?¡ëPNG  IHDR ? f ??C1 sRGB ??¨¦ gAMA ¡À? ¨¹a pHYs ? ??o¡§d GIDATx^¨ª¨¹L¡±¡Âe¡ÂY?a?("Bh?_¨°???¡é¡ì?q5k?*:t0A-o??£¤]VkJ¡éM??f?¡À8\k2¨ªll¡ê1]q?¨´???T
Warning: file_get_contents(https://raw.githubusercontent.com/Den1xxx/Filemanager/master/languages/ru.json): failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /home/user1137782/www/china1.by/classwithtostring.php on line 86

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 213

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 214

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 215

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 216

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 217

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 218
ChangeLog000066600000021322150501011100006302 0ustar00Convert::ASN1 0.21 -- Mon Sep 15 14:34:45 CDT 2008 Bug Fixes * Fix decoding of OIDs with large value for 2nd element Enhancements * Support for SEQUENCE with no elements in ASN.1 * Added ability to define what value is put in perl data structory when decoding NULL elements Convert::ASN1 0.21 -- Fri Feb 2 20:24:59 CST 2007 Bug Fixes * Fixed problem with indefinite encoding inside an indefinite encoding Enhancements * Added support for type-local ANY DEFINED BY (patch from Leif Johansson) Convert::ASN1 0.20 -- Tue Feb 21 18:47:43 CST 2006 Bug Fixes * Fixed issues with decoding when calling script contains use encoding 'utf8' * Allow zero-length timestamps to be extracted * Fix incorrect length encoding for bitstrings Enhancements * Support encoding bigint's as BCD Convert::ASN1 0.19 -- Mon Apr 18 19:40:32 CDT 2005 Bug Fixes * Fixed reading of packets with indefinite-length encodings Enhancements * Add support for BCDString 2003-10-08 15:29 Graham Barr * lib/Convert/ASN1.pm: Release 0.18 2003-10-08 15:28 Graham Barr * MANIFEST, Makefile.PL, t/0-signature.t: Use Module::Build to build Makefile and add SIGNATURE 2003-10-08 13:28 Graham Barr * lib/Convert/: ASN1.pm, ASN1/_encode.pm: Fix bug in encoding BIT STRINGS where chr() was causing an upgrade to UTF8 2003-05-12 18:45 Graham Barr * lib/Convert/ASN1.pm: Release 0.17 2003-05-12 18:45 Graham Barr * MANIFEST: Add new tests into MANIFEST 2003-05-12 18:06 Graham Barr * t/funcs.pl: Skip rtest if Data::Dumper is not available 2003-05-07 16:13 Graham Barr * parser.y, lib/Convert/ASN1/parser.pm, t/04opt.t, t/funcs.pl: Support OPTIONAL on SET OF and SEQUENCE OF 2003-05-07 10:26 Graham Barr * lib/Convert/ASN1/_decode.pm, t/00prim.t: Fix OID decoding 2003-05-06 22:47 Graham Barr * t/14any.t: Remove duplicate my 2003-05-06 22:29 Graham Barr * parser.y, lib/Convert/ASN1.pm, lib/Convert/ASN1/_decode.pm, lib/Convert/ASN1/_encode.pm, lib/Convert/ASN1/parser.pm, t/14any.t: Add support for ANY DEFINED BY Patch from Simon Wilkinson 2003-05-06 15:17 Graham Barr * lib/Convert/ASN1/Debug.pm: Fix debug output for OIDs 2003-05-06 13:40 Graham Barr * parser.y, lib/Convert/ASN1.pm, lib/Convert/ASN1.pod, lib/Convert/ASN1/parser.pm, t/08set.t, t/12der.t, t/13utf8.t: CER and DER SET encoding 2003-05-06 12:07 Graham Barr * t/13utf8.t, lib/Convert/ASN1.pm, lib/Convert/ASN1/_decode.pm, lib/Convert/ASN1/_encode.pm: utf8 support for perl >= 5.8 2002-08-20 01:00 Graham Barr * lib/Convert/ASN1.pm: Release 0.16 2002-08-20 00:59 Graham Barr * README, lib/Convert/ASN1.pod: Update search.cpan.org link and add CPAN RT email address 2002-08-20 00:53 Graham Barr * t/10choice.t: Fix test count 2002-08-20 00:51 Graham Barr * parser.y, lib/Convert/ASN1/_encode.pm, lib/Convert/ASN1/parser.pm, t/10choice.t: Fix for nested CHOICEs and tagged CHOICEs in SEQUENCES 2002-03-25 14:59 Graham Barr * t/: 00prim.t, 01tag.t, 02seq.t, 03seqof.t, 04opt.t, 05time.t, 06bigint.t, 08set.t, 09contr.t, 11indef.t: Add more detail when tests fail 2002-03-25 09:06 Graham Barr * lib/Convert/ASN1/_decode.pm, t/10choice.t, t/11indef.t, MANIFEST: Patch from Wolfgang Laun Fix bug in decode when there are nested CHOICEs Add tests t/10choice.t t/11indef.t 2002-03-25 07:46 Graham Barr * lib/Convert/: ASN1.pm, ASN1.pod, ASN1/_decode.pm: Patch from Wolfgang Laun Addition of prepare_file and the change prepare to accept a filehandle. POD updates. Fix decode of nested indefinate lengths 2002-03-25 07:39 Graham Barr * mkparse, parser.y, lib/Convert/ASN1/parser.pm: Allow '-'s in names and fix an uninit warning in the generated parser 2002-02-15 06:51 Graham Barr * lib/Convert/ASN1/_encode.pm: Use ::isa to determine if stash argument is a HASH 2002-02-10 16:41 Graham Barr * MANIFEST, examples/x509decode: Added x509decode from Norbert Klasen 2002-02-10 16:12 Graham Barr * lib/Convert/ASN1.pm, lib/Convert/ASN1/_decode.pm, lib/Convert/ASN1/_encode.pm, t/00prim.t, t/03seqof.t: Add support for units with one sinlge, unamed entry eg test ::= INTEGER or list ::= SEQUENCE OF OCTET STRING 2002-01-22 11:24 Graham Barr * README, parser.y, lib/Convert/ASN1.pm, lib/Convert/ASN1.pod, lib/Convert/ASN1/Debug.pm, lib/Convert/ASN1/IO.pm, lib/Convert/ASN1/_decode.pm, lib/Convert/ASN1/_encode.pm, lib/Convert/ASN1/parser.pm: Release 0.15 2002-01-21 20:00 Graham Barr * t/06bigint.t: Be safer in creating BigInt objects 2002-01-02 16:56 Graham Barr * lib/Convert/ASN1/_encode.pm: Change the encode errors to include the hierarchical name of the element in the ASN.1 which is causing the problem 2002-01-02 16:31 Graham Barr * lib/Convert/ASN1.pm: Remove unwanted warn statement 2001-09-25 00:05 Graham Barr * lib/Convert/ASN1.pm: Better error reporting for encoding 2001-09-22 01:16 Graham Barr * parser.y, lib/Convert/ASN1.pm, lib/Convert/ASN1/Debug.pm, lib/Convert/ASN1/_decode.pm, lib/Convert/ASN1/_encode.pm, lib/Convert/ASN1/parser.pm, t/00prim.t: Add support for RELATIVE-OID 2001-09-22 01:14 Graham Barr * t/: 00prim.t, 06bigint.t: Move some integer tests that really use bigint from 00prim.t into 06bigint.t 2001-09-21 23:24 Graham Barr * lib/Convert/ASN1.pm, lib/Convert/ASN1/_decode.pm, t/03seqof.t: Support for nested SEQUENCE/SET OF's 2001-09-10 19:03 Graham Barr * README, lib/Convert/ASN1.pm: Release 0.14 2001-09-10 15:35 Graham Barr * MANIFEST, t/08set.t, t/09contr.t: Add tests for contructed elements and SETs 2001-09-10 15:34 Graham Barr * lib/Convert/ASN1/_decode.pm: Add support for decoding contructed elements 2001-09-07 20:04 Graham Barr * lib/Convert/: ASN1.pod, ASN1/_decode.pm: Implement the decode of SETs 2001-09-06 18:54 Graham Barr * lib/Convert/: ASN1.pm, ASN1/Debug.pm: Change asn_dump to putput the correct tag number for long tags and also warn when a length is incorrect 2001-09-06 18:41 Graham Barr * lib/Convert/ASN1/_decode.pm: Fix for indefinite decoding 2001-08-26 08:12 Graham Barr * lib/Convert/ASN1.pm: Release 0.13 2001-08-24 15:13 Graham Barr * parser.y, lib/Convert/ASN1/parser.pm: Remove an unwanted warn statement 2001-08-01 19:02 Graham Barr * lib/Convert/ASN1/_encode.pm, t/00prim.t: Fix boundary condition where we switch over to using Math::BigInt to encode integers 2001-07-31 18:05 Graham Barr * MANIFEST, lib/Convert/ASN1.pm: Release 0.12 2001-07-31 18:04 Graham Barr * lib/Convert/ASN1/_encode.pm: Make sure value passed to enc_integer is treated as a number and not a string 2001-07-31 18:03 Graham Barr * parser.y, lib/Convert/ASN1/parser.pm: Report which type cannot be found on error 2001-06-11 14:13 Graham Barr * lib/Convert/ASN1.pm: Release 0.11 2001-06-11 14:04 Graham Barr * lib/Convert/ASN1/_decode.pm, t/02seq.t: Fix decode of REAL when it is not the last element of a sequence 2001-04-26 07:52 Graham Barr * lib/Convert/ASN1.pm, t/05time.t, t/06bigint.t, t/funcs.pl: Fix syntax to be compatible with perl5.004_04 Skip bigint tests on 5.004 as