… | |
… | |
8 | |
8 | |
9 | my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
9 | my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
10 | or die "unable to decode SNMP message"; |
10 | or die "unable to decode SNMP message"; |
11 | |
11 | |
12 | # The above results in a data structure consisting of |
12 | # The above results in a data structure consisting of |
13 | # (class, tag, # constructed, data) |
13 | # (class, tag, flags, data) |
14 | # tuples. Below is such a message, SNMPv1 trap |
14 | # tuples. Below is such a message, SNMPv1 trap |
15 | # with a Cisco mac change notification. |
15 | # with a Cisco mac change notification. |
16 | # Did you know that Cisco is in the news almost |
16 | # Did you know that Cisco is in the news almost |
17 | # every week because of some backdoor password |
17 | # every week because of some backdoor password |
18 | # or other extremely stupid security bug? |
18 | # or other extremely stupid security bug? |
… | |
… | |
36 | [ ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "...data..." # the value |
36 | [ ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "...data..." # the value |
37 | ] |
37 | ] |
38 | ] |
38 | ] |
39 | ], |
39 | ], |
40 | ... |
40 | ... |
|
|
41 | # let's dump it, for debugging |
|
|
42 | |
|
|
43 | ber_dump $ber, $Convert::BER::XS::SNMP_PROFILE; |
41 | |
44 | |
42 | # let's decode it a bit with some helper functions |
45 | # let's decode it a bit with some helper functions |
43 | |
46 | |
44 | my $msg = ber_is_seq $ber |
47 | my $msg = ber_is_seq $ber |
45 | or die "SNMP message does not start with a sequence"; |
48 | or die "SNMP message does not start with a sequence"; |
… | |
… | |
66 | |
69 | |
67 | my $buf = ber_encode $ber, $Convert::BER::XS::SNMP_PROFILE; |
70 | my $buf = ber_encode $ber, $Convert::BER::XS::SNMP_PROFILE; |
68 | |
71 | |
69 | =head1 DESCRIPTION |
72 | =head1 DESCRIPTION |
70 | |
73 | |
71 | WARNING: Before release 1.0, the API is not considered stable in any way. |
|
|
72 | |
|
|
73 | This module implements a I<very> low level BER/DER en-/decoder. |
74 | This module implements a I<very> low level BER/DER en-/decoder. |
74 | |
75 | |
75 | It is tuned for low memory and high speed, while still maintaining some |
76 | It is tuned for low memory and high speed, while still maintaining some |
76 | level of user-friendlyness. |
77 | level of user-friendlyness. |
77 | |
78 | |
… | |
… | |
105 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
106 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
106 | |
107 | |
107 | =item C<:const_asn> |
108 | =item C<:const_asn> |
108 | |
109 | |
109 | ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
110 | ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
110 | exactly thw two topmost bits from the identifier octet shifted 6 bits to |
111 | exactly the two topmost bits from the identifier octet shifted 6 bits to |
111 | the right): |
112 | the right): |
112 | |
113 | |
113 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
114 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
114 | |
115 | |
115 | ASN tag values (some of which are aliases, such as C<ASN_OID>). Their |
116 | ASN tag values (some of which are aliases, such as C<ASN_OID>). Their |
116 | numerical value corresponds exactly to the numbers used in BER/X.690. |
117 | numerical value corresponds exactly to the numbers used in BER/X.690. |
117 | |
118 | |
118 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OBJECT_IDENTIFIER |
119 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OID |
