… | |
… | |
4 | |
4 | |
5 | =head1 SYNOPSIS |
5 | =head1 SYNOPSIS |
6 | |
6 | |
7 | use Convert::BER::XS ':all'; |
7 | use Convert::BER::XS ':all'; |
8 | |
8 | |
9 | my $ber = ber_decode $buf |
9 | # decode a binary BER data structure using the SNMP profile |
|
|
10 | my $ber = ber_decode $buf, $Convert::BER::XS::SNMP_PROFILE |
10 | or die "unable to decode SNMP message"; |
11 | or die "unable to decode SNMP message"; |
11 | |
12 | |
12 | # The above results in a data structure consisting of |
13 | # The above results in a data structure consisting of |
13 | # (class, tag, # constructed, data) |
14 | # (class, tag, flags, data) |
14 | # tuples. Below is such a message, SNMPv1 trap |
15 | # tuples. Below is such a message, an SNMPv1 trap |
15 | # with a Cisco mac change notification. |
16 | # with a Cisco mac change notification. |
16 | # Did you know that Cisco is in the news almost |
17 | # (Did you know that Cisco is in the news almost |
17 | # every week because # of some backdoor password |
18 | # every week because of some backdoor password |
18 | # or other extremely stupid security bug? |
19 | # or other extremely stupid security bug?) |
19 | |
20 | |
20 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, |
21 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, |
21 | [ |
22 | [ |
22 | [ ASN_UNIVERSAL, ASN_INTEGER32, 0, 0 ], # snmp version 1 |
23 | [ ASN_UNIVERSAL, ASN_INTEGER, 0, 0 ], # snmp version 1 |
23 | [ ASN_UNIVERSAL, 4, 0, "public" ], # community |
24 | [ ASN_UNIVERSAL, 4, 0, "public" ], # community |
24 | [ ASN_CONTEXT, 4, 1, # CHOICE, constructed - trap PDU |
25 | [ ASN_CONTEXT, 4, 1, # CHOICE, constructed - trap PDU |
25 | [ |
26 | [ |
26 | [ ASN_UNIVERSAL, ASN_OBJECT_IDENTIFIER, 0, "1.3.6.1.4.1.9.9.215.2" ], # enterprise oid |
27 | [ ASN_UNIVERSAL, ASN_OBJECT_IDENTIFIER, 0, "1.3.6.1.4.1.9.9.215.2" ], # enterprise oid |
27 | [ ASN_APPLICATION, 0, 0, "\x0a\x00\x00\x01" ], # SNMP IpAddress, 10.0.0.1 |
28 | [ ASN_APPLICATION, SNMP_IPADDRESS, 0, "10.0.0.1" ], # SNMP IpAddress |
28 | [ ASN_UNIVERSAL, ASN_INTEGER32, 0, 6 ], # generic trap |
29 | [ ASN_UNIVERSAL, ASN_INTEGER, 0, 6 ], # generic trap |
29 | [ ASN_UNIVERSAL, ASN_INTEGER32, 0, 1 ], # specific trap |
30 | [ ASN_UNIVERSAL, ASN_INTEGER, 0, 1 ], # specific trap |
30 | [ ASN_APPLICATION, ASN_TIMETICKS, 0, 1817903850 ], # SNMP TimeTicks |
31 | [ ASN_APPLICATION, SNMP_TIMETICKS, 0, 1817903850 ], # SNMP TimeTicks |
31 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, # the varbindlist |
32 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, # the varbindlist |
32 | [ |
33 | [ |
33 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, # a single varbind, "key value" pair |
34 | [ ASN_UNIVERSAL, ASN_SEQUENCE, 1, # a single varbind, "key value" pair |
34 | [ |
35 | [ |
35 | [ ASN_UNIVERSAL, ASN_OBJECT_IDENTIFIER, 0, "1.3.6.1.4.1.9.9.215.1.1.8.1.2.1" ], |
36 | [ ASN_UNIVERSAL, ASN_OBJECT_IDENTIFIER, 0, "1.3.6.1.4.1.9.9.215.1.1.8.1.2.1" ], |
… | |
… | |
37 | ] |
38 | ] |
38 | ] |
39 | ] |
39 | ], |
40 | ], |
40 | ... |
41 | ... |
41 | |
42 | |
|
|
43 | # let's dump the above structure, for debugging |
|
|
44 | ber_dump $ber, $Convert::BER::XS::SNMP_PROFILE; |
|
|
45 | |
42 | # let's decode it a bit with some helper functions |
46 | # let's decode it a bit with some helper functions. |
43 | |
47 | # first check whether it starts with a sequence |
44 | my $msg = ber_is_seq $ber |
48 | my $msg = ber_is_seq $ber |
45 | or die "SNMP message does not start with a sequence"; |
49 | or die "SNMP message does not start with a sequence"; |
46 | |
50 | |
|
|
51 | # then check if its some kind of integer |
47 | ber_is $msg->[0], ASN_UNIVERSAL, ASN_INTEGER32, 0 |
52 | ber_is $msg->[0], ASN_UNIVERSAL, ASN_INTEGER, 0 |
48 | or die "SNMP message does not start with snmp version\n"; |
53 | or die "SNMP message does not start with snmp version"; |
49 | |
54 | |
50 | # message is SNMP v1 or v2c? |
55 | # message is SNMP v1 or v2c? |
51 | if ($msg->[0][BER_DATA] == 0 || $msg->[0][BER_DATA] == 1) { |
56 | if ($msg->[0][BER_DATA] == 0 || $msg->[0][BER_DATA] == 1) { |
52 | |
57 | |
53 | # message is v1 trap? |
58 | # message is v1 trap? |
… | |
… | |
55 | my $trap = $msg->[2][BER_DATA]; |
60 | my $trap = $msg->[2][BER_DATA]; |
56 | |
61 | |
57 | # check whether trap is a cisco mac notification mac changed message |
62 | # check whether trap is a cisco mac notification mac changed message |
58 | if ( |
63 | if ( |
59 | (ber_is_oid $trap->[0], "1.3.6.1.4.1.9.9.215.2") # cmnInterfaceObjects |
64 | (ber_is_oid $trap->[0], "1.3.6.1.4.1.9.9.215.2") # cmnInterfaceObjects |
60 | and (ber_is_i32 $trap->[2], 6) |
65 | and (ber_is_int $trap->[2], 6) |
61 | and (ber_is_i32 $trap->[3], 1) # mac changed msg |
66 | and (ber_is_int $trap->[3], 1) # mac changed msg |
62 | ) { |
67 | ) { |
63 | ... and so on |
68 | ... and so on |
64 | |
69 | |
65 | # finally, let's encode it again and hope it results in the same bit pattern |
70 | # finally, let's encode it again and hope it results in the same bit pattern |
66 | |
71 | my $buf = ber_encode $ber, $Convert::BER::XS::SNMP_PROFILE; |
67 | my $buf = ber_encode $ber; |
|
|
68 | |
72 | |
69 | =head1 DESCRIPTION |
73 | =head1 DESCRIPTION |
70 | |
74 | |
71 | WARNING: Before release 1.0, the API is not considered stable in any way. |
|
|
72 | |
|
|
73 | This module implements a I<very> low level BER/DER en-/decoder. |
75 | This module implements a I<very> low level BER/DER en-/decoder. |