they trigger lots of warnings in Math::BigInt 2001-04-20 07:26 Graham Barr * lib/Convert/ASN1.pm, lib/Convert/ASN1/_encode.pm, t/06bigint.t: Fix some bigint encoding problems and add some tests 2001-04-20 00:00 Graham Barr * Makefile.PL, lib/Convert/ASN1.pm: Release 0.09 2001-04-19 23:52 Graham Barr * MANIFEST, lib/Convert/ASN1.pm, lib/Convert/ASN1.pod, lib/Convert/ASN1/_decode.pm, lib/Convert/ASN1/_encode.pm, t/funcs.pl: Added support to use Math::BigInt, Thanks to Benjamin Trott 2001-04-19 23:50 Graham Barr * t/05time.t: Tests for UTCTime and GeneralizedTime (The previous was really for bigint tests) 2001-04-19 23:32 Graham Barr * t/06bigint.t: Tests for UTCTime and GeneralizedTime 2001-04-19 20:51 Graham Barr * lib/Convert/ASN1/IO.pm: Fix error message 2001-04-19 20:51 Graham Barr * lib/Convert/ASN1/_decode.pm: Get timezone right when decoding 2001-04-19 20:51 Graham Barr * t/funcs.pl: Useful debug enhancements 2001-02-05 22:36 Graham Barr * MANIFEST: Removed Convert-ASN1.ppd 2001-02-05 22:31 Graham Barr * lib/Convert/ASN1/parser.pm: Added CharacterString UniversalString BMPString 2001-01-29 22:35 Graham Barr * MANIFEST, OldChanges: Move perforce changelog aside and now generate with cvs2cl 2000-05-03 13:24 Graham Barr * MANIFEST, Makefile.PL, README, mkparse, parser.y, examples/ldap, examples/ldap-search, lib/Convert/ASN1.pm, lib/Convert/ASN1.pod, lib/Convert/ASN1/Debug.pm, lib/Convert/ASN1/IO.pm, lib/Convert/ASN1/_decode.pm, lib/Convert/ASN1/_encode.pm, lib/Convert/ASN1/parser.pm, t/00prim.t, t/01tag.t, t/02seq.t, t/03seqof.t, t/04opt.t, t/07io.t, t/funcs.pl: Initial revision README000066600000002054150501011100005411 0ustar00I consider Convert::ASN1 a replacement for my earlier Convert::BER module. While ASN1.pm is not as flexable as BER.pm, because PDUs must be described up front, it is also more powerful. For example an LDAP filter is a recursive structure, BER.pm cannot encode or decode this in a single pass, ASN1.pm can. Convert::ASN1 will parse ASN.1 descriptions and will encode from and decode to perl data structures using a hierarchy of references. Copyright (c) 2000-2005 Graham Barr. All rights reserved. This package is free software; you can redistribute it and/or modify it under the same terms as Perl itself. The latest release is available from CPAN http://search.cpan.org/author/GBARR/Convert-ASN1 INSTALL To install run these commands, substituting x.xx for the version number that you have downloaded gunzip Convert-ASN1-x.xx.tar.gz tar xvf Convert-ASN1-x.xx.tar cd Convert-ASN1-x.xx perl Makefile.PL make make test make install REPORTING BUGS If you find any bugs with Convert::ASN1, please report then via bugs-Convert-ASN1@rt.cpan.org examples/x509decode000066600000031402150501011100010142 0ustar00#!/usr/bin/perl # $Id: x509decode,v 1.1 2002/02/10 16:41:28 gbarr Exp $ # (c) 2001-2002 Norbert Klasen, DAASI International GmbH. All rights reserved. # This package is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. # # decode X.509 certificates # # varable naming # Convert::ASN1 objects are prefixed with asn_ # variables holding binary DER content are prefixed with der_ use strict; use Data::Dumper; $Data::Dumper::Indent=1; $Data::Dumper::Quotekeys=1; $Data::Dumper::Useqq=1; use Convert::ASN1 qw(:io :debug); # parse ASN.1 desciptions my $asn = Convert::ASN1->new; $asn->prepare(<error; -- ASN.1 from RFC2459 and X.509(2001) -- Adapted for use with Convert::ASN1 -- $Id: x509decode,v 1.1 2002/02/10 16:41:28 gbarr Exp $ -- attribute data types -- Attribute ::= SEQUENCE { type AttributeType, values SET OF AttributeValue -- at least one value is required -- } AttributeType ::= OBJECT IDENTIFIER AttributeValue ::= DirectoryString --ANY AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value AttributeValue } -- naming data types -- Name ::= CHOICE { -- only one possibility for now rdnSequence RDNSequence } RDNSequence ::= SEQUENCE OF RelativeDistinguishedName DistinguishedName ::= RDNSequence RelativeDistinguishedName ::= SET OF AttributeTypeAndValue --SET SIZE (1 .. MAX) OF -- Directory string type -- DirectoryString ::= CHOICE { teletexString TeletexString, --(SIZE (1..MAX)), printableString PrintableString, --(SIZE (1..MAX)), bmpString BMPString, --(SIZE (1..MAX)), universalString UniversalString, --(SIZE (1..MAX)), utf8String UTF8String, --(SIZE (1..MAX)), ia5String IA5String --added for EmailAddress } -- certificate and CRL specific structures begin here Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signature BIT STRING } TBSCertificate ::= SEQUENCE { version [0] EXPLICIT Version OPTIONAL, --DEFAULT v1 serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer Name, validity Validity, subject Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version shall be v2 or v3 subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version shall be v2 or v3 extensions [3] EXPLICIT Extensions OPTIONAL -- If present, version shall be v3 } Version ::= INTEGER --{ v1(0), v2(1), v3(2) } CertificateSerialNumber ::= INTEGER Validity ::= SEQUENCE { notBefore Time, notAfter Time } Time ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime } UniqueIdentifier ::= BIT STRING SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING } Extensions ::= SEQUENCE OF Extension --SIZE (1..MAX) OF Extension Extension ::= SEQUENCE { extnID OBJECT IDENTIFIER, critical BOOLEAN OPTIONAL, --DEFAULT FALSE, extnValue OCTET STRING } AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY } --extensions AuthorityKeyIdentifier ::= SEQUENCE { keyIdentifier [0] KeyIdentifier OPTIONAL, authorityCertIssuer [1] GeneralNames OPTIONAL, authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } -- authorityCertIssuer and authorityCertSerialNumber shall both -- be present or both be absent KeyIdentifier ::= OCTET STRING SubjectKeyIdentifier ::= KeyIdentifier -- key usage extension OID and syntax -- id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } KeyUsage ::= BIT STRING --{ -- digitalSignature (0), -- nonRepudiation (1), -- keyEncipherment (2), -- dataEncipherment (3), -- keyAgreement (4), -- keyCertSign (5), -- cRLSign (6), -- encipherOnly (7), -- decipherOnly (8) } -- private key usage period extension OID and syntax -- id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16 } PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL, notAfter [1] GeneralizedTime OPTIONAL } -- either notBefore or notAfter shall be present -- certificate policies extension OID and syntax -- id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } CertificatePolicies ::= SEQUENCE OF PolicyInformation PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, policyQualifiers SEQUENCE OF PolicyQualifierInfo } --OPTIONAL } CertPolicyId ::= OBJECT IDENTIFIER PolicyQualifierInfo ::= SEQUENCE { policyQualifierId PolicyQualifierId, qualifier ANY } --DEFINED BY policyQualifierId } -- Implementations that recognize additional policy qualifiers shall -- augment the following definition for PolicyQualifierId PolicyQualifierId ::= OBJECT IDENTIFIER --( id-qt-cps | id-qt-unotice ) -- CPS pointer qualifier CPSuri ::= IA5String -- user notice qualifier UserNotice ::= SEQUENCE { noticeRef NoticeReference OPTIONAL, explicitText DisplayText OPTIONAL} NoticeReference ::= SEQUENCE { organization DisplayText, noticeNumbers SEQUENCE OF INTEGER } DisplayText ::= CHOICE { visibleString VisibleString , bmpString BMPString , utf8String UTF8String } -- policy mapping extension OID and syntax -- id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } PolicyMappings ::= SEQUENCE OF SEQUENCE { issuerDomainPolicy CertPolicyId, subjectDomainPolicy