119 | ASN_OBJECT_DESCRIPTOR ASN_OID ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
120 | ASN_OBJECT_IDENTIFIER ASN_OBJECT_DESCRIPTOR ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
120 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
121 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
121 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
122 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
122 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
123 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
123 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
124 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
124 | |
125 | |
… | |
… | |
134 | |
135 | |
135 | Constants only relevant to SNMP. These are the tag values used by SNMP in |
136 | Constants only relevant to SNMP. These are the tag values used by SNMP in |
136 | the C<ASN_APPLICATION> namespace and have the exact numerical value as in |
137 | the C<ASN_APPLICATION> namespace and have the exact numerical value as in |
137 | BER/RFC 2578. |
138 | BER/RFC 2578. |
138 | |
139 | |
139 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_UNSIGNED32 SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
140 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_UNSIGNED32 SNMP_GAUGE32 |
|
|
141 | SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
140 | |
142 | |
141 | =item C<:decode> |
143 | =item C<:decode> |
142 | |
144 | |
143 | C<ber_decode> and the match helper functions: |
145 | C<ber_decode> and the match helper functions: |
144 | |
146 | |
|
|
147 | ber_decode ber-decode_prefix |
145 | ber_decode ber_is ber_is_seq ber_is_int ber_is_oid |
148 | ber_is ber_is_seq ber_is_int ber_is_oid |
|
|
149 | ber_dump |
146 | |
150 | |
147 | =item C<:encode> |
151 | =item C<:encode> |
148 | |
152 | |
149 | C<ber_encode> and the construction helper functions: |
153 | C<ber_encode> and the construction helper functions: |
150 | |
154 | |
151 | ber_encode ber_int |
155 | ber_encode |
|
|
156 | ber_int |
152 | |
157 | |
153 | =back |
158 | =back |
154 | |
159 | |
155 | =head2 ASN.1/BER/DER/... BASICS |
160 | =head2 ASN.1/BER/DER/... BASICS |
156 | |
161 | |
… | |
… | |
252 | |
257 | |
253 | =head2 DECODING AND ENCODING |
258 | =head2 DECODING AND ENCODING |
254 | |
259 | |
255 | =over |
260 | =over |
256 | |
261 | |
257 | =item $tuple = ber_decoded $bindata[, $profile] |
262 | =item $tuple = ber_decode $bindata[, $profile] |
258 | |
263 | |
259 | Decodes binary BER data in C<$bindata> and returns the resulting BER |
264 | Decodes binary BER data in C<$bindata> and returns the resulting BER |
260 | tuple. Croaks on any decoding error, so the returned C<$tuple> is always |
265 | tuple. Croaks on any decoding error, so the returned C<$tuple> is always |
261 | valid. |
266 | valid. |
262 | |
267 | |
… | |
… | |
275 | |
280 | |
276 | Example: as above, but use the provided SNMP profile. |
281 | Example: as above, but use the provided SNMP profile. |
277 | |
282 | |
278 | $tuple = ber_encode $data, $Convert::BER::XS::SNMP_PROFILE; |
283 | $tuple = ber_encode $data, $Convert::BER::XS::SNMP_PROFILE; |
279 | |
284 | |
|
|
285 | =item ($tuple, $bytes) = ber_decode_prefix $bindata[, $profile] |
|
|
286 | |
|
|
287 | Works like C<ber_decode>, except it doesn't croak when there is data after |
|
|
288 | the BER data, but instead returns the decoded value and the number of |
|
|
289 | bytes it decoded. |
|
|
290 | |
|
|
291 | This is useful when you have BER data at the start of a buffer and other |
|
|
292 | data after, and you need to find the length. |
|
|
293 | |
|
|