74 | |
76 | |
75 | If is tuned for low memory and high speed, while still maintaining some |
77 | It is tuned for low memory and high speed, while still maintaining some |
76 | level of user-friendlyness. |
78 | level of user-friendlyness. |
|
|
79 | |
|
|
80 | =head2 EXPORT TAGS AND CONSTANTS |
|
|
81 | |
|
|
82 | By default this module doesn't export any symbols, but if you don't want |
|
|
83 | to break your keyboard, editor or eyesight with extremely long names, I |
|
|
84 | recommend importing the C<:all> tag. Still, you can selectively import |
|
|
85 | things. |
|
|
86 | |
|
|
87 | =over |
|
|
88 | |
|
|
89 | =item C<:all> |
|
|
90 | |
|
|
91 | All of the below. Really. Recommended for at least first steps, or if you |
|
|
92 | don't care about a few kilobytes of wasted memory (and namespace). |
|
|
93 | |
|
|
94 | =item C<:const> |
|
|
95 | |
|
|
96 | All of the strictly ASN.1-related constants defined by this module, the |
|
|
97 | same as C<:const_asn :const_index>. Notably, this does not contain |
|
|
98 | C<:const_ber_type> and C<:const_snmp>. |
|
|
99 | |
|
|
100 | A good set to get everything you need to decode and match BER data would be |
|
|
101 | C<:decode :const>. |
|
|
102 | |
|
|
103 | =item C<:const_index> |
|
|
104 | |
|
|
105 | The BER tuple array index constants: |
|
|
106 | |
|
|
107 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
|
|
108 | |
|
|
109 | =item C<:const_asn> |
|
|
110 | |
|
|
111 | ASN class values (these are C<0>, C<1>, C<2> and C<3>, respectively - |
|
|
112 | exactly the two topmost bits from the identifier octet shifted 6 bits to |
|
|
113 | the right): |
|
|
114 | |
|
|
115 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
|
|
116 | |
|
|
117 | ASN tag values (some of which are aliases, such as C<ASN_OID>). Their |
|
|
118 | numerical value corresponds exactly to the numbers used in BER/X.690. |
|
|
119 | |
|
|
120 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OID |
|
|
121 | ASN_OBJECT_IDENTIFIER ASN_OBJECT_DESCRIPTOR ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
|
|
122 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
|
|
123 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
|
|
124 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
|
|
125 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
|
|
126 | |
|
|
127 | =item C<:const_ber_type> |
|
|
128 | |
|
|
129 | The BER type constants, explained in the PROFILES section. |
|
|
130 | |
|
|
131 | BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
|
|
132 | BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
|
|
133 | BER_TYPE_IPADDRESS BER_TYPE_CROAK |
|
|
134 | |
|
|
135 | =item C<:const_snmp> |
|
|
136 | |
|
|
137 | Constants only relevant to SNMP. These are the tag values used by SNMP in |
|
|
138 | the C<ASN_APPLICATION> namespace and have the exact numerical value as in |
|
|
139 | BER/RFC 2578. |
|
|
140 | |
|
|
141 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_UNSIGNED32 SNMP_GAUGE32 |
|
|
142 | SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
|
|
143 | |
|
|
144 | =item C<:decode> |
|
|
145 | |
|
|
146 | C<ber_decode> and the match helper functions: |
|
|
147 | |
|
|
148 | ber_decode ber-decode_prefix |
|
|
149 | ber_is ber_is_seq ber_is_int ber_is_oid |
|
|
150 | ber_dump |
|
|
151 | |
|
|
152 | =item C<:encode> |
|
|
153 | |
|
|
154 | C<ber_encode> and the construction helper functions: |
|
|
155 | |
|
|
156 | ber_encode |
|
|
157 | ber_int |
|
|
158 | |
|
|
159 | =back |
77 | |
160 | |
78 | =head2 ASN.1/BER/DER/... BASICS |
161 | =head2 ASN.1/BER/DER/... BASICS |
79 | |
162 | |
80 | ASN.1 is a strange language that can be used to describe protocols and |
163 | ASN.1 is a strange language that can be used to describe protocols and |
81 | data structures. It supports various mappings to JSON, XML, but most |
164 | data structures. It supports various mappings to JSON, XML, but most |
82 | importantly, to a various binary encodings such as BER, that is the topic |
165 | importantly, to a various binary encodings such as BER, that is the topic |
83 | of this module, and is used in SNMP or LDAP for example. |
166 | of this module, and is used in SNMP, LDAP or X.509 for example. |
84 | |
167 | |
85 | While ASN.1 defines a schema that is useful to interpret encoded data, |
168 | While ASN.1 defines a schema that is useful to interpret encoded data, |
86 | the BER encoding is actually somewhat self-describing: you might not know |
169 | the BER encoding is actually somewhat self-describing: you might not know |
87 | whether something is a string or a number or a sequence or something else, |
170 | whether something is a string or a number or a sequence or something else, |
88 | but you can nevertheless decode the overall structure, even if you end up |
171 | but you can nevertheless decode the overall structure, even if you end up |
… | |
… | |
90 | |
173 | |
91 | This works because BER values are tagged with a type and a namespace, |
174 | This works because BER values are tagged with a type and a namespace, |
92 | and also have a flag that says whether a value consists of subvalues (is |
175 | and also have a flag that says whether a value consists of subvalues (is |
93 | "constructed") or not (is "primitive"). |
176 | "constructed") or not (is "primitive"). |
94 | |
177 | |
95 | Tags are simple integers, and ASN.1 defines a somewhat weird assortment of |