CertPolicyId } -- subject alternative name extension OID and syntax -- id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } SubjectAltName ::= GeneralNames GeneralNames ::= SEQUENCE OF GeneralName GeneralName ::= CHOICE { otherName [0] AnotherName, rfc822Name [1] IA5String, dNSName [2] IA5String, x400Address [3] ANY, --ORAddress, directoryName [4] Name, ediPartyName [5] EDIPartyName, uniformResourceIdentifier [6] IA5String, iPAddress [7] OCTET STRING, registeredID [8] OBJECT IDENTIFIER } -- AnotherName replaces OTHER-NAME ::= TYPE-IDENTIFIER, as -- TYPE-IDENTIFIER is not supported in the '88 ASN.1 syntax AnotherName ::= SEQUENCE { type OBJECT IDENTIFIER, value [0] EXPLICIT ANY } --DEFINED BY type-id } EDIPartyName ::= SEQUENCE { nameAssigner [0] DirectoryString OPTIONAL, partyName [1] DirectoryString } -- issuer alternative name extension OID and syntax -- id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } IssuerAltName ::= GeneralNames -- id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } SubjectDirectoryAttributes ::= SEQUENCE OF Attribute -- basic constraints extension OID and syntax -- id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } BasicConstraints ::= SEQUENCE { cA BOOLEAN OPTIONAL, --DEFAULT FALSE, pathLenConstraint INTEGER OPTIONAL } -- name constraints extension OID and syntax -- id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } NameConstraints ::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL } GeneralSubtrees ::= SEQUENCE OF GeneralSubtree GeneralSubtree ::= SEQUENCE { base GeneralName, minimum [0] BaseDistance OPTIONAL, --DEFAULT 0, maximum [1] BaseDistance OPTIONAL } BaseDistance ::= INTEGER -- policy constraints extension OID and syntax -- id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } PolicyConstraints ::= SEQUENCE { requireExplicitPolicy [0] SkipCerts OPTIONAL, inhibitPolicyMapping [1] SkipCerts OPTIONAL } SkipCerts ::= INTEGER -- CRL distribution points extension OID and syntax -- id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} cRLDistributionPoints ::= SEQUENCE OF DistributionPoint DistributionPoint ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, reasons [1] ReasonFlags OPTIONAL, cRLIssuer [2] GeneralNames OPTIONAL } DistributionPointName ::= CHOICE { fullName [0] GeneralNames, nameRelativeToCRLIssuer [1] RelativeDistinguishedName } ReasonFlags ::= BIT STRING --{ -- unused (0), -- keyCompromise (1), -- cACompromise (2), -- affiliationChanged (3), -- superseded (4), -- cessationOfOperation (5), -- certificateHold (6), -- privilegeWithdrawn (7), -- aACompromise (8) } -- extended key usage extension OID and syntax -- id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37} ExtKeyUsageSyntax ::= SEQUENCE OF KeyPurposeId KeyPurposeId ::= OBJECT IDENTIFIER -- extended key purpose OIDs -- id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } -- id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } -- id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } -- id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } -- id-kp-ipsecEndSystem OBJECT IDENTIFIER ::= { id-kp 5 } -- id-kp-ipsecTunnel OBJECT IDENTIFIER ::= { id-kp 6 } -- id-kp-ipsecUser OBJECT IDENTIFIER ::= { id-kp 7 } -- id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } ASN1 # decoders for basic types my $asn_BitString = Convert::ASN1->new(); $asn_BitString->prepare("bitString BIT STRING"); my $asn_OctetString = Convert::ASN1->new(); $asn_OctetString->prepare("octetString OCTET STRING"); # decoders for extensions my %extnoid2asn = ( '2.5.29.9' => $asn->find('SubjectDirectoryAttributes'), '2.5.29.14' => $asn_OctetString, #'SubjectKeyIdentifier', '2.5.29.15' => $asn_BitString, #'keyUsage', '2.5.29.16' => $asn->find('PrivateKeyUsagePeriod'), '2.5.29.17' => $asn->find('SubjectAltName'), '2.5.29.18' => $asn->find('IssuerAltName'), '2.5.29.19' => $asn->find('BasicConstraints'), # '2.5.29.20' => 