294 | Also, since BER is self-delimited, this can be used to decode multiple BER |
|
|
295 | values joined together. |
|
|
296 | |
280 | =item $bindata = ber_encode $tuple[, $profile] |
297 | =item $bindata = ber_encode $tuple[, $profile] |
281 | |
298 | |
282 | Encodes the BER tuple into a BER/DER data structure. AS with |
299 | Encodes the BER tuple into a BER/DER data structure. As with |
283 | Cyber_decode>, an optional profile can be given. |
300 | Cyber_decode>, an optional profile can be given. |
284 | |
301 | |
285 | The encoded data should be both BER and DER ("shortest form") compliant |
302 | The encoded data should be both BER and DER ("shortest form") compliant |
286 | unless the input says otherwise (e.g. it uses constructed strings). |
303 | unless the input says otherwise (e.g. it uses constructed strings). |
287 | |
304 | |
… | |
… | |
303 | a ease-of-use exception, they usually also accept C<undef> instead of a |
320 | a ease-of-use exception, they usually also accept C<undef> instead of a |
304 | tuple reference, in which case they silently fail to match. |
321 | tuple reference, in which case they silently fail to match. |
305 | |
322 | |
306 | =over |
323 | =over |
307 | |
324 | |
308 | =item $bool = ber_is $tuple, $class, $tag, $constructed, $data |
325 | =item $bool = ber_is $tuple, $class, $tag, $flags, $data |
309 | |
326 | |
310 | This takes a BER C<$tuple> and matches its elements against the provided |
327 | This takes a BER C<$tuple> and matches its elements against the provided |
311 | values, all of which are optional - values that are either missing or |
328 | values, all of which are optional - values that are either missing or |
312 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
329 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
313 | you used C<==> or C<eq> (for C<$data>)). |
330 | you used C<==> or C<eq> (for C<$data>)). |
… | |
… | |
390 | use common::sense; |
407 | use common::sense; |
391 | |
408 | |
392 | use XSLoader (); |
409 | use XSLoader (); |
393 | use Exporter qw(import); |
410 | use Exporter qw(import); |
394 | |
411 | |
|
|
412 | use Carp (); |
|
|
413 | |
395 | our $VERSION; |
414 | our $VERSION; |
396 | |
415 | |
397 | BEGIN { |
416 | BEGIN { |
398 | $VERSION = 0.8; |
417 | $VERSION = 1.21; |
399 | XSLoader::load __PACKAGE__, $VERSION; |
418 | XSLoader::load __PACKAGE__, $VERSION; |
400 | } |
419 | } |
401 | |
420 | |
402 | our %EXPORT_TAGS = ( |
421 | our %EXPORT_TAGS = ( |
403 | const_index => [qw( |
422 | const_index => [qw( |
404 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
423 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
405 | )], |
424 | )], |
|
|
425 | const_asn_class => [qw( |
|
|
426 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
|
|
427 | )], |
406 | const_asn => [qw( |
428 | const_asn_tag => [qw( |
407 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OBJECT_IDENTIFIER |
429 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OID ASN_OBJECT_IDENTIFIER |
408 | ASN_OBJECT_DESCRIPTOR ASN_OID ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
430 | ASN_OBJECT_DESCRIPTOR ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
409 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
431 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
410 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
432 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
411 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
433 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
412 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