178 | Tags are simple integers, and ASN.1 defines a somewhat weird assortment |
96 | those - for example, you have 32 bit signed integers and 16(!) different |
179 | of those - for example, you have one integer but 16(!) different |
97 | string types, but there is no unsigned32 type for example. Different |
180 | string types, but there is no Unsigned32 type for example. Different |
98 | applications work around this in different ways, for example, SNMP defines |
181 | applications work around this in different ways, for example, SNMP defines |
99 | application-specific Gauge32, Counter32 and Unsigned32, which are mapped |
182 | application-specific Gauge32, Counter32 and Unsigned32, which are mapped |
100 | to two different tags: you can distinguish between Counter32 and the |
183 | to two different tags: you can distinguish between Counter32 and the |
101 | others, but not between Gause32 and Unsigned32, without the ASN.1 schema. |
184 | others, but not between Gause32 and Unsigned32, without the ASN.1 schema. |
102 | |
185 | |
… | |
… | |
105 | =head2 DECODED BER REPRESENTATION |
188 | =head2 DECODED BER REPRESENTATION |
106 | |
189 | |
107 | This module represents every BER value as a 4-element tuple (actually an |
190 | This module represents every BER value as a 4-element tuple (actually an |
108 | array-reference): |
191 | array-reference): |
109 | |
192 | |
110 | [CLASS, TAG, CONSTRUCTED, DATA] |
193 | [CLASS, TAG, FLAGS, DATA] |
|
|
194 | |
|
|
195 | For example: |
|
|
196 | |
|
|
197 | [ASN_UNIVERSAL, ASN_INTEGER, 0, 177] # the integer 177 |
|
|
198 | [ASN_UNIVERSAL, ASN_OCTET_STRING, 0, "john"] # the string "john" |
|
|
199 | [ASN_UNIVERSAL, ASN_OID, 0, "1.3.6.133"] # some OID |
|
|
200 | [ASN_UNIVERSAL, ASN_SEQUENCE, 1, [ [ASN_UNIVERSAL... # a sequence |
111 | |
201 | |
112 | To avoid non-descriptive hardcoded array index numbers, this module |
202 | To avoid non-descriptive hardcoded array index numbers, this module |
113 | defines symbolic constants to access these members: C<BER_CLASS>, |
203 | defines symbolic constants to access these members: C<BER_CLASS>, |
114 | C<BER_TAG>, C<BER_CONSTRUCTED> and C<BER_DATA>. |
204 | C<BER_TAG>, C<BER_FLAGS> and C<BER_DATA>. |
115 | |
205 | |
116 | Also, the first three members are integers with a little caveat: for |
206 | Also, the first three members are integers with a little caveat: for |
117 | performance reasons, these are readonly and shared, so you must not modify |
207 | performance reasons, these are readonly and shared, so you must not modify |
118 | them (increment, assign to them etc.) in any way. You may modify the |
208 | them (increment, assign to them etc.) in any way. You may modify the |
119 | I<DATA> member, and you may re-assign the array itself, e.g.: |
209 | I<DATA> member, and you may re-assign the array itself, e.g.: |
120 | |
210 | |
121 | $ber = ber_decode $binbuf; |
211 | $ber = ber_decode $binbuf; |
122 | |
212 | |
123 | # the following is NOT legal: |
213 | # the following is NOT legal: |
124 | $ber->[BER_CLASS] = ASN_PRIVATE; # ERROR, CLASS/TAG/CONSTRUCTED are READ ONLY(!) |
214 | $ber->[BER_CLASS] = ASN_PRIVATE; # ERROR, CLASS/TAG/FLAGS are READ ONLY(!) |
125 | |
215 | |
126 | # but all of the following are fine: |
216 | # but all of the following are fine: |
127 | $ber->[BER_DATA] = "string"; |
217 | $ber->[BER_DATA] = "string"; |
128 | $ber->[BER_DATA] = [ASN_UNIVERSAL, ASN_INTEGER32, 0, 123]; |
218 | $ber->[BER_DATA] = [ASN_UNIVERSAL, ASN_INTEGER, 0, 123]; |
129 | @$ber = (ASN_APPLICATION, SNMP_TIMETICKS, 0, 1000); |
219 | @$ber = (ASN_APPLICATION, SNMP_TIMETICKS, 0, 1000); |
130 | |
220 | |
131 | I<CLASS> is something like a namespace for I<TAG>s - there is the |
221 | I<CLASS> is something like a namespace for I<TAG>s - there is the |
132 | C<ASN_UNIVERSAL> namespace which defines tags common to all ASN.1 |
222 | C<ASN_UNIVERSAL> namespace which defines tags common to all ASN.1 |
133 | implementations, the C<ASN_APPLICATION> namespace which defines tags for |
223 | implementations, the C<ASN_APPLICATION> namespace which defines tags for |
134 | specific applications (for example, the SNMP C<Unsigned32> type is in this |
224 | specific applications (for example, the SNMP C<Unsigned32> type is in this |
135 | namespace), a special-purpose context namespace (C<ASN_CONTEXT>, used e.g. |
225 | namespace), a special-purpose context namespace (C<ASN_CONTEXT>, used e.g. |
136 | for C<CHOICE>) and a private namespace (C<ASN_PRIVATE>). |
226 | for C<CHOICE>) and a private namespace (C<ASN_PRIVATE>). |
137 | |
227 | |
138 | The meaning of the I<TAG> depends on the namespace, and defines a |
228 | The meaning of the I<TAG> depends on the namespace, and defines a |
139 | (partial) interpretation of the data value. For example, right now, SNMP |
229 | (partial) interpretation of the data value. For example, SNMP defines |
140 | application namespace knowledge ix hardcoded into this module, so it |
230 | extra tags in the C<ASN_APPLICATION> namespace, and to take full advantage |
141 | knows that SNMP C<Unsigned32> values need to be decoded into actual perl |
231 | of these, you need to tell this module how to handle those via profiles. |
142 | integers. |
|
|
143 | |
232 | |
144 | The most common tags in the C<ASN_UNIVERSAL> namespace are |
233 | The most common tags in the C<ASN_UNIVERSAL> namespace are |
145 | C<ASN_INTEGER32>, C<ASN_BIT_STRING>, C<ASN_NULL>, C<ASN_OCTET_STRING>, |