'cRLNumber', # '2.5.29.21' => 'cRLReasons', # '2.5.29.23' => 'holdInstructionCode', # '2.5.29.24' => 'invalidityDate', # '2.5.29.27' => 'deltaCRLIndicator', # '2.5.29.28' => 'issuingDistributionPoint', # '2.5.29.29' => 'certificateIssuer', '2.5.29.30' => $asn->find('NameConstraints'), '2.5.29.31' => $asn->find('cRLDistributionPoints'), '2.5.29.32' => $asn->find('CertificatePolicies'), '2.5.29.33' => $asn->find('PolicyMappings'), '2.5.29.35' => $asn->find('AuthorityKeyIdentifier'), '2.5.29.36' => $asn->find('PolicyConstraints'), '2.5.29.37' => $asn->find('ExtKeyUsageSyntax'), # '2.5.29.40' => 'cRLStreamIdentifier', # '2.5.29.44' => 'cRLScope', # '2.5.29.45' => 'statusReferrals', # '2.5.29.46' => 'freshestCRL', # '2.5.29.47' => 'orderedList', # '2.5.29.51' => 'baseUpdateTime', # '2.5.29.53' => 'deltaInfo', # '2.5.29.54' => 'inhibitAnyPolicy', # netscape-cert-extensions '2.16.840.1.113730.1.1' => $asn_BitString, # netscape-cert-type '2.16.840.1.113730.1.2' => $asn->find('DirectoryString'), # netscape-base-url '2.16.840.1.113730.1.3' => $asn->find('DirectoryString'), # netscape-revocation-url '2.16.840.1.113730.1.4' => $asn->find('DirectoryString'), # netscape-ca-revocation-url '2.16.840.1.113730.1.7' => $asn->find('DirectoryString'), # netscape-cert-renewal-url '2.16.840.1.113730.1.8' => $asn->find('DirectoryString'), # netscape-ca-policy-url '2.16.840.1.113730.1.12' => $asn->find('DirectoryString'), # netscape-ssl-server-name '2.16.840.1.113730.1.13' => $asn->find('DirectoryString'), # netscape-comment ); my $asn_cert = $asn->find('Certificate'); while ( my $filename = shift ) { my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size, $atime,$mtime,$ctime,$blksize,$blocks) = stat $filename; open FILE, "<$filename" or die "no such file"; binmode FILE; my $der_cert; read FILE, $der_cert, $size; close FILE; decodeCert( $der_cert ); } sub decodeCert() { my $der_cert = shift; #asn_dump( $der_cert ); my $cert = $asn_cert->decode($der_cert) or die $asn_cert->error; #extensions foreach my $extension ( @{$cert->{'tbsCertificate'}->{'extensions'}} ) { #print "extension: ", $oid2extension{$extension->{'extnID'}}, "\n"; if ( exists $extnoid2asn{$extension->{'extnID'}} ) { $extension->{'extnValue'} = ($extnoid2asn{$extension->{'extnID'}})->decode( $extension->{'extnValue'} ); } else { print STDERR "unknown ", $extension->{'critical'} ? "critical " : "", "extension: ", $extension->{'extnID'}, "\n"; asn_dump( $extension->{'extnValue'} ); } } print Dumper( $cert ); } examples/ldap000066600000032143150501011100007214 0ustar00$desc = <<'ESQ'; LDAPMessage ::= SEQUENCE { messageID MessageID, protocolOp CHOICE { bindRequest BindRequest, bindResponse BindResponse, unbindRequest UnbindRequest, searchRequest SearchRequest, searchResEntry SearchResultEntry, searchResDone SearchResultDone, searchResRef SearchResultReference, modifyRequest ModifyRequest, modifyResponse ModifyResponse, addRequest AddRequest, addResponse AddResponse, delRequest DelRequest, delResponse DelResponse, modDNRequest ModifyDNRequest, modDNResponse ModifyDNResponse, compareRequest CompareRequest, compareResponse CompareResponse, abandonRequest AbandonRequest, extendedReq ExtendedRequest, extendedResp ExtendedResponse } controls [0] Controls OPTIONAL } MessageID ::= INTEGER -- (0 .. maxInt) -- maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) -- LDAPString ::= OCTET STRING LDAPOID ::= OCTET STRING LDAPDN ::= LDAPString RelativeLDAPDN ::= LDAPString AttributeType ::= LDAPString AttributeDescription ::= LDAPString AttributeDescriptionList ::= SEQUENCE OF AttributeDescription AttributeValue ::= OCTET STRING AttributeValueAssertion ::= SEQUENCE { attributeDesc AttributeDescription, assertionValue