… | |
… | |
8 | |
8 | |
9 | my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
9 | my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
10 | or die "unable to decode SNMP message"; |
10 | or die "unable to decode SNMP message"; |
11 | |
11 | |
12 | # The above results in a data structure consisting of |
12 | # The above results in a data structure consisting of |
13 | # (class, tag, # constructed, data) |
13 | # (class, tag, flags, data) |
14 | # tuples. Below is such a message, SNMPv1 trap |
14 | # tuples. Below is such a message, SNMPv1 trap |
15 | # with a Cisco mac change notification. |
15 | # with a Cisco mac change notification. |
16 | # Did you know that Cisco is in the news almost |
16 | # Did you know that Cisco is in the news almost |
17 | # every week because of some backdoor password |
17 | # every week because of some backdoor password |
18 | # or other extremely stupid security bug? |
18 | # or other extremely stupid security bug? |
… | |
… | |
100 | |
100 | |
101 | =item C<:const_index> |
101 | =item C<:const_index> |
102 | |
102 | |
103 | The BER tuple array index constants: |
103 | The BER tuple array index constants: |
104 | |
104 | |
105 | BER_CLASS BER_TAG BER_CONSTRUCTED BER_DATA |
105 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
106 | |
106 | |
107 | =item C<:const_asn> |
107 | =item C<:const_asn> |
108 | |
108 | |
109 | ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
109 | ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
110 | exactly thw two topmost bits from the identifier octet shifted 6 bits to |
110 | exactly thw two topmost bits from the identifier octet shifted 6 bits to |
… | |
… | |
155 | =head2 ASN.1/BER/DER/... BASICS |
155 | =head2 ASN.1/BER/DER/... BASICS |
156 | |
156 | |
157 | ASN.1 is a strange language that can be used to describe protocols and |
157 | ASN.1 is a strange language that can be used to describe protocols and |
158 | data structures. It supports various mappings to JSON, XML, but most |
158 | data structures. It supports various mappings to JSON, XML, but most |
159 | importantly, to a various binary encodings such as BER, that is the topic |
159 | importantly, to a various binary encodings such as BER, that is the topic |
160 | of this module, and is used in SNMP or LDAP for example. |
160 | of this module, and is used in SNMP, LDAP or X.509 for example. |
161 | |
161 | |
162 | While ASN.1 defines a schema that is useful to interpret encoded data, |
162 | While ASN.1 defines a schema that is useful to interpret encoded data, |
163 | the BER encoding is actually somewhat self-describing: you might not know |
163 | the BER encoding is actually somewhat self-describing: you might not know |
164 | whether something is a string or a number or a sequence or something else, |
164 | whether something is a string or a number or a sequence or something else, |
165 | but you can nevertheless decode the overall structure, even if you end up |
165 | but you can nevertheless decode the overall structure, even if you end up |
… | |
… | |
182 | =head2 DECODED BER REPRESENTATION |
182 | =head2 DECODED BER REPRESENTATION |
183 | |
183 | |
184 | This module represents every BER value as a 4-element tuple (actually an |
184 | This module represents every BER value as a 4-element tuple (actually an |
185 | array-reference): |
185 | array-reference): |
186 | |
186 | |
187 | [CLASS, TAG, CONSTRUCTED, DATA] |
187 | [CLASS, TAG, FLAGS, DATA] |
188 | |
188 | |
189 | For example: |
189 | For example: |
190 | |
190 | |
191 | [ASN_UNIVERSAL, ASN_INTEGER, 0, 177] # the integer 177 |
191 | [ASN_UNIVERSAL, ASN_INTEGER, 0, 177] # the integer 177 |
192 | [ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "john"] # the string "john" |
192 | [ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "john"] # the string "john" |
193 | [ASN_UNIVERSAL, ASN_OID, 0, "1.3.6.133"] # some OID |
193 | [ASN_UNIVERSAL, ASN_OID, 0, "1.3.6.133"] # some OID |
194 | [ASN_UNIVERSAL, ASN_SEQUENCE, 1, [ [ASN_UNIVERSAL... # a sequence |
194 | [ASN_UNIVERSAL, ASN_SEQUENCE, 1, [ [ASN_UNIVERSAL... # a sequence |
195 | |
195 | |
196 | To avoid non-descriptive hardcoded array index numbers, this module |
196 | To avoid non-descriptive hardcoded array index numbers, this module |
197 | defines symbolic constants to access these members: C<BER_CLASS>, |
197 | defines symbolic constants to access these members: C<BER_CLASS>, |
198 | C<BER_TAG>, C<BER_CONSTRUCTED> and C<BER_DATA>. |
198 | C<BER_TAG>, C<BER_FLAGS> and C<BER_DATA>. |
199 | |
199 | |
200 | Also, the first three members are integers with a little caveat: for |
200 | Also, the first three members are integers with a little caveat: for |
201 | performance reasons, these are readonly and shared, so you must not modify |