234 | C<ASN_INTEGER>, C<ASN_BIT_STRING>, C<ASN_NULL>, C<ASN_OCTET_STRING>, |
146 | C<ASN_OBJECT_IDENTIFIER>, C<ASN_SEQUENCE>, C<ASN_SET> and |
235 | C<ASN_OBJECT_IDENTIFIER>, C<ASN_SEQUENCE>, C<ASN_SET> and |
147 | C<ASN_IA5_STRING>. |
236 | C<ASN_IA5_STRING>. |
148 | |
237 | |
149 | The most common tags in SNMP's C<ASN_APPLICATION> namespace |
238 | The most common tags in SNMP's C<ASN_APPLICATION> namespace are |
150 | are C<SNMP_IPADDRESS>, C<SNMP_COUNTER32>, C<SNMP_UNSIGNED32>, |
239 | C<SNMP_COUNTER32>, C<SNMP_UNSIGNED32>, C<SNMP_TIMETICKS> and |
151 | C<SNMP_TIMETICKS>, C<SNMP_OPAQUE> and C<SNMP_COUNTER64>. |
240 | C<SNMP_COUNTER64>. |
152 | |
241 | |
153 | The I<CONSTRUCTED> flag is really just a boolean - if it is false, the |
242 | The I<FLAGS> value is really just a boolean at this time (but might |
154 | the value is "primitive" and contains no subvalues, kind of like a |
243 | get extended) - if it is C<0>, the value is "primitive" and contains |
155 | non-reference perl scalar. IF it is true, then the value is "constructed" |
244 | no subvalues, kind of like a non-reference perl scalar. If it is C<1>, |
156 | which just means it contains a list of subvalues which this module will |
245 | then the value is "constructed" which just means it contains a list of |
157 | en-/decode as BER tuples themselves. |
246 | subvalues which this module will en-/decode as BER tuples themselves. |
158 | |
247 | |
159 | The I<DATA> value is either a reference to an array of further tuples (if |
248 | The I<DATA> value is either a reference to an array of further tuples |
160 | the value is I<CONSTRUCTED>), some decoded representation of the value, |
249 | (if the value is I<FLAGS>), some decoded representation of the value, if |
161 | if this module knows how to decode it (e.g. for the integer types above) |
250 | this module knows how to decode it (e.g. for the integer types above) or |
162 | or a binary string with the raw octets if this module doesn't know how to |
251 | a binary string with the raw octets if this module doesn't know how to |
163 | interpret the namespace/tag. |
252 | interpret the namespace/tag. |
164 | |
253 | |
165 | Thus, you can always decode a BER data structure and at worst you get a |
254 | Thus, you can always decode a BER data structure and at worst you get a |
166 | string in place of some nice decoded value. |
255 | string in place of some nice decoded value. |
167 | |
256 | |
… | |
… | |
169 | |
258 | |
170 | =head2 DECODING AND ENCODING |
259 | =head2 DECODING AND ENCODING |
171 | |
260 | |
172 | =over |
261 | =over |
173 | |
262 | |
174 | =item $tuple = ber_decoded $bindata |
263 | =item $tuple = ber_decode $bindata[, $profile] |
175 | |
264 | |
176 | Decodes binary BER data in C<$bindata> and returns the resulting BER |
265 | Decodes binary BER data in C<$bindata> and returns the resulting BER |
177 | tuple. Croaks on any decoding error, so the returned C<$tuple> is always |
266 | tuple. Croaks on any decoding error, so the returned C<$tuple> is always |
178 | valid. |
267 | valid. |
179 | |
268 | |
|
|
269 | How tags are interpreted is defined by the second argument, which must |
|
|
270 | be a C<Convert::BER::XS::Profile> object. If it is missing, the default |
|
|
271 | profile will be used (C<$Convert::BER::XS::DEFAULT_PROFILE>). |
|
|
272 | |
|
|
273 | In addition to rolling your own, this module provides a |
|
|
274 | C<$Convert::BER::XS::SNMP_PROFILE> that knows about the additional SNMP |
|
|
275 | types. |
|
|
276 | |
|
|
277 | Example: decode a BER blob using the default profile - SNMP values will be |
|
|
278 | decided as raw strings. |
|
|
279 | |
|
|
280 | $tuple = ber_decode $data; |
|
|
281 | |
|
|
282 | Example: as above, but use the provided SNMP profile. |
|
|
283 | |
|
|
284 | $tuple = ber_encode $data, $Convert::BER::XS::SNMP_PROFILE; |
|
|
285 | |
|
|
286 | =item ($tuple, $bytes) = ber_decode_prefix $bindata[, $profile] |
|
|
287 | |
|
|
288 | Works like C<ber_decode>, except it doesn't croak when there is data after |
|
|
289 | the BER data, but instead returns the decoded value and the number of |
|
|
290 | bytes it decoded. |
|
|
291 | |
|
|
292 | This is useful when you have BER data at the start of a buffer and other |
|
|
293 | data after, and you need to find the length. |
|
|
294 | |
|
|
295 | Also, since BER is self-delimited, this can be used to decode multiple BER |
|
|
296 | values joined together. |
|
|
297 | |
180 | =item $bindata = ber_encode $tuple |
298 | =item $bindata = ber_encode $tuple[, $profile] |
181 | |
299 | |
182 | Encodes the BER tuple into a BER/DER data structure. |
300 | Encodes the BER tuple into a BER/DER data structure. As with |
|
|
301 | Cyber_decode>, an optional profile can be given. |
|
|
302 | |
|
|
303 | The encoded data should be both BER and DER ("shortest form") compliant |
|
|
304 | unless the input says otherwise (e.g. it uses constructed strings). |
183 | |
305 | |
184 | =back |
306 | =back |
185 | |
307 | |
186 | =head2 HELPER FUNCTIONS |
308 | =head2 HELPER FUNCTIONS |
187 | |
309 | |
188 | Working with a 4-tuple for every value can be annoying. Or, rather, I<is> |
310 | Working with a 4-tuple for every value can be annoying. Or, rather, I<is> |
189 | annoying. To reduce this a bit, this module defines a number of helper |
311 | annoying. To reduce this a bit, this module defines a number of helper |
190 | functions, both to match BER tuples and to conmstruct BER tuples: |
312 | functions, both to match BER tuples and to construct BER tuples: |
191 | |
313 | |
192 | =head3 MATCH HELPERS |
314 | =head3 MATCH HELPERS |
193 | |
315 | |
194 | Thse functions accept a BER tuple as first argument and either paertially |
316 | These functions accept a BER tuple as first argument and either partially |
195 | or fully match it. They often come in two forms, one which exactly matches |
317 | or fully match it. They often come in two forms, one which exactly matches |
196 | a value, and one which only matches the type and returns the value. |
318 | a value, and one which only matches the type and returns the value. |
197 | |
319 | |
198 | They do check whether valid tuples are passed in and croak otherwise. As |
320 | They do check whether valid tuples are passed in and croak otherwise. As |
199 | a ease-of-use exception, they usually also accept C<undef> instead of a |
321 | a ease-of-use exception, they usually also accept C<undef> instead of a |
200 | tuple reference. in which case they silently fail to match. |
322 | tuple reference, in which case they silently fail to match. |
201 | |
323 | |
202 | =over |
324 | =over |
203 | |
325 | |
204 | =item $bool = ber_is $tuple, $class, $tag, $constructed, $data |
326 | =item $bool = ber_is $tuple, $class, $tag, $flags, $data |
205 | |
327 | |
206 | This takes a BER C<$tuple> and matches its elements agains the privded |
328 | This takes a BER C<$tuple> and matches its elements against the provided |
207 | values, all of which are optional - values that are either missing or |
329 | values, all of which are optional - values that are either missing or |
208 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
330 | C<undef> will be ignored, the others will be matched exactly (e.g. as if |
209 | you used C<==> or C<eq> (for C<$data>)). |
331 | you used C<==> or C<eq> (for C<$data>)). |
210 | |
332 | |
211 | Some examples: |
333 | Some examples: |
… | |
… | |
214 | orf die "tuple is not an ASN SEQUENCE"; |
336 | orf die "tuple is not an ASN SEQUENCE"; |
215 | |
337 | |
216 | ber_is $tuple, ASN_UNIVERSAL, ASN_NULL |
338 | ber_is $tuple, ASN_UNIVERSAL, ASN_NULL |
217 | or die "tuple is not an ASN NULL value"; |
339 | or die "tuple is not an ASN NULL value"; |
218 | |
340 | |
219 | ber_is $tuple, ASN_UNIVERSAL, ASN_INTEGER32, 0, 50 |
341 | ber_is $tuple, ASN_UNIVERSAL, ASN_INTEGER, 0, 50 |
220 | or die "BER integer must be 50"; |
342 | or die "BER integer must be 50"; |
221 | |
343 | |
222 | =item $seq = ber_is_seq $tuple |
344 | =item $seq = ber_is_seq $tuple |
223 | |
345 | |
224 | Returns the sequence members (the array of subvalues) if the C<$tuple> is |
346 | Returns the sequence members (the array of subvalues) if the C<$tuple> is |
… | |
… | |
231 | my $snmp = ber_is_seq $ber |
353 | my $snmp = ber_is_seq $ber |
232 | or die "SNMP packet invalid: does not start with SEQUENCE"; |
354 | or die "SNMP packet invalid: does not start with SEQUENCE"; |
233 | |
355 | |
234 | # now we know $snmp is a sequence, so decode the SNMP version |
356 | # now we know $snmp is a sequence, so decode the SNMP version |
235 | |
357 | |
236 | my $version = ber_is_i32 $snmp->[0] |
358 | my $version = ber_is_int $snmp->[0] |
237 | or die "SNMP packet invalid: does not start with version number"; |
359 | or die "SNMP packet invalid: does not start with version number"; |
238 | |
360 | |
239 | =item $bool = ber_is_i32 $tuple, $i32 |
361 | =item $bool = ber_is_int $tuple, $int |
240 | |
362 | |
241 | Returns a true value if the C<$tuple> represents an ASN INTEGER32 with |
363 | Returns a true value if the C<$tuple> represents an ASN INTEGER with |
242 | the value C<$i32>. |
364 | the value C<$int>. |
243 | |
365 | |
244 | =item $i32 = ber_is_i32 $tuple |
366 | =item $int = ber_is_int $tuple |
245 | |
367 | |
246 | Returns true (and extracts the integer value) if the C<$tuple> is an ASN |
368 | Returns true (and extracts the integer value) if the C<$tuple> is an |
247 | INTEGER32. For C<0>, this function returns a special value that is 0 but |
369 | C<ASN_INTEGER>. For C<0>, this function returns a special value that is 0 |
248 | true. |
370 | but true. |
249 | |
371 | |
250 | =item $bool = ber_is_oid $tuple, $oid_string |
372 | =item $bool = ber_is_oid $tuple, $oid_string |
251 | |
373 | |
252 | Returns true if the C<$tuple> represents an ASN_OBJECT_IDENTIFIER |
374 | Returns true if the C<$tuple> represents an ASN_OBJECT_IDENTIFIER |
253 | that exactly matches C<$oid_string>. Example: |
375 | that exactly matches C<$oid_string>. Example: |
… | |
… | |
264 | |
386 | |
265 | =head3 CONSTRUCTION HELPERS |
387 | =head3 CONSTRUCTION HELPERS |
266 | |
388 | |
267 | =over |
389 | =over |
268 | |
390 | |
269 | =item $tuple = ber_i32 $value |
391 | =item $tuple = ber_int $value |
270 | |
392 | |
271 | Constructs a new C<ASN_INTEGER32> tuple. |
393 | Constructs a new C<ASN_INTEGER> tuple. |
272 | |
394 | |
273 | =back |
395 | =back |
274 | |
396 | |
275 | =head2 RELATIONSHIP TO L<Convert::BER> and L<Convert::ASN1> |
397 | =head2 RELATIONSHIP TO L<Convert::BER> and L<Convert::ASN1> |
276 | |
398 | |
… | |
… | |
286 | use common::sense; |
408 | use common::sense; |
287 | |
409 | |
288 | use XSLoader (); |
410 | use XSLoader (); |
289 | use Exporter qw(import); |
411 | use Exporter qw(import); |
290 | |
412 | |
|
|
413 | use Carp (); |
|
|
414 | |
