| … | |
… | |
| 8 | |
8 | |
| 9 | my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
9 | my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
| 10 | or die "unable to decode SNMP message"; |
10 | or die "unable to decode SNMP message"; |
| 11 | |
11 | |
| 12 | # The above results in a data structure consisting of |
12 | # The above results in a data structure consisting of |
| 13 | # (class, tag, # constructed, data) |
13 | # (class, tag, flags, data) |
| 14 | # tuples. Below is such a message, SNMPv1 trap |
14 | # tuples. Below is such a message, SNMPv1 trap |
| 15 | # with a Cisco mac change notification. |
15 | # with a Cisco mac change notification. |
| 16 | # Did you know that Cisco is in the news almost |
16 | # Did you know that Cisco is in the news almost |
| 17 | # every week because of some backdoor password |
17 | # every week because of some backdoor password |
| 18 | # or other extremely stupid security bug? |
18 | # or other extremely stupid security bug? |
| … | |
… | |
| 100 | |
100 | |
| 101 | =item C<:const_index> |
101 | =item C<:const_index> |
| 102 | |
102 | |
| 103 | The BER tuple array index constants: |
103 | The BER tuple array index constants: |
| 104 | |
104 | |
| 105 | BER_CLASS BER_TAG BER_CONSTRUCTED BER_DATA |
105 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
| 106 | |
106 | |
| 107 | =item C<:const_asn> |
107 | =item C<:const_asn> |
| 108 | |
108 | |
| 109 | ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
109 | ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
| 110 | exactly thw two topmost bits from the identifier octet shifted 6 bits to |
110 | exactly thw two topmost bits from the identifier octet shifted 6 bits to |
| … | |
… | |
| 155 | =head2 ASN.1/BER/DER/... BASICS |
155 | =head2 ASN.1/BER/DER/... BASICS |
| 156 | |
156 | |
| 157 | ASN.1 is a strange language that can be used to describe protocols and |
157 | ASN.1 is a strange language that can be used to describe protocols and |
| 158 | data structures. It supports various mappings to JSON, XML, but most |
158 | data structures. It supports various mappings to JSON, XML, but most |
| 159 | importantly, to a various binary encodings such as BER, that is the topic |
159 | importantly, to a various binary encodings such as BER, that is the topic |
| 160 | of this module, and is used in SNMP or LDAP for example. |
160 | of this module, and is used in SNMP, LDAP or X.509 for example. |
| 161 | |
161 | |
| 162 | While ASN.1 defines a schema that is useful to interpret encoded data, |
162 | While ASN.1 defines a schema that is useful to interpret encoded data, |
| 163 | the BER encoding is actually somewhat self-describing: you might not know |
163 | the BER encoding is actually somewhat self-describing: you might not know |
| 164 | whether something is a string or a number or a sequence or something else, |
164 | whether something is a string or a number or a sequence or something else, |
| 165 | but you can nevertheless decode the overall structure, even if you end up |
165 | but you can nevertheless decode the overall structure, even if you end up |
| … | |
… | |
| 182 | =head2 DECODED BER REPRESENTATION |
182 | =head2 DECODED BER REPRESENTATION |
| 183 | |
183 | |
| 184 | This module represents every BER value as a 4-element tuple (actually an |
184 | This module represents every BER value as a 4-element tuple (actually an |
| 185 | array-reference): |
185 | array-reference): |
| 186 | |
186 | |
| 187 | [CLASS, TAG, CONSTRUCTED, DATA] |
187 | [CLASS, TAG, FLAGS, DATA] |
| 188 | |
188 | |
| 189 | For example: |
189 | For example: |
| 190 | |
190 | |
| 191 | [ASN_UNIVERSAL, ASN_INTEGER, 0, 177] # the integer 177 |
191 | [ASN_UNIVERSAL, ASN_INTEGER, 0, 177] # the integer 177 |
| 192 | [ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "john"] # the string "john" |
192 | [ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "john"] # the string "john" |
| 193 | [ASN_UNIVERSAL, ASN_OID, 0, "1.3.6.133"] # some OID |
193 | [ASN_UNIVERSAL, ASN_OID, 0, "1.3.6.133"] # some OID |