201 | performance reasons, these are readonly and shared, so you must not modify |
202 | them (increment, assign to them etc.) in any way. You may modify the |
202 | them (increment, assign to them etc.) in any way. You may modify the |
203 | I<DATA> member, and you may re-assign the array itself, e.g.: |
203 | I<DATA> member, and you may re-assign the array itself, e.g.: |
204 | |
204 | |
205 | $ber = ber_decode $binbuf; |
205 | $ber = ber_decode $binbuf; |
206 | |
206 | |
207 | # the following is NOT legal: |
207 | # the following is NOT legal: |
208 | $ber->[BER_CLASS] = ASN_PRIVATE; # ERROR, CLASS/TAG/CONSTRUCTED are READ ONLY(!) |
208 | $ber->[BER_CLASS] = ASN_PRIVATE; # ERROR, CLASS/TAG/FLAGS are READ ONLY(!) |
209 | |
209 | |
210 | # but all of the following are fine: |
210 | # but all of the following are fine: |
211 | $ber->[BER_DATA] = "string"; |
211 | $ber->[BER_DATA] = "string"; |
212 | $ber->[BER_DATA] = [ASN_UNIVERSAL, ASN_INTEGER, 0, 123]; |
212 | $ber->[BER_DATA] = [ASN_UNIVERSAL, ASN_INTEGER, 0, 123]; |
213 | @$ber = (ASN_APPLICATION, SNMP_TIMETICKS, 0, 1000); |
213 | @$ber = (ASN_APPLICATION, SNMP_TIMETICKS, 0, 1000); |
… | |
… | |
231 | |
231 | |
232 | The most common tags in SNMP's C<ASN_APPLICATION> namespace are |
232 | The most common tags in SNMP's C<ASN_APPLICATION> namespace are |
233 | C<SNMP_COUNTER32>, C<SNMP_UNSIGNED32>, C<SNMP_TIMETICKS> and |
233 | C<SNMP_COUNTER32>, C<SNMP_UNSIGNED32>, C<SNMP_TIMETICKS> and |
234 | C<SNMP_COUNTER64>. |
234 | C<SNMP_COUNTER64>. |
235 | |
235 | |
236 | The I<CONSTRUCTED> flag is really just a boolean - if it is false, |
236 | The I<FLAGS> value is really just a boolean at this time (but might |
237 | the value is "primitive" and contains no subvalues, kind of like a |
237 | get extended) - if it is C<0>, the value is "primitive" and contains |
238 | non-reference perl scalar. If it is true, then the value is "constructed" |
238 | no subvalues, kind of like a non-reference perl scalar. If it is C<1>, |
239 | which just means it contains a list of subvalues which this module will |
239 | then the value is "constructed" which just means it contains a list of |
240 | en-/decode as BER tuples themselves. |
240 | subvalues which this module will en-/decode as BER tuples themselves. |
241 | |
241 | |
242 | The I<DATA> value is either a reference to an array of further tuples (if |
242 | The I<DATA> value is either a reference to an array of further tuples |
243 | the value is I<CONSTRUCTED>), some decoded representation of the value, |
243 | (if the value is I<FLAGS>), some decoded representation of the value, if |
244 | if this module knows how to decode it (e.g. for the integer types above) |
244 | this module knows how to decode it (e.g. for the integer types above) or |
245 | or a binary string with the raw octets if this module doesn't know how to |
245 | a binary string with the raw octets if this module doesn't know how to |
246 | interpret the namespace/tag. |
246 | interpret the namespace/tag. |
247 | |
247 | |
248 | Thus, you can always decode a BER data structure and at worst you get a |
248 | Thus, you can always decode a BER data structure and at worst you get a |
249 | string in place of some nice decoded value. |
249 | string in place of some nice decoded value. |
250 | |
250 | |
… | |
… | |
280 | =item $bindata = ber_encode $tuple[, $profile] |
280 | =item $bindata = ber_encode $tuple[, $profile] |
281 | |
281 | |
282 | Encodes the BER tuple into a BER/DER data structure. AS with |
282 | Encodes the BER tuple into a BER/DER data structure. AS with |
283 | Cyber_decode>, an optional profile can be given. |
283 | Cyber_decode>, an optional profile can be given. |
284 | |
284 | |
|
|
285 | The encoded data should be both BER and DER ("shortest form") compliant |
|
|
286 | unless the input says otherwise (e.g. it uses constructed strings). |
|
|
287 | |
285 | =back |
288 | =back |
286 | |
289 | |
287 | =head2 HELPER FUNCTIONS |
290 | =head2 HELPER FUNCTIONS |
288 | |
291 | |
289 | Working with a 4-tuple for every value can be annoying. Or, rather, I<is> |
292 | Working with a 4-tuple for every value can be annoying. Or, rather, I<is> |
… | |
… | |
300 | a ease-of-use exception, they usually also accept C<undef> instead of a |
303 | a ease-of-use exception, they usually also accept C<undef> instead of a |
301 | tuple reference, in which case they silently fail to match. |
304 | tuple reference, in which case they silently fail to match. |
302 | |
305 | |
303 | =over |
306 | =over |
304 | |
307 | |
305 | =item $bool = ber_is $tuple, $class, $tag, $constructed, $data |
308 | =item $bool = ber_is $tuple, $class, $tag, $flags, $data |
306 | |
309 | |
307 | This takes a BER C<$tuple> and matches its elements against the provided |