434 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
413 | |
|
|
414 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
|
|
415 | )], |
435 | )], |
416 | const_ber_type => [qw( |
436 | const_ber_type => [qw( |
417 | BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
437 | BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
418 | BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
438 | BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
419 | BER_TYPE_IPADDRESS BER_TYPE_CROAK |
439 | BER_TYPE_IPADDRESS BER_TYPE_CROAK |
420 | )], |
440 | )], |
421 | const_snmp => [qw( |
441 | const_snmp => [qw( |
422 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_UNSIGNED32 SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
442 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_GAUGE32 SNMP_UNSIGNED32 |
|
|
443 | SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
423 | )], |
444 | )], |
424 | decode => [qw( |
445 | decode => [qw( |
425 | ber_decode |
446 | ber_decode ber_decode_prefix |
426 | ber_is ber_is_seq ber_is_int ber_is_oid |
447 | ber_is ber_is_seq ber_is_int ber_is_oid |
|
|
448 | ber_dump |
427 | )], |
449 | )], |
428 | encode => [qw( |
450 | encode => [qw( |
429 | ber_encode |
451 | ber_encode |
430 | ber_int |
452 | ber_int |
431 | )], |
453 | )], |
432 | ); |
454 | ); |
433 | |
455 | |
434 | our @EXPORT_OK = map @$_, values %EXPORT_TAGS; |
456 | our @EXPORT_OK = map @$_, values %EXPORT_TAGS; |
435 | |
457 | |
436 | $EXPORT_TAGS{all} = \@EXPORT_OK; |
458 | $EXPORT_TAGS{all} = \@EXPORT_OK; |
|
|
459 | $EXPORT_TAGS{const_asn} = [map @{ $EXPORT_TAGS{$_} }, qw(const_asn_class const_asn_tag)]; |
437 | $EXPORT_TAGS{const} = [map @{ $EXPORT_TAGS{$_} }, qw(const_index const_asn)]; |
460 | $EXPORT_TAGS{const} = [map @{ $EXPORT_TAGS{$_} }, qw(const_index const_asn)]; |
|
|
461 | |
|
|
462 | our $DEFAULT_PROFILE = new Convert::BER::XS::Profile; |
|
|
463 | |
|
|
464 | $DEFAULT_PROFILE->_set_default; |
|
|
465 | |
|
|
466 | # additional SNMP application types |
|
|
467 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
|
|
468 | |
|
|
469 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
|
|
470 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
|
|
471 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
|
|
472 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
|
|
473 | |
|
|
474 | # decodes REAL values according to ECMA-63 |
|
|
475 | # this is pretty strict, except it doesn't catch -0. |
|
|
476 | # I don't have access to ISO 6093 (or BS 6727, or ANSI X.3-42)), so this is all guesswork. |
|
|
477 | sub _decode_real_decimal { |
|
|
478 | my ($format, $val) = @_; |
|
|
479 | |
|
|
480 | $val =~ y/,/./; # probably not in ISO-6093 |
|
|
481 | |
|
|
482 | if ($format == 1) { |
|
|
483 | $val =~ /^ \ * [+-]? [0-9]+ \z/x |
|
|
484 | or Carp::croak "BER_TYPE_REAL NR1 value not in NR1 format ($val) (X.690 8.5.8)"; |
|
|
485 | } elsif ($format == 2) { |
|
|
486 | $val =~ /^ \ * [+-]? (?: [0-9]+\.[0-9]* | [0-9]*\.[0-9]+ ) \z/x |
|
|
487 | or Carp::croak "BER_TYPE_REAL NR2 value not in NR2 format ($val) (X.690 8.5.8)"; |
|
|
488 | } elsif ($format == 3) { |
|
|
489 | $val =~ /^ \ * [+-] (?: [0-9]+\.[0-9]* | [0-9]*\.[0-9]+ ) [eE] [+-]? [0-9]+ \z/x |
|
|
490 | or Carp::croak "BER_TYPE_REAL NR3 value not in NR3 format ($val) (X.690 8.5.8)"; |
|
|
491 | } else { |
|
|
492 | Carp::croak "BER_TYPE_REAL invalid decimal numerical representation format $format"; |
|
|
493 | } |
|
|
494 | |
|
|
495 | $val |
|
|
496 | } |
|
|
497 | |
|
|
498 | # this is a mess, but perl's support for floating point formatting is nearly nonexistant |