| 194 | [ASN_UNIVERSAL, ASN_SEQUENCE, 1, [ [ASN_UNIVERSAL... # a sequence |
194 | [ASN_UNIVERSAL, ASN_SEQUENCE, 1, [ [ASN_UNIVERSAL... # a sequence |
| 195 | |
195 | |
| 196 | To avoid non-descriptive hardcoded array index numbers, this module |
196 | To avoid non-descriptive hardcoded array index numbers, this module |
| 197 | defines symbolic constants to access these members: C<BER_CLASS>, |
197 | defines symbolic constants to access these members: C<BER_CLASS>, |
| 198 | C<BER_TAG>, C<BER_CONSTRUCTED> and C<BER_DATA>. |
198 | C<BER_TAG>, C<BER_FLAGS> and C<BER_DATA>. |
| 199 | |
199 | |
| 200 | Also, the first three members are integers with a little caveat: for |
200 | Also, the first three members are integers with a little caveat: for |
| 201 | performance reasons, these are readonly and shared, so you must not modify |
201 | performance reasons, these are readonly and shared, so you must not modify |
| 202 | them (increment, assign to them etc.) in any way. You may modify the |
202 | them (increment, assign to them etc.) in any way. You may modify the |
| 203 | I<DATA> member, and you may re-assign the array itself, e.g.: |
203 | I<DATA> member, and you may re-assign the array itself, e.g.: |
| 204 | |
204 | |
| 205 | $ber = ber_decode $binbuf; |
205 | $ber = ber_decode $binbuf; |
| 206 | |
206 | |
| 207 | # the following is NOT legal: |
207 | # the following is NOT legal: |
| 208 | $ber->[BER_CLASS] = ASN_PRIVATE; # ERROR, CLASS/TAG/CONSTRUCTED are READ ONLY(!) |
208 | $ber->[BER_CLASS] = ASN_PRIVATE; # ERROR, CLASS/TAG/FLAGS are READ ONLY(!) |
| 209 | |
209 | |
| 210 | # but all of the following are fine: |
210 | # but all of the following are fine: |
| 211 | $ber->[BER_DATA] = "string"; |
211 | $ber->[BER_DATA] = "string"; |
| 212 | $ber->[BER_DATA] = [ASN_UNIVERSAL, ASN_INTEGER, 0, 123]; |
212 | $ber->[BER_DATA] = [ASN_UNIVERSAL, ASN_INTEGER, 0, 123]; |
| 213 | @$ber = (ASN_APPLICATION, SNMP_TIMETICKS, 0, 1000); |
213 | @$ber = (ASN_APPLICATION, SNMP_TIMETICKS, 0, 1000); |
| … | |
… | |
| 231 | |
231 | |
| 232 | The most common tags in SNMP's C<ASN_APPLICATION> namespace are |
232 | The most common tags in SNMP's C<ASN_APPLICATION> namespace are |
| 233 | C<SNMP_COUNTER32>, C<SNMP_UNSIGNED32>, C<SNMP_TIMETICKS> and |
233 | C<SNMP_COUNTER32>, C<SNMP_UNSIGNED32>, C<SNMP_TIMETICKS> and |
| 234 | C<SNMP_COUNTER64>. |
234 | C<SNMP_COUNTER64>. |
| 235 | |
235 | |
| 236 | The I<CONSTRUCTED> flag is really just a boolean - if it is false, |
236 | The I<FLAGS> value is really just a boolean at this time (but might |
| 237 | the value is "primitive" and contains no subvalues, kind of like a |
237 | get extended) - if it is C<0>, the value is "primitive" and contains |
| 238 | non-reference perl scalar. If it is true, then the value is "constructed" |
238 | no subvalues, kind of like a non-reference perl scalar. If it is C<1>, |
| 239 | which just means it contains a list of subvalues which this module will |
239 | then the value is "constructed" which just means it contains a list of |
| 240 | en-/decode as BER tuples themselves. |
240 | subvalues which this module will en-/decode as BER tuples themselves. |
| 241 | |
241 | |
| 242 | The I<DATA> value is either a reference to an array of further tuples (if |
242 | The I<DATA> value is either a reference to an array of further tuples |
| 243 | the value is I<CONSTRUCTED>), some decoded representation of the value, |
243 | (if the value is I<FLAGS>), some decoded representation of the value, if |
| 244 | if this module knows how to decode it (e.g. for the integer types above) |
244 | this module knows how to decode it (e.g. for the integer types above) or |
| 245 | or a binary string with the raw octets if this module doesn't know how to |
245 | a binary string with the raw octets if this module doesn't know how to |
| 246 | interpret the namespace/tag. |
246 | interpret the namespace/tag. |
| 247 | |
247 | |
| 248 | Thus, you can always decode a BER data structure and at worst you get a |