310 | This takes a BER C<$tuple> and matches its elements against the provided |
308 | values, all of which are optional - values that are either missing or |
311 | values, all of which are optional - values that are either missing or |
309 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
312 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
310 | you used C<==> or C<eq> (for C<$data>)). |
313 | you used C<==> or C<eq> (for C<$data>)). |
… | |
… | |
396 | XSLoader::load __PACKAGE__, $VERSION; |
399 | XSLoader::load __PACKAGE__, $VERSION; |
397 | } |
400 | } |
398 | |
401 | |
399 | our %EXPORT_TAGS = ( |
402 | our %EXPORT_TAGS = ( |
400 | const_index => [qw( |
403 | const_index => [qw( |
401 | BER_CLASS BER_TAG BER_CONSTRUCTED BER_DATA |
404 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
402 | )], |
405 | )], |
403 | const_asn => [qw( |
406 | const_asn => [qw( |
404 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OBJECT_IDENTIFIER |
407 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OBJECT_IDENTIFIER |
405 | ASN_OBJECT_DESCRIPTOR ASN_OID ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
408 | ASN_OBJECT_DESCRIPTOR ASN_OID ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
406 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
409 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
… | |
… | |
579 | C<BER_TYPE_BYTES>. When you don't want that but instead prefer a hard |
582 | C<BER_TYPE_BYTES>. When you don't want that but instead prefer a hard |
580 | error for some types, then C<BER_TYPE_CROAK> is for you. |
583 | error for some types, then C<BER_TYPE_CROAK> is for you. |
581 | |
584 | |
582 | =back |
585 | =back |
583 | |
586 | |
|
|
587 | =head2 Example Profile |
|
|
588 | |
|
|
589 | The following creates a profile suitable for SNMP - it's exactly identical |
|
|
590 | to the C<$Convert::BER::XS::SNMP_PROFILE> profile. |
|
|
591 | |
|
|
592 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
|
|
593 | |
|
|
594 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
|
|
595 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
|
|
596 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
|
|
597 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
|
|
598 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
|
|
599 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
|
|
600 | |
584 | =cut |
601 | =cut |
585 | |
602 | |
586 | our $DEFAULT_PROFILE = new Convert::BER::XS::Profile; |
603 | our $DEFAULT_PROFILE = new Convert::BER::XS::Profile; |
587 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
604 | |
|
|
605 | $DEFAULT_PROFILE->_set_default; |
588 | |
606 | |
589 | # additional SNMP application types |
607 | # additional SNMP application types |
|
|
608 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
590 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
609 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
591 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
610 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
592 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
611 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
593 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
612 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
594 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
613 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
595 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
614 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
596 | |
615 | |
597 | $DEFAULT_PROFILE->_set_default; |
|
|
598 | |
|
|
599 | 1; |
616 | 1; |
600 | |
617 | |
601 | =head2 LIMITATIONS/NOTES |
618 | =head2 LIMITATIONS/NOTES |
602 | |
619 | |
603 | This module can only en-/decode 64 bit signed and unsigned integers, and |
620 | This module can only en-/decode 64 bit signed and unsigned integers, and |
… | |
… | |
609 | |
626 | |
610 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
627 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
611 | much larger than e.g. the one imposed by SNMP or other protocols,a nd is |
628 | much larger than e.g. the one imposed by SNMP or other protocols,a nd is |
612 | about 4kB. |
629 | about 4kB. |
613 | |
630 | |
|
|
631 | Indefinite length encoding is not supported. |
|
|
632 | |
|
|
633 | Constructed strings are decoded just fine, but there should be a way to |
|
|
634 | join them for convenience. |
|
|
635 | |
614 | REAL values are not supported and will currently croak. |
636 | REAL values are not supported and will currently croak. |
615 | |
637 | |
616 | This module has undergone little to no testing so far. |
638 | This module has undergone little to no testing so far. |
617 | |
639 | |
618 | =head2 ITHREADS SUPPORT |
640 | =head2 ITHREADS SUPPORT |