|
|
499 | sub _encode_real_decimal { |
|
|
500 | my ($val, $nvdig) = @_; |
|
|
501 | |
|
|
502 | $val = sprintf "%.*G", $nvdig + 1, $val; |
|
|
503 | |
|
|
504 | if ($val =~ /E/) { |
|
|
505 | $val =~ s/E(?=[^+-])/E+/; |
|
|
506 | $val =~ s/E/.E/ if $val !~ /\./; |
|
|
507 | $val =~ s/^/+/ unless $val =~ /^-/; |
|
|
508 | |
|
|
509 | return "\x03$val" # NR3 |
|
|
510 | } |
|
|
511 | |
|
|
512 | $val =~ /\./ |
|
|
513 | ? "\x02$val" # NR2 |
|
|
514 | : "\x01$val" # NR1 |
|
|
515 | } |
|
|
516 | |
|
|
517 | =head2 DEBUGGING |
|
|
518 | |
|
|
519 | To aid debugging, you can call the C<ber_dump> function to print a "nice" |
|
|
520 | representation to STDOUT. |
|
|
521 | |
|
|
522 | =over |
|
|
523 | |
|
|
524 | =item ber_dump $tuple[, $profile[, $prefix]] |
|
|
525 | |
|
|
526 | In addition to specifying the BER C<$tuple> to dump, you can also specify |
|
|
527 | a C<$profile> and a C<$prefix> string that is printed in front of each line. |
|
|
528 | |
|
|
529 | If C<$profile> is C<$Convert::BER::XS::SNMP_PROFILE>, then C<ber_dump> |
|
|
530 | will try to improve its output for SNMP data. |
|
|
531 | |
|
|
532 | The output usually contains three columns, the "human readable" tag, the |
|
|
533 | BER type used to decode it, and the data value. |
|
|
534 | |
|
|
535 | This function is somewhat slow and uses a number of heuristics and tricks, |
|
|
536 | so it really is only suitable for debug prints. |
|
|
537 | |
|
|
538 | Example output: |
|
|
539 | |
|
|
540 | SEQUENCE |
|
|
541 | | OCTET_STRING bytes 800063784300454045045400000001 |
|
|
542 | | OCTET_STRING bytes |
|
|
543 | | CONTEXT (7) CONSTRUCTED |
|
|
544 | | | INTEGER int 1058588941 |
|
|
545 | | | INTEGER int 0 |
|
|
546 | | | INTEGER int 0 |
|
|
547 | | | SEQUENCE |
|
|
548 | | | | SEQUENCE |
|
|
549 | | | | | OID oid 1.3.6.1.2.1.1.3.0 |
|
|
550 | | | | | TIMETICKS int 638085796 |
|
|
551 | |
|
|
552 | =back |
|
|
553 | |
|
|
554 | =cut |
|
|
555 | |
|
|
556 | # reverse enum, very slow and ugly hack |
|
|
557 | sub _re { |
|
|
558 | my ($export_tag, $value) = @_; |
|
|
559 | |
|
|
560 | for my $symbol (@{ $EXPORT_TAGS{$export_tag} }) { |
|
|
561 | $value == eval $symbol |
|
|
562 | and return $symbol; |
|
|
563 | } |
|
|
564 | |
|
|
565 | "($value)" |
|
|
566 | } |
|
|
567 | |
|
|
568 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
|
|
569 | |
|
|
570 | sub _ber_dump { |
|
|
571 | my ($ber, $profile, $indent) = @_; |
|
|
572 | |
|
|
573 | if (my $seq = ber_is_seq $ber) { |
|
|
574 | printf "%sSEQUENCE\n", $indent; |
|
|
575 | &_ber_dump ($_, $profile, "$indent| ") |
|
|
576 | for @$seq; |
|
|
577 | } else { |
|
|
578 | my $asn = $ber->[BER_CLASS] == ASN_UNIVERSAL; |
|
|
579 | |
|
|
580 | my $class = _re const_asn_class => $ber->[BER_CLASS]; |
|
|
581 | my $tag = $asn ? _re const_asn_tag => $ber->[BER_TAG] : $ber->[BER_TAG]; |
|
|
582 | my $type = _re const_ber_type => $profile->get ($ber->[BER_CLASS], $ber->[BER_TAG]); |
|
|
583 | my $data = $ber->[BER_DATA]; |
|
|
584 | |
|
|
585 | if ($profile == $SNMP_PROFILE and $ber->[BER_CLASS] == ASN_APPLICATION) { |
|
|
586 | $tag = _re const_snmp => $ber->[BER_TAG]; |
|
|
587 | } elsif (!$asn) { |
|
|
588 | $tag = "$class ($tag)"; |
|
|
589 | } |
|
|
590 | |
|
|
591 | $class =~ s/^ASN_//; |
|
|
592 | $tag =~ s/^(ASN_|SNMP_)//; |
|
|
593 | $type =~ s/^BER_TYPE_//; |
|
|
594 | |
|
|
595 | if ($ber->[BER_FLAGS]) { |
|
|
596 | printf "$indent%-16.16s\n", $tag; |
|
|
597 | &_ber_dump ($_, $profile, "$indent| ") |
|
|
598 | for @$data; |
|
|
599 | } else { |
|
|
600 | if ($data =~ y/\x20-\x7e//c / (length $data || 1) > 0.2 or $data =~ /\x00./s) { |