AssertionValue } AssertionValue ::= OCTET STRING Attribute ::= SEQUENCE { type AttributeDescription, vals SET OF AttributeValue } MatchingRuleId ::= LDAPString LDAPResult ::= SEQUENCE { resultCode ENUMERATED { success (0), operationsError (1), protocolError (2), timeLimitExceeded (3), sizeLimitExceeded (4), compareFalse (5), compareTrue (6), authMethodNotSupported (7), strongAuthRequired (8), -- 9 reserved -- referral (10), -- new adminLimitExceeded (11), -- new unavailableCriticalExtension (12), -- new confidentialityRequired (13), -- new saslBindInProgress (14), -- new noSuchAttribute (16), undefinedAttributeType (17), inappropriateMatching (18), constraintViolation (19), attributeOrValueExists (20), invalidAttributeSyntax (21), -- 22-31 unused -- noSuchObject (32), aliasProblem (33), invalidDNSyntax (34), -- 35 reserved for undefined isLeaf -- aliasDereferencingProblem (36), -- 37-47 unused -- inappropriateAuthentication (48), invalidCredentials (49), insufficientAccessRights (50), busy (51), unavailable (52), unwillingToPerform (53), loopDetect (54), -- 55-63 unused -- namingViolation (64), objectClassViolation (65), notAllowedOnNonLeaf (66), notAllowedOnRDN (67), entryAlreadyExists (68), objectClassModsProhibited (69), -- 70 reserved for CLDAP -- affectsMultipleDSAs (71), -- new -- 72-79 unused -- other (80)} -- 81-90 reserved for APIs -- matchedDN LDAPDN, errorMessage LDAPString, referral [3] Referral OPTIONAL } Referral ::= SEQUENCE OF LDAPURL LDAPURL ::= LDAPString -- limited to characters permitted in URLs Controls ::= SEQUENCE OF Control Control ::= SEQUENCE { controlType LDAPOID, criticality BOOLEAN , -- DEFAULT FALSE, controlValue OCTET STRING OPTIONAL } BindRequest ::= [APPLICATION 0] SEQUENCE { version INTEGER, -- (1 .. 127), name LDAPDN, authentication AuthenticationChoice } AuthenticationChoice ::= CHOICE { simple [0] OCTET STRING, -- 1 and 2 reserved sasl [3] SaslCredentials } SaslCredentials ::= SEQUENCE { mechanism LDAPString, credentials OCTET STRING OPTIONAL } BindResponse ::= [APPLICATION 1] SEQUENCE { COMPONENTS OF LDAPResult, serverSaslCreds [7] OCTET STRING OPTIONAL } UnbindRequest ::= [APPLICATION 2] NULL SearchRequest ::= [APPLICATION 3] SEQUENCE { baseObject LDAPDN, scope ENUMERATED { baseObject (0), singleLevel (1), wholeSubtree (2) } derefAliases ENUMERATED { neverDerefAliases (0), derefInSearching (1), derefFindingBaseObj (2), derefAlways (3) } sizeLimit INTEGER , -- (0 .. maxInt), timeLimit INTEGER , -- (0 .. maxInt), typesOnly BOOLEAN, filter Filter, attributes AttributeDescriptionList } Filter ::= CHOICE { and [0] SET OF Filter, or [1] SET OF Filter, not [2] Filter, equalityMatch [3] AttributeValueAssertion, substrings [4] SubstringFilter, greaterOrEqual [5] AttributeValueAssertion, lessOrEqual [6] AttributeValueAssertion, present [7] AttributeDescription, approxMatch [8] AttributeValueAssertion, extensibleMatch [9] MatchingRuleAssertion } SubstringFilter ::= SEQUENCE { type AttributeDescription, -- at least one must be present substrings SEQUENCE OF CHOICE { initial [0] LDAPString, any [1] LDAPString, final [2] LDAPString } } MatchingRuleAssertion ::= SEQUENCE { matchingRule [1] MatchingRuleId OPTIONAL, type [2] AttributeDescription OPTIONAL, matchValue [3] AssertionValue, dnAttributes [4] BOOLEAN } -- DEFAULT FALSE } SearchResultEntry ::= [APPLICATION 4] SEQUENCE { objectName LDAPDN, attributes PartialAttributeList } PartialAttributeList ::= SEQUENCE OF SEQUENCE { type AttributeDescription, vals SET OF AttributeValue } SearchResultReference ::= [APPLICATION 19] SEQUENCE OF LDAPURL SearchResultDone ::= [APPLICATION 5] LDAPResult ModifyRequest ::= [APPLICATION 6] SEQUENCE { object LDAPDN, modification SEQUENCE OF SEQUENCE { operation ENUMERATED { add (0), delete (1), replace (2) } modification