ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/Convert-BER-XS/XS.pm
(Generate patch)

Comparing Convert-BER-XS/XS.pm (file contents):
Revision 1.38 by root, Sun Apr 21 00:39:26 2019 UTC vs.
Revision 1.53 by root, Tue Apr 23 20:16:40 2019 UTC

8 8
9 my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE 9 my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE
10 or die "unable to decode SNMP message"; 10 or die "unable to decode SNMP message";
11 11
12 # The above results in a data structure consisting of 12 # The above results in a data structure consisting of
13 # (class, tag, flags, data) 13 # (class, tag, flags, data)
14 # tuples. Below is such a message, SNMPv1 trap 14 # tuples. Below is such a message, SNMPv1 trap
15 # with a Cisco mac change notification. 15 # with a Cisco mac change notification.
16 # Did you know that Cisco is in the news almost 16 # Did you know that Cisco is in the news almost
17 # every week because of some backdoor password 17 # every week because of some backdoor password
18 # or other extremely stupid security bug? 18 # or other extremely stupid security bug?
108 BER_CLASS BER_TAG BER_FLAGS BER_DATA 108 BER_CLASS BER_TAG BER_FLAGS BER_DATA
109 109
110=item C<:const_asn> 110=item C<:const_asn>
111 111
112ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - 112ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively -
113exactly thw two topmost bits from the identifier octet shifted 6 bits to 113exactly the two topmost bits from the identifier octet shifted 6 bits to
114the right): 114the right):
115 115
116 ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE 116 ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE
117 117
118ASN tag values (some of which are aliases, such as C<ASN_OID>). Their 118ASN tag values (some of which are aliases, such as C<ASN_OID>). Their
296Also, since BER is self-delimited, this can be used to decode multiple BER 296Also, since BER is self-delimited, this can be used to decode multiple BER
297values joined together. 297values joined together.
298 298
299=item $bindata = ber_encode $tuple[, $profile] 299=item $bindata = ber_encode $tuple[, $profile]
300 300
301Encodes the BER tuple into a BER/DER data structure. AS with 301Encodes the BER tuple into a BER/DER data structure. As with
302Cyber_decode>, an optional profile can be given. 302Cyber_decode>, an optional profile can be given.
303 303
304The encoded data should be both BER and DER ("shortest form") compliant 304The encoded data should be both BER and DER ("shortest form") compliant
305unless the input says otherwise (e.g. it uses constructed strings). 305unless the input says otherwise (e.g. it uses constructed strings).
306 306
412use Exporter qw(import); 412use Exporter qw(import);
413 413
414our $VERSION; 414our $VERSION;
415 415
416BEGIN { 416BEGIN {
417 $VERSION = '1.0'; 417 $VERSION = 1.11;
418 XSLoader::load __PACKAGE__, $VERSION; 418 XSLoader::load __PACKAGE__, $VERSION;
419} 419}
420 420
421our %EXPORT_TAGS = ( 421our %EXPORT_TAGS = (
422 const_index => [qw( 422 const_index => [qw(
479 479
480=over 480=over
481 481
482=item ber_dump $tuple[, $profile[, $prefix]] 482=item ber_dump $tuple[, $profile[, $prefix]]
483 483
484In addition to specifying the BER C<$tuple> to dump, youc an also specify 484In addition to specifying the BER C<$tuple> to dump, you can also specify
485a C<$profile> and a C<$prefix> string that is printed in front of each line. 485a C<$profile> and a C<$prefix> string that is printed in front of each line.
486 486
487If C<$profile> is C<$Convert::BER::XS::SNMP_PROFILE>, then C<ber_dump> 487If C<$profile> is C<$Convert::BER::XS::SNMP_PROFILE>, then C<ber_dump>
488will try to improve its output for SNMP data. 488will try to improve its output for SNMP data.
489 489
496Example output: 496Example output:
497 497
498 SEQUENCE 498 SEQUENCE
499 | OCTET_STRING bytes 800063784300454045045400000001 499 | OCTET_STRING bytes 800063784300454045045400000001
500 | OCTET_STRING bytes 500 | OCTET_STRING bytes
501 | CONTEXT (7) bytes CONSTRUCTED 501 | CONTEXT (7) CONSTRUCTED
502 | | INTEGER int 1058588941 502 | | INTEGER int 1058588941
503 | | INTEGER int 0 503 | | INTEGER int 0
504 | | INTEGER int 0 504 | | INTEGER int 0
505 | | SEQUENCE 505 | | SEQUENCE
506 | | | SEQUENCE 506 | | | SEQUENCE
507 | | | | OID oid 1.3.6.1.2.1.1.3.0 507 | | | | OID oid 1.3.6.1.2.1.1.3.0
508 | | | | TIMETICKS int 638085796 508 | | | | TIMETICKS int 638085796