|
|
601 | # assume binary |
|
|
602 | $data = unpack "H*", $data; |
|
|
603 | } else { |
|
|
604 | $data =~ s/[^\x20-\x7e]/./g; |
|
|
605 | $data = "\"$data\"" if $tag =~ /string/i || !length $data; |
|
|
606 | } |
|
|
607 | |
|
|
608 | substr $data, 40, 1e9, "..." if 40 < length $data; |
|
|
609 | |
|
|
610 | printf "$indent%-16.16s %-6.6s %s\n", $tag, lc $type, $data; |
|
|
611 | } |
|
|
612 | } |
|
|
613 | } |
|
|
614 | |
|
|
615 | sub ber_dump($;$$) { |
|
|
616 | _ber_dump $_[0], $_[1] || $DEFAULT_PROFILE, $_[2]; |
|
|
617 | } |
438 | |
618 | |
439 | =head1 PROFILES |
619 | =head1 PROFILES |
440 | |
620 | |
441 | While any BER data can be correctly encoded and decoded out of the box, it |
621 | While any BER data can be correctly encoded and decoded out of the box, it |
442 | can be inconvenient to have to manually decode some values into a "better" |
622 | can be inconvenient to have to manually decode some values into a "better" |
… | |
… | |
503 | |
683 | |
504 | Returns the BER type mapped to the given C<$class>/C<$tag> combination. |
684 | Returns the BER type mapped to the given C<$class>/C<$tag> combination. |
505 | |
685 | |
506 | =back |
686 | =back |
507 | |
687 | |
508 | =head2 BER TYPES |
688 | =head2 BER Types |
509 | |
689 | |
510 | This lists the predefined BER types - you can map any C<CLASS>/C<TAG> |
690 | This lists the predefined BER types. BER types are formatters used |
511 | combination to any C<BER_TYPE_*>. |
691 | internally to format and encode BER values. You can assign any C<BER_TYPE> |
|
|
692 | to any C<CLASS>/C<TAG> combination tgo change how that tag is decoded or |
|
|
693 | encoded. |
512 | |
694 | |
513 | =over |
695 | =over |
514 | |
696 | |
515 | =item C<BER_TYPE_BYTES> |
697 | =item C<BER_TYPE_BYTES> |
516 | |
698 | |
… | |
… | |
545 | dot, e.g. C<1.3.6.1.213>. |
727 | dot, e.g. C<1.3.6.1.213>. |
546 | |
728 | |
547 | =item C<BER_TYPE_RELOID> |
729 | =item C<BER_TYPE_RELOID> |
548 | |
730 | |
549 | Same as C<BER_TYPE_OID> but uses relative object identifier |
731 | Same as C<BER_TYPE_OID> but uses relative object identifier |
550 | encoding: ASN.1 has this hack of encoding the first two OID components |
732 | encoding: ASN.1 uses some hack encoding of the first two OID components |
551 | into a single integer in a weird attempt to save an insignificant amount |
733 | into a single integer in a weird attempt to save an insignificant amount |
552 | of space in an otherwise wasteful encoding, and relative OIDs are |
734 | of space in an otherwise wasteful encoding, and relative OIDs are |
553 | basically OIDs without this hack. The practical difference is that the |
735 | basically OIDs without this hack. The practical difference is that the |
554 | second component of an OID can only have the values 1..40, while relative |
736 | second component of an OID can only have the values 1..40, while relative |
555 | OIDs do not have this restriction. |
737 | OIDs do not have this restriction. |
… | |
… | |
582 | C<BER_TYPE_BYTES>. When you don't want that but instead prefer a hard |
764 | C<BER_TYPE_BYTES>. When you don't want that but instead prefer a hard |
583 | error for some types, then C<BER_TYPE_CROAK> is for you. |
765 | error for some types, then C<BER_TYPE_CROAK> is for you. |
584 | |
766 | |
585 | =back |
767 | =back |
586 | |
768 | |
587 | =cut |
769 | =head2 Example Profile |
588 | |
770 | |
589 | our $DEFAULT_PROFILE = new Convert::BER::XS::Profile; |
771 | The following creates a profile suitable for SNMP - it's exactly identical |
|
|
