This module can only en-/decode 64 bit signed and unsigned integers, and |
|
|
742 | only when your perl supports those. |
|
|
743 | |
|
|
744 | This module does not generally care about ranges, i.e. it will happily |
|
|
745 | de-/encode 64 bit integers into an C<ASN_INTEGER> value, or a negative |
|
|
746 | number into an C<SNMP_COUNTER64>. |
|
|
747 | |
|
|
748 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
|
|
749 | much larger than e.g. the one imposed by SNMP or other protocols,a nd is |
|
|
750 | about 4kB. |
|
|
751 | |
|
|
752 | Indefinite length encoding is not supported. |
|
|
753 | |
|
|
754 | Constructed strings are decoded just fine, but there should be a way to |
|
|
755 | join them for convenience. |
|
|
756 | |
|
|
757 | REAL values are not supported and will currently croak. |
|
|
758 | |
|
|
759 | The encoder and decoder tend to accept more formats than should be |
|
|
760 | strictly supported. |
|
|
761 | |
|
|
762 | This module has undergone little to no testing so far. |
|
|
763 | |
|
|
764 | =head2 ITHREADS SUPPORT |
|
|
765 | |
|
|
766 | This module is unlikely to work when the (officially discouraged) ithreads |
|
|
767 | are in use. |
79 | |
768 | |
80 | =head1 AUTHOR |
769 | =head1 AUTHOR |
81 | |
770 | |
82 | Marc Lehmann <schmorp@schmorp.de> |
771 | Marc Lehmann <schmorp@schmorp.de> |
83 | http://software.schmorp.de/pkg/Convert-BER-XS |
772 | http://software.schmorp.de/pkg/Convert-BER-XS |
84 | |
773 | |
85 | =cut |
774 | =cut |
86 | |
775 | |
|
|
776 | 1; |
|
|
777 | |