291 | our $VERSION; |
415 | our $VERSION; |
292 | |
416 | |
293 | BEGIN { |
417 | BEGIN { |
294 | $VERSION = 0.7; |
418 | $VERSION = 1.21; |
295 | XSLoader::load __PACKAGE__, $VERSION; |
419 | XSLoader::load __PACKAGE__, $VERSION; |
296 | } |
420 | } |
297 | |
421 | |
298 | our %EXPORT_TAGS = ( |
422 | our %EXPORT_TAGS = ( |
299 | const => [qw( |
423 | const_index => [qw( |
300 | BER_CLASS BER_TAG BER_CONSTRUCTED BER_DATA |
424 | BER_CLASS BER_TAG BER_FLAGS BER_DATA |
301 | |
425 | )], |
|
|
426 | const_asn_class => [qw( |
|
|
427 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
|
|
428 | )], |
|
|
429 | const_asn_tag => [qw( |
302 | ASN_BOOLEAN ASN_INTEGER32 ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OBJECT_IDENTIFIER |
430 | ASN_BOOLEAN ASN_INTEGER ASN_BIT_STRING ASN_OCTET_STRING ASN_NULL ASN_OID ASN_OBJECT_IDENTIFIER |
303 | ASN_OBJECT_DESCRIPTOR ASN_OID ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
431 | ASN_OBJECT_DESCRIPTOR ASN_EXTERNAL ASN_REAL ASN_SEQUENCE ASN_ENUMERATED |
304 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
432 | ASN_EMBEDDED_PDV ASN_UTF8_STRING ASN_RELATIVE_OID ASN_SET ASN_NUMERIC_STRING |
305 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
433 | ASN_PRINTABLE_STRING ASN_TELETEX_STRING ASN_T61_STRING ASN_VIDEOTEX_STRING ASN_IA5_STRING |
306 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
434 | ASN_ASCII_STRING ASN_UTC_TIME ASN_GENERALIZED_TIME ASN_GRAPHIC_STRING ASN_VISIBLE_STRING |
307 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
435 | ASN_ISO646_STRING ASN_GENERAL_STRING ASN_UNIVERSAL_STRING ASN_CHARACTER_STRING ASN_BMP_STRING |
308 | |
436 | )], |
309 | ASN_UNIVERSAL ASN_APPLICATION ASN_CONTEXT ASN_PRIVATE |
437 | const_ber_type => [qw( |
310 | |
|
|
311 | BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
438 | BER_TYPE_BYTES BER_TYPE_UTF8 BER_TYPE_UCS2 BER_TYPE_UCS4 BER_TYPE_INT |
312 | BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
439 | BER_TYPE_OID BER_TYPE_RELOID BER_TYPE_NULL BER_TYPE_BOOL BER_TYPE_REAL |
313 | BER_TYPE_IPADDRESS BER_TYPE_CROAK |
440 | BER_TYPE_IPADDRESS BER_TYPE_CROAK |
314 | )], |
441 | )], |
315 | const_snmp => [qw( |
442 | const_snmp => [qw( |
316 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_UNSIGNED32 SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
443 | SNMP_IPADDRESS SNMP_COUNTER32 SNMP_GAUGE32 SNMP_UNSIGNED32 |
|
|
444 | SNMP_TIMETICKS SNMP_OPAQUE SNMP_COUNTER64 |
|
|
445 | )], |
|
|
446 | decode => [qw( |
|
|
447 | ber_decode ber_decode_prefix |
|
|
448 | ber_is ber_is_seq ber_is_int ber_is_oid |
|
|
449 | ber_dump |
317 | )], |
450 | )], |
318 | encode => [qw( |
451 | encode => [qw( |
319 | ber_decode |
|
|
320 | ber_is ber_is_seq ber_is_i32 ber_is_oid |
|
|
321 | )], |
|
|
322 | decode => [qw( |
|
|
323 | ber_encode |
452 | ber_encode |
324 | ber_i32 |
453 | ber_int |
325 | )], |
454 | )], |
326 | ); |
455 | ); |
327 | |
456 | |
328 | our @EXPORT_OK = map @$_, values %EXPORT_TAGS; |
457 | our @EXPORT_OK = map @$_, values %EXPORT_TAGS; |
329 | |
458 | |
330 | $EXPORT_TAGS{all} = \@EXPORT_OK; |
459 | $EXPORT_TAGS{all} = \@EXPORT_OK; |
|
|
460 | $EXPORT_TAGS{const_asn} = [map @{ $EXPORT_TAGS{$_} }, qw(const_asn_class const_asn_tag)]; |
|
|
461 | $EXPORT_TAGS{const} = [map @{ $EXPORT_TAGS{$_} }, qw(const_index const_asn)]; |
|
|
462 | |
|
|
463 | our $DEFAULT_PROFILE = new Convert::BER::XS::Profile; |
|
|
464 | |
|
|
465 | $DEFAULT_PROFILE->_set_default; |
|
|
466 | |
|
|
467 | # additional SNMP application types |
|
|
468 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
|
|
469 | |
|
|
470 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
|
|
471 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
|
|
472 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
|
|
473 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
|
|
474 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
|
|
475 | |
|
|
476 | # decodes REAL values according to ECMA-63 |
|
|
477 | # this is pretty strict, except it doesn't catch -0. |
|
|
478 | # I don't have access to ISO 6093 (or BS 6727, or ANSI X.3-42)), so this is all guesswork. |
|
|
479 | sub _decode_real_decimal { |
|
|
480 | my ($format, $val) = @_; |
|
|
481 | |
|
|
482 | $val =~ y/,/./; # probably not in ISO-6093 |
|
|
483 | |
|
|
484 | if ($format == 1) { |
|
|
485 | $val =~ /^ \ * [+-]? [0-9]+ \z/x |
|
|
486 | or Carp::croak "BER_TYPE_REAL NR1 value not in NR1 format ($val) (X.690 8.5.8)"; |
|
|
487 | } elsif ($format == 2) { |
|
|
488 | $val =~ /^ \ * [+-]? (?: [0-9]+\.[0-9]* | [0-9]*\.[0-9]+ ) \z/x |
|
|
489 | or Carp::croak "BER_TYPE_REAL NR2 value not in NR2 format ($val) (X.690 8.5.8)"; |
|
|
490 | } elsif ($format == 3) { |
|
|
491 | $val =~ /^ \ * [+-] (?: [0-9]+\.[0-9]* | [0-9]*\.[0-9]+ ) [eE] [+-]? [0-9]+ \z/x |
|
|
492 | or Carp::croak "BER_TYPE_REAL NR3 value not in NR3 format ($val) (X.690 8.5.8)"; |
|
|
493 | } else { |
|
|
494 | Carp::croak "BER_TYPE_REAL invalid decimal numerical representation format $format"; |
|
|
495 | } |
|
|
496 | |
|
|
497 | $val |
|
|
498 | } |
|
|
499 | |
|
|
500 | # this is a mess, but perl's support for floating point formatting is nearly nonexistant |
|
|
501 | sub _encode_real_decimal { |
|
|
502 | my ($val, $nvdig) = @_; |
|
|
503 | |
|
|
504 | $val = sprintf "%.*G", $nvdig + 1, $val; |
|
|
505 | |
|
|
506 | if ($val =~ /E/) { |
|
|
507 | $val =~ s/E(?=[^+-])/E+/; |
|
|
508 | $val =~ s/E/.E/ if $val !~ /\./; |