772 | to the C<$Convert::BER::XS::SNMP_PROFILE> profile. |
|
|
773 | |
590 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
774 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
591 | |
775 | |
592 | # additional SNMP application types |
|
|
593 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
776 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
594 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
777 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
595 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
778 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
596 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
779 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
597 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
780 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_BYTES); |
598 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
781 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
599 | |
|
|
600 | $DEFAULT_PROFILE->_set_default; |
|
|
601 | |
|
|
602 | 1; |
|
|
603 | |
782 | |
604 | =head2 LIMITATIONS/NOTES |
783 | =head2 LIMITATIONS/NOTES |
605 | |
784 | |
606 | This module can only en-/decode 64 bit signed and unsigned integers, and |
785 | This module can only en-/decode 64 bit signed and unsigned |
607 | only when your perl supports those. |
786 | integers/tags/lengths, and only when your perl supports those. So no UUID |
|
|
787 | OIDs for now (unless you map the C<OBJECT IDENTIFIER> tag to something |
|
|
788 | other than C<BER_TYPE_OID>). |
608 | |
789 | |
609 | This module does not generally care about ranges, i.e. it will happily |
790 | This module does not generally care about ranges, i.e. it will happily |
610 | de-/encode 64 bit integers into an C<ASN_INTEGER> value, or a negative |
791 | de-/encode 64 bit integers into an C<SNMP_UNSIGNED32> value, or a negative |
611 | number into an C<SNMP_COUNTER64>. |
792 | number into an C<SNMP_COUNTER64>. |
612 | |
793 | |
613 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
794 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
614 | much larger than e.g. the one imposed by SNMP or other protocols,a nd is |
795 | much larger than e.g. the one imposed by SNMP or other protocols, and is |
615 | about 4kB. |
796 | about 4kB. |
616 | |
|
|
617 | Indefinite length encoding is not supported. |
|
|
618 | |
797 | |
619 | Constructed strings are decoded just fine, but there should be a way to |
798 | Constructed strings are decoded just fine, but there should be a way to |
620 | join them for convenience. |
799 | join them for convenience. |
621 | |
800 | |
622 | REAL values are not supported and will currently croak. |
801 | REAL values will always be encoded in decimal form and ssometimes is |
623 | |
802 | forced into a perl "NV" type, potentially losing precision. |
624 | This module has undergone little to no testing so far. |
|
|
625 | |
803 | |
626 | =head2 ITHREADS SUPPORT |
804 | =head2 ITHREADS SUPPORT |
627 | |
805 | |
628 | This module is unlikely to work when the (officially discouraged) ithreads |
806 | This module is unlikely to work in any other than the loading thread when |
629 | are in use. |
807 | the (officially discouraged) ithreads are in use. |
630 | |
808 | |
631 | =head1 AUTHOR |
809 | =head1 AUTHOR |
632 | |
810 | |
633 | Marc Lehmann <schmorp@schmorp.de> |
811 | Marc Lehmann <schmorp@schmorp.de> |
634 | http://software.schmorp.de/pkg/Convert-BER-XS |
812 | http://software.schmorp.de/pkg/Convert-BER-XS |
635 | |
813 | |
636 | =cut |
814 | =cut |
637 | |
815 | |
|
|
816 | 1; |
|
|
817 | |