248 | Thus, you can always decode a BER data structure and at worst you get a |
| 249 | string in place of some nice decoded value. |
249 | string in place of some nice decoded value. |
| 250 | |
250 | |
| … | |
… | |
| 280 | =item $bindata = ber_encode $tuple[, $profile] |
280 | =item $bindata = ber_encode $tuple[, $profile] |
| 281 | |
281 | |
| 282 | Encodes the BER tuple into a BER/DER data structure. AS with |
282 | Encodes the BER tuple into a BER/DER data structure. AS with |
| 283 | Cyber_decode>, an optional profile can be given. |
283 | Cyber_decode>, an optional profile can be given. |
| 284 | |
284 | |
|
|
285 | The encoded data should be both BER and DER ("shortest form") compliant |
|
|
286 | unless the input says otherwise (e.g. it uses constructed strings). |
|
|
287 | |
| 285 | =back |
288 | =back |
| 286 | |
289 | |
| 287 | =head2 HELPER FUNCTIONS |
290 | =head2 HELPER FUNCTIONS |
| 288 | |
291 | |
| 289 | Working with a 4-tuple for every value can be annoying. Or, rather, I<is> |
292 | Working with a 4-tuple for every value can be annoying. Or, rather, I<is> |
| … | |
… | |
| 300 | a ease-of-use exception, they usually also accept C<undef> instead of a |
303 | a ease-of-use exception, they usually also accept C<undef> instead of a |
| 301 | tuple reference, in which case they silently fail to match. |
304 | tuple reference, in which case they silently fail to match. |
| 302 | |
305 | |
| 303 | =over |
306 | =over |
| 304 | |
307 | |
| 305 | =item $bool = ber_is $tuple, $class, $tag, $constructed, $data |
308 | =item $bool = ber_is $tuple, $class, $tag, $flags, $data |
| 306 | |
309 | |
| 307 | This takes a BER C<$tuple> and matches its elements against the provided |
310 | This takes a BER C<$tuple> and matches its elements against the provided |
| 308 | values, all of which are optional - values that are either missing or |
311 | values, all of which are optional - values that are either missing or |
| 309 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
312 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
| 310 | you used C<==> or C<eq> (for C<$data>)). |
313 | you used C<==> or C<eq> (for C<$data>)). |
| … | |
… | |
| 396 | XSLoader::load __PACKAGE__, $VERSION; |
399 | XSLoader::load __PACKAGE__, $VERSION; |
| 397 | } |
400 | } |
| 398 | |
401 | |
| 399 | our %EXPORT_TAGS = ( |
402 | our %EXPORT_TAGS = ( |
| 400 | const_index => [qw( |
403 | const_index => [qw( |
| 401 | BER_CLASS BER_TAG BER_CONSTRUCTED BER_DATA |
404 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
| 402 | )], |
405 | )], |
| 403 | const_asn => [qw( |
406 | const_asn => [qw( |
| 404 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OBJECT_IDENTIFIER |
407 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OBJECT_IDENTIFIER |
| 405 | ASN_OBJECT_DESCRIPTOR ASN_OID ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
408 | ASN_OBJECT_DESCRIPTOR ASN_OID ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
| 406 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
409 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
| … | |
… | |
| 609 | |
612 | |
| 610 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
613 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
| 611 | much larger than e.g. the one imposed by SNMP or other protocols,a nd is |
614 | much larger than e.g. the one imposed by SNMP or other protocols,a nd is |
| 612 | about 4kB. |
615 | about 4kB. |
| 613 | |
616 | |
|
|
617 | Indefinite length encoding is not supported. |
|
|
618 | |
|
|
619 | Constructed strings are decoded just fine, but there should be a way to |
|
|
620 | join them for convenience. |
|
|
621 | |
| 614 | REAL values are not supported and will currently croak. |
622 | REAL values are not supported and will currently croak. |
| 615 | |
623 | |
| 616 | This module has undergone little to no testing so far. |
624 | This module has undergone little to no testing so far. |
| 617 | |
625 | |
| 618 | =head2 ITHREADS SUPPORT |
626 | =head2 ITHREADS SUPPORT |