|
|
509 | $val =~ s/^/+/ unless $val =~ /^-/; |
|
|
510 | |
|
|
511 | return "\x03$val" # NR3 |
|
|
512 | } |
|
|
513 | |
|
|
514 | $val =~ /\./ |
|
|
515 | ? "\x02$val" # NR2 |
|
|
516 | : "\x01$val" # NR1 |
|
|
517 | } |
|
|
518 | |
|
|
519 | =head2 DEBUGGING |
|
|
520 | |
|
|
521 | To aid debugging, you can call the C<ber_dump> function to print a "nice" |
|
|
522 | representation to STDOUT. |
|
|
523 | |
|
|
524 | =over |
|
|
525 | |
|
|
526 | =item ber_dump $tuple[, $profile[, $prefix]] |
|
|
527 | |
|
|
528 | In addition to specifying the BER C<$tuple> to dump, you can also specify |
|
|
529 | a C<$profile> and a C<$prefix> string that is printed in front of each line. |
|
|
530 | |
|
|
531 | If C<$profile> is C<$Convert::BER::XS::SNMP_PROFILE>, then C<ber_dump> |
|
|
532 | will try to improve its output for SNMP data. |
|
|
533 | |
|
|
534 | The output usually contains three columns, the "human readable" tag, the |
|
|
535 | BER type used to decode it, and the data value. |
|
|
536 | |
|
|
537 | This function is somewhat slow and uses a number of heuristics and tricks, |
|
|
538 | so it really is only suitable for debug prints. |
|
|
539 | |
|
|
540 | Example output: |
|
|
541 | |
|
|
542 | SEQUENCE |
|
|
543 | | OCTET_STRING bytes 800063784300454045045400000001 |
|
|
544 | | OCTET_STRING bytes |
|
|
545 | | CONTEXT (7) CONSTRUCTED |
|
|
546 | | | INTEGER int 1058588941 |
|
|
547 | | | INTEGER int 0 |
|
|
548 | | | INTEGER int 0 |
|
|
549 | | | SEQUENCE |
|
|
550 | | | | SEQUENCE |
|
|
551 | | | | | OID oid 1.3.6.1.2.1.1.3.0 |
|
|
552 | | | | | TIMETICKS int 638085796 |
|
|
553 | |
|
|
554 | =back |
|
|
555 | |
|
|
556 | =cut |
|
|
557 | |
|
|
558 | # reverse enum, very slow and ugly hack |
|
|
559 | sub _re { |
|
|
560 | my ($export_tag, $value) = @_; |
|
|
561 | |
|
|
562 | for my $symbol (@{ $EXPORT_TAGS{$export_tag} }) { |
|
|
563 | $value == eval $symbol |
|
|
564 | and return $symbol; |
|
|
565 | } |
|
|
566 | |
|
|
567 | "($value)" |
|
|
568 | } |
|
|
569 | |
|
|
570 | sub _ber_dump { |
|
|
571 | my ($ber, $profile, $indent) = @_; |
|
|
572 | |
|
|
573 | if (my $seq = ber_is_seq $ber) { |
|
|
574 | printf "%sSEQUENCE\n", $indent; |
|
|
575 | &_ber_dump ($_, $profile, "$indent| ") |
|
|
576 | for @$seq; |
|
|
577 | } else { |
|
|
578 | my $asn = $ber->[BER_CLASS] == ASN_UNIVERSAL; |
|
|
579 | |
|
|
580 | my $class = _re const_asn_class => $ber->[BER_CLASS]; |
|
|
581 | my $tag = $asn ? _re const_asn_tag => $ber->[BER_TAG] : $ber->[BER_TAG]; |
|
|
582 | my $type = _re const_ber_type => $profile->get ($ber->[BER_CLASS], $ber->[BER_TAG]); |
|
|
583 | my $data = $ber->[BER_DATA]; |
|
|
584 | |
|
|
585 | if ($profile == $SNMP_PROFILE and $ber->[BER_CLASS] == ASN_APPLICATION) { |
|
|
586 | $tag = _re const_snmp => $ber->[BER_TAG]; |
|
|
587 | } elsif (!$asn) { |
|
|
588 | $tag = "$class ($tag)"; |
|
|
589 | } |
|
|
590 | |
|
|
591 | $class =~ s/^ASN_//; |
|
|
592 | $tag =~ s/^(ASN_|SNMP_)//; |
|
|
593 | $type =~ s/^BER_TYPE_//; |
|
|
594 | |
|
|
595 | if ($ber->[BER_FLAGS]) { |
|
|
596 | printf "$indent%-16.16s\n", $tag; |
|
|
597 | &_ber_dump ($_, $profile, "$indent| ") |
|
|
598 | for @$data; |
|
|
599 | } else { |
|
|
600 | if ($data =~ y/\x20-\x7e//c / (length $data || 1) > 0.2 or $data =~ /\x00./s) { |
|
|
601 | # assume binary |
|
|
602 | $data = unpack "H*", $data; |
|
|
603 | } else { |
|
|
604 | $data =~ s/[^\x20-\x7e]/./g; |
|
|
605 | $data = "\"$data\"" if $tag =~ /string/i || !length $data; |
|
|
606 | } |
|
|
607 | |
|
|
608 | substr $data, 40, 1e9, "..." if 40 < length $data; |
|
|
609 | |
|
|
610 | printf "$indent%-16.16s %-6.6s %s\n", $tag, lc $type, $data; |
|
|
611 | } |
|
|
612 | } |
|
|
613 | } |
|
|
614 | |
|
|
615 | sub ber_dump($;$$) { |
|
|
616 | _ber_dump $_[0], $_[1] || $DEFAULT_PROFILE, $_[2]; |
|
|
617 | } |
331 | |
618 | |
332 | =head1 PROFILES |
619 | =head1 PROFILES |
333 | |
620 | |
334 | While any BER data can be correctly encoded and decoded out of the box, it |
621 | While any BER data can be correctly encoded and decoded out of the box, it |
335 | can be inconvenient to have to manually decode some values into a "better" |
622 | can be inconvenient to have to manually decode some values into a "better" |
… | |
… | |
361 | =item C<$Convert::BER::XS::SNMP_PROFILE> |
648 | =item C<$Convert::BER::XS::SNMP_PROFILE> |
362 | |
649 | |
363 | A profile with mappings for SNMP-specific application tags added. This is |
650 | A profile with mappings for SNMP-specific application tags added. This is |
364 | useful when de-/encoding SNMP data. |
651 | useful when de-/encoding SNMP data. |
365 | |
652 | |
|
|
653 | The L<Example Profile> section, below, shows how this profile is being |
|
|
654 | constructed. |
|
|
655 | |
366 | Example: |
656 | Example: |
367 | |
657 | |
368 | $ber = ber_decode $data, $Convert::BER::XS::SNMP_PROFILE; |
658 | $ber = ber_decode $data, $Convert::BER::XS::SNMP_PROFILE; |
369 | |
659 | |
370 | =back |
660 | =back |
… | |
… | |
396 | |
686 | |
397 | Returns the BER type mapped to the given C<$class>/C<$tag> combination. |
687 | Returns the BER type mapped to the given C<$class>/C<$tag> combination. |
398 | |
688 | |
399 | =back |
689 | =back |
400 | |
690 | |
401 | =head2 BER TYPES |
691 | =head2 BER Types |
402 | |
692 | |
403 | This lists the predefined BER types - you can map any C<CLASS>/C<TAG> |
693 | This lists the predefined BER types. BER types are formatters used |
404 | combination to any C<BER_TYPE_*>. |
694 | internally to format and encode BER values. You can assign any C<BER_TYPE> |
|
|
695 | to any C<CLASS>/C<TAG> combination tgo change how that tag is decoded or |
|
|
696 | encoded. |
405 | |
697 | |
406 | =over |
698 | =over |
407 | |
699 | |
408 | =item C<BER_TYPE_BYTES> |
700 | =item C<BER_TYPE_BYTES> |
409 | |
701 | |
… | |
… | |
438 | dot, e.g. C<1.3.6.1.213>. |
730 | dot, e.g. C<1.3.6.1.213>. |
439 | |
731 | |
440 | =item C<BER_TYPE_RELOID> |
732 | =item C<BER_TYPE_RELOID> |
441 | |
733 | |
442 | Same as C<BER_TYPE_OID> but uses relative object identifier |
734 | Same as C<BER_TYPE_OID> but uses relative object identifier |
443 | encoding: ASN.1 has this hack of encoding the first two OID components |
735 | encoding: ASN.1 uses some hack encoding of the first two OID components |
444 | into a single integer in a weird attempt to save an insignificant amount |
736 | into a single integer in a weird attempt to save an insignificant amount |
445 | of space in an otherwise wasteful encoding, and relative OIDs are |
737 | of space in an otherwise wasteful encoding, and relative OIDs are |
446 | basically OIDs without this hack. The practical difference is that the |
738 | basically OIDs without this hack. The practical difference is that the |
447 | second component of an OID can only have the values 1..40, while relative |
739 | second component of an OID can only have the values 1..40, while relative |
448 | OIDs do not have this restriction. |
740 | OIDs do not have this restriction. |
… | |
… | |
475 | C<BER_TYPE_BYTES>. When you don't want that but instead prefer a hard |
767 | C<BER_TYPE_BYTES>. When you don't want that but instead prefer a hard |
476 | error for some types, then C<BER_TYPE_CROAK> is for you. |
768 | error for some types, then C<BER_TYPE_CROAK> is for you. |
477 | |
769 | |
478 | =back |
770 | =back |
479 | |
771 | |
480 | =cut |
772 | =head2 Example Profile |
481 | |
773 | |
482 | our $DEFAULT_PROFILE = new Convert::BER::XS::Profile; |
774 | The following creates a profile suitable for SNMP - it's exactly identical |
|
|
775 | to the C<$Convert::BER::XS::SNMP_PROFILE> profile. |
|
|
776 | |
483 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
777 | our $SNMP_PROFILE = new Convert::BER::XS::Profile; |
484 | |
778 | |
485 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
779 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_IPADDRESS , BER_TYPE_IPADDRESS); |
486 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
780 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER32 , BER_TYPE_INT); |
487 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
781 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_UNSIGNED32, BER_TYPE_INT); |
488 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
782 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_TIMETICKS , BER_TYPE_INT); |
489 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_IPADDRESS); |
783 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_OPAQUE , BER_TYPE_BYTES); |
490 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
784 | $SNMP_PROFILE->set (ASN_APPLICATION, SNMP_COUNTER64 , BER_TYPE_INT); |
491 | |
785 | |
492 | $DEFAULT_PROFILE->_set_default; |
|
|
493 | |
|
|
494 | 1; |
|
|
495 | |
|
|
496 | =head2 LIMITATIONS |
786 | =head2 LIMITATIONS/NOTES |
497 | |
787 | |
498 | This module can only en-/decode 64 bit signed and unsigned integers, and |
788 | This module can only en-/decode 64 bit signed and unsigned |
499 | only when your perl supports those. |
789 | integers/tags/lengths, and only when your perl supports those. So no UUID |
|
|
790 | OIDs for now (unless you map the C<OBJECT IDENTIFIER> tag to something |
|
|
791 | other than C<BER_TYPE_OID>). |
|
|
792 | |
|
|
793 | This module does not generally care about ranges, i.e. it will happily |
|
|
794 | de-/encode 64 bit integers into an C<SNMP_UNSIGNED32> value, or a negative |
|
|
795 | number into an C<SNMP_COUNTER64>. |
500 | |
796 | |
501 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
797 | OBJECT IDENTIFIEERs cannot have unlimited length, although the limit is |
502 | much larger than e.g. the one imposed by SNMP or other protocols. |
798 | much larger than e.g. the one imposed by SNMP or other protocols, and is |
|
|
799 | about 4kB. |
503 | |
800 | |
504 | REAL values are not supported and will croak. |
801 | Constructed strings are decoded just fine, but there should be a way to |
|
|
802 | join them for convenience. |
505 | |
803 | |
506 | This module has undergone little to no testing so far. |
804 | REAL values will always be encoded in decimal form and ssometimes is |
|
|
805 | forced into a perl "NV" type, potentially losing precision. |
507 | |
806 | |
508 | =head2 ITHREADS SUPPORT |
807 | =head2 ITHREADS SUPPORT |
509 | |
808 | |
510 | This module is unlikely to work when the (officially discouraged) ithreads |
809 | This module is unlikely to work in any other than the loading thread when |
511 | are in use. |
810 | the (officially discouraged) ithreads are in use. |
512 | |
811 | |
513 | =head1 AUTHOR |
812 | =head1 AUTHOR |
514 | |
813 | |
515 | Marc Lehmann <schmorp@schmorp.de> |
814 | Marc Lehmann <schmorp@schmorp.de> |
516 | http://software.schmorp.de/pkg/Convert-BER-XS |
815 | http://software.schmorp.de/pkg/Convert-BER-XS |
517 | |
816 | |
518 | =cut |
817 | =cut |
519 | |
818 | |
|
|
819 | 1; |
|
|
820 | |