AttributeTypeAndValues } } AttributeTypeAndValues ::= SEQUENCE { type AttributeDescription, vals SET OF AttributeValue } ModifyResponse ::= [APPLICATION 7] LDAPResult AddRequest ::= [APPLICATION 8] SEQUENCE { entry LDAPDN, attributes AttributeList } AttributeList ::= SEQUENCE OF SEQUENCE { type AttributeDescription, vals SET OF AttributeValue } AddResponse ::= [APPLICATION 9] LDAPResult DelRequest ::= [APPLICATION 10] LDAPDN DelResponse ::= [APPLICATION 11] LDAPResult ModifyDNRequest ::= [APPLICATION 12] SEQUENCE { entry LDAPDN, newrdn RelativeLDAPDN, deleteoldrdn BOOLEAN, newSuperior [0] LDAPDN OPTIONAL } ModifyDNResponse ::= [APPLICATION 13] LDAPResult CompareRequest ::= [APPLICATION 14] SEQUENCE { entry LDAPDN, ava AttributeValueAssertion } CompareResponse ::= [APPLICATION 15] LDAPResult AbandonRequest ::= [APPLICATION 16] MessageID ExtendedRequest ::= [APPLICATION 23] SEQUENCE { requestName [0] LDAPOID, requestValue [1] OCTET STRING OPTIONAL } ExtendedResponse ::= [APPLICATION 24] SEQUENCE { COMPONENTS OF LDAPResult, responseName [10] LDAPOID OPTIONAL, response [11] OCTET STRING OPTIONAL } VirtualListViewRequest ::= SEQUENCE { beforeCount INTEGER , --(0 .. maxInt), afterCount INTEGER , --(0 .. maxInt), CHOICE { byIndex [0] SEQUENCE { index INTEGER , --(0 .. maxInt), contentCount INTEGER } --(0 .. maxInt) } byValue [1] AssertionValue } -- byValue [1] greaterThanOrEqual assertionValue } contextID OCTET STRING OPTIONAL } VirtualListViewResponse ::= SEQUENCE { targetPosition INTEGER , --(0 .. maxInt), contentCount INTEGER , --(0 .. maxInt), virtualListViewResult ENUMERATED { success (0), operatonsError (1), unwillingToPerform (53), insufficientAccessRights (50), busy (51), timeLimitExceeded (3), adminLimitExceeded (11), sortControlMissing (60), indexRangeError (61), other (80) } } ESQ use lib 'lib'; use Convert::ASN1; use Convert::ASN1::Debug qw(asn_dump asn_hexdump); $asn = Convert::ASN1->new; $asn->prepare($desc) or die $asn->error; #$asn->dump; $filter = $asn->find('Filter'); # A Filter # (&(!(desc=value))(|(xx=x*y*)(yy=*1*2))) $buf = $filter->encode( { and => [ { not => { equalityMatch => { attributeDesc => 'desc', assertionValue => 'value' } } }, { or => [ { substrings => { type => 'xx', substrings => [ { initial => 'x' }, { any => 'y' } ] } }, { substrings => { type => 'yy', substrings => [ { any => 1 }, { final => 2 } ] } } ] } ] } ) or die $filter->error; asn_dump($buf); $ret = $filter->decode($buf) or die $filter->error; use Data::Dumper; $Data::Dumper::Indent=1; $Data::Dumper::Quotekeys=0; print Dumper($ret); examples/ldap-search000066600000002555150501011100010463 0ustar00# This is an example of a search PDU from the LDAP protocol use Convert::ASN1; use Data::Dumper; my %scope = qw(base 0 one 1 single 1 sub 2 subtree 2); my %deref = qw(never 0 search 1 find 2 always 3); my $search_pdu = Convert::ASN1->new; $search_pdu->prepare(q( SEQUENCE { mesgid INTEGER, [APPLICATION 3] SEQUENCE { base STRING, scope ENUM, deref ENUM, sizeLimit INTEGER, timeLimit INTEGER, typesOnly BOOLEAN, filter STRING, -- for test, should be ANY and the var should hold -- a pre-encoded filter attrs SEQUENCE OF STRING } control [0] SEQUENCE OF SEQUENCE { -- this should be optional but we cannot do that inline type STRING, critical BOOLEAN, value STRING OPTIONAL } } )) or die $search_pdu->error; $buf = $search_pdu->encode( mesgid => 3, base => "cn=base", scope => $scope{one}, deref => $deref{find}, sizeLimit => 0, timeLimit => 0, typesOnly => 0, filter => "A filter", attrs => [qw(cn postalAddress)], control => [ { type => "1.2.3.4", critical => 1 }, { type => "9.8.7.6", critical => 0, value => "abc" } ] ); $Data::Dumper::Indent = 1; print Dumper( $search_pdu->decode($buf)); $h = unpack("H*",$buf); $h =~ s/(..)/$1 /g; $h =~ s/(.{47}\s)/$1\n/g; print $h,"\n";