509 509
510=back
511
510=cut 512=cut
511 513
512# reverse enum, very slow and ugly hack 514# reverse enum, very slow and ugly hack
513sub _re { 515sub _re {
514 my ($export_tag, $value) = @_; 516 my ($export_tag, $value) = @_;
547 $class =~ s/^ASN_//; 549 $class =~ s/^ASN_//;
548 $tag =~ s/^(ASN_|SNMP_)//; 550 $tag =~ s/^(ASN_|SNMP_)//;
549 $type =~ s/^BER_TYPE_//; 551 $type =~ s/^BER_TYPE_//;
550 552
551 if ($ber->[BER_FLAGS]) { 553 if ($ber->[BER_FLAGS]) {
552 printf "$indent%-16.16s %-6.6s CONSTRUCTED\n", $tag, lc $type; 554 printf "$indent%-16.16s\n", $tag;
553 &_ber_dump ($_, $profile, "$indent| ") 555 &_ber_dump ($_, $profile, "$indent| ")
554 for @$data; 556 for @$data;
555 } else { 557 } else {
556 if ($data =~ y/\x20-\x7e//c > 10 or $data =~ /\x00./s) { 558 if ($data =~ y/\x20-\x7e//c / (length $data || 1) > 0.2 or $data =~ /\x00./s) {
557 # assume binary 559 # assume binary
558 $data = unpack "H*", $data; 560 $data = unpack "H*", $data;
559 substr $data, 40, 1e9, "..." if 40 < length $data;
560 } else { 561 } else {
561 $data =~ s/[^\x20-\x7e]/./g; 562 $data =~ s/[^\x20-\x7e]/./g;
562 $data = "\"$data\"" if $type =~ /string/i; 563 $data = "\"$data\"" if $tag =~ /string/i || !length $data;
563 substr $data, 40, 1e9, "..." if 40 < length $data;
564 } 564 }
565
566 substr $data, 40, 1e9, "..." if 40 < length $data;
565 567
566 printf "$indent%-16.16s %-6.6s %s\n", $tag, lc $type, $data; 568 printf "$indent%-16.16s %-6.6s %s\n", $tag, lc $type, $data;
567 } 569 }
568 } 570 }
569} 571}
639 641
640Returns the BER type mapped to the given C<$class>/C<$tag> combination. 642Returns the BER type mapped to the given C<$class>/C<$tag> combination.
641 643
642=back 644=back
643 645
644=head2 BER TYPES 646=head2 BER Types
645 647
646This lists the predefined BER types - you can map any C<CLASS>/C<TAG> 648This lists the predefined BER types. BER types are formatters used
647combination to any C<BER_TYPE_*>. 649internally to format and encode BER values. You can assign any C<BER_TYPE>
650to any C<CLASS>/C<TAG> combination tgo change how that tag is decoded or
651encoded.
648 652
649=over 653=over
650 654
651=item C<BER_TYPE_BYTES> 655=item C<BER_TYPE_BYTES>
652 656
735 $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); 739 $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT);
736 740
737=head2 LIMITATIONS/NOTES 741=head2 LIMITATIONS/NOTES
738 742
739This module can only en-/decode 64 bit signed and unsigned integers, and 743This module can only en-/decode 64 bit signed and unsigned integers, and
740only when your perl supports those. 744only when your perl supports those. So no UUID OIDs for now (unless you
745map the C<OBJECT IDENTIFIER> tag to something other than C<BER_TYPE_OID>).
741 746
742This module does not generally care about ranges, i.e. it will happily 747This module does not generally care about ranges, i.e. it will happily
743de-/encode 64 bit integers into an C<ASN_INTEGER> value, or a negative 748de-/encode 64 bit integers into an C<ASN_INTEGER> value, or a negative
744number into an C<SNMP_COUNTER64>. 749number into an C<SNMP_COUNTER64>.
745 750
746OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is 751OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is
747much larger than e.g. the one imposed by SNMP or other protocols,a nd is 752much larger than e.g. the one imposed by SNMP or other protocols, and is
748about 4kB. 753about 4kB.
749 754
750Indefinite length encoding is not supported. 755Indefinite length encoding is not supported.
751 756
752Constructed strings are decoded just fine, but there should be a way to 757Constructed strings are decoded just fine, but there should be a way to
753join them for convenience. 758join them for convenience.
754 759
755REAL values are not supported and will currently croak. 760REAL values are not supported and will currently croak.
756 761
757The encoder and decoder tend to accept more formats than should be 762The encoder and decoder tend to accept more formats than should be
758strictly supported. 763strictly supported - security sensitive applications are strongly advised
764to review the code first.
759 765
760This module has undergone little to no testing so far. 766This module has undergone little to no testing so far.
761 767
762=head2 ITHREADS SUPPORT 768=head2 ITHREADS SUPPORT
763 769

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines