Implement FromBer for all top-level messages

chifflier · chifflier · commit bd3fb5790476 · 2025-02-10T16:51:57.000+01:00
diff --git a/src/generic.rs b/src/generic.rs
@@ -5,13 +5,70 @@ use asn1_rs::{Any, FromBer, Tag};
 use nom::combinator::map_res;
 use nom::{Err, IResult};
 
+/// An SNMP messsage parser, accepting v1, v2c or v3 messages
+///
+/// # Examples
+///
+/// ```rust
+/// use snmp_parser::{ScopedPduData, SecurityModel, SnmpGenericMessage};
+/// use snmp_parser::asn1_rs::FromBer;
+///
+/// static SNMPV3_REQ: &[u8] = include_bytes!("../assets/snmpv3_req.bin");
+///
+/// match SnmpGenericMessage::from_ber(&SNMPV3_REQ) {
+///   Ok((_, msg)) => {
+///     match msg {
+///       SnmpGenericMessage::V1(_) => todo!(),
+///       SnmpGenericMessage::V2(_) => todo!(),
+///       SnmpGenericMessage::V3(msgv3) => {
+///         assert!(msgv3.version == 3);
+///         assert!(msgv3.header_data.msg_security_model == SecurityModel::USM);
+///         match msgv3.data {
+///           ScopedPduData::Plaintext(_pdu) => { },
+///           ScopedPduData::Encrypted(_) => (),
+///         }
+///       }
+///     }
+///   },
+///   Err(e) => panic!("{}", e),
+/// }
+/// ```
 #[derive(Debug, PartialEq)]
 pub enum SnmpGenericMessage<'a> {
+    /// SNMP Version 1 (SNMPv1) message
     V1(SnmpMessage<'a>),
+    /// SNMP Version 2c (SNMPv2c) message
     V2(SnmpMessage<'a>),
+    /// SNMP Version 3 (SNMPv3) message
     V3(SnmpV3Message<'a>),
 }
 
+impl<'a> FromBer<'a, SnmpError> for SnmpGenericMessage<'a> {
+    fn from_ber(bytes: &'a [u8]) -> asn1_rs::ParseResult<'a, Self, SnmpError> {
+        let (rem, any) = Any::from_ber(bytes).or(Err(Err::Error(SnmpError::InvalidMessage)))?;
+        if any.tag() != Tag::Sequence {
+            return Err(Err::Error(SnmpError::InvalidMessage));
+        }
+        let (r, version) = u32::from_ber(any.data).map_err(Err::convert)?;
+        let (_, msg) = match version {
+            0 => {
+                let (rem, msg) = parse_snmp_v1_pdu_content(r)?;
+                (rem, SnmpGenericMessage::V1(msg))
+            }
+            1 => {
+                let (rem, msg) = parse_snmp_v2c_pdu_content(r)?;
+                (rem, SnmpGenericMessage::V2(msg))
+            }
+            3 => {
+                let (rem, msg) = parse_snmp_v3_pdu_content(r)?;
+                (rem, SnmpGenericMessage::V3(msg))
+            }
+            _ => return Err(Err::Error(SnmpError::InvalidVersion)),
+        };
+        Ok((rem, msg))
+    }
+}
+
 fn parse_snmp_v1_pdu_content(i: &[u8]) -> IResult<&[u8], SnmpMessage, SnmpError> {
     let (i, community) = parse_ber_octetstring_as_str(i).map_err(Err::convert)?;
     let (i, pdu) = parse_snmp_v1_pdu(i)?;
@@ -47,26 +104,9 @@ fn parse_snmp_v3_pdu_content(i: &[u8]) -> IResult<&[u8], SnmpV3Message, SnmpErro
     Ok((i, msg))
 }
 
+/// Parse an SNMP messsage, accepting v1, v2c or v3 messages
+///
+/// This function is equivalent to `SnmpGenericMessage::from_ber`
 pub fn parse_snmp_generic_message(i: &[u8]) -> IResult<&[u8], SnmpGenericMessage, SnmpError> {
-    let (rem, any) = Any::from_ber(i).or(Err(Err::Error(SnmpError::InvalidMessage)))?;
-    if any.tag() != Tag::Sequence {
-        return Err(Err::Error(SnmpError::InvalidMessage));
-    }
-    let (r, version) = u32::from_ber(any.data).map_err(Err::convert)?;
-    let (_, msg) = match version {
-        0 => {
-            let (rem, msg) = parse_snmp_v1_pdu_content(r)?;
-            (rem, SnmpGenericMessage::V1(msg))
-        }
-        1 => {
-            let (rem, msg) = parse_snmp_v2c_pdu_content(r)?;
-            (rem, SnmpGenericMessage::V2(msg))
-        }
-        3 => {
-            let (rem, msg) = parse_snmp_v3_pdu_content(r)?;
-            (rem, SnmpGenericMessage::V3(msg))
-        }
-        _ => return Err(Err::Error(SnmpError::InvalidVersion)),
-    };
-    Ok((rem, msg))
+    SnmpGenericMessage::from_ber(i)
 }
diff --git a/src/lib.rs b/src/lib.rs
@@ -5,14 +5,28 @@
 //!
 //! # SNMP Parser
 //!
-//! A SNMP parser, implemented with the [nom](https://github.com/Geal/nom)
+//! An SNMP parser, implemented with the [nom](https://github.com/Geal/nom)
 //! parser combinator framework.
 //!
+//! It is written in pure Rust, fast, and makes extensive use of zero-copy.
+//! It also aims to be panic-free.
+//!
 //! The goal of this parser is to implement SNMP messages analysis, for example
 //! to use rules from a network IDS.
 //!
 //! To read a message, different functions must be used depending on the expected message
-//! version. The main functions for parsing are [`parse_snmp_v1`](snmp/fn.parse_snmp_v1.html),
+//! version.
+//! This crate implements the [`asn1_rs::FromBer`] trait, so to parse a message, use the
+//! expected object and call function `from_ber`.
+//!
+//! For example, to parse a SNMP v1 or v2c message (message structure is the same), use
+//! [`SnmpMessage`]`::from_ber(input)`.
+//! To parse a SNMP v3 message, use [`SnmpV3Message`]`::from_ber(input)`.
+//! If you don't know the version of the message and want to parse a generic SNMP message,
+//! use [`SnmpGenericMessage`]`::from_ber(input)`.
+//!
+//! Other methods of parsing (functions) are provided for compatibility:
+//! these functions are [`parse_snmp_v1`](snmp/fn.parse_snmp_v1.html),
 //! [`parse_snmp_v2c`](snmp/fn.parse_snmp_v2c.html) and
 //! [`parse_snmp_v3`](snmpv3/fn.parse_snmp_v3.html).
 //! If you don't know the version of the message and want to parse a generic SNMP message,
@@ -50,4 +64,23 @@ pub use snmp::*;
 pub use snmpv3::*;
 
 // re-exports to prevent public dependency on asn1_rs
+pub use asn1_rs;
 pub use asn1_rs::{Oid, OidParseError};
+
+#[cfg(test)]
+mod tests {
+    use asn1_rs::FromBer;
+
+    use super::{SnmpGenericMessage, SnmpMessage, SnmpV3Message, SnmpVariable};
+
+    #[allow(dead_code)]
+    fn assert_is_fromber<'a, E, T: FromBer<'a, E>>() {}
+
+    #[test]
+    fn check_traits() {
+        assert_is_fromber::<_, SnmpVariable>();
+        assert_is_fromber::<_, SnmpMessage>();
+        assert_is_fromber::<_, SnmpV3Message>();
+        assert_is_fromber::<_, SnmpGenericMessage>();
+    }
+}
diff --git a/src/snmp.rs b/src/snmp.rs
@@ -172,6 +172,31 @@ pub enum SnmpPdu<'a> {
 }
 
 /// An SNMPv1 or SNMPv2c message
+///
+/// Use the [`FromBer`] trait to parse messages. The method returns the
+/// remaining (unparsed) bytes and the object, or an error.
+///
+/// Function [`parse_snmp_v1`] and [`parse_snmp_v2c`] are also provided, for convenience.
+///
+/// # Examples
+///
+/// ```rust
+/// use snmp_parser::SnmpMessage;
+/// use snmp_parser::asn1_rs::FromBer;
+///
+/// static SNMPV1_REQ: &[u8] = include_bytes!("../assets/snmpv1_req.bin");
+///
+/// # fn main() {
+/// match SnmpMessage::from_ber(&SNMPV1_REQ) {
+///   Ok((_, ref r)) => {
+///     assert!(r.version == 0);
+///     assert!(r.community == String::from("public"));
+///     assert!(r.vars_iter().count() == 1);
+///   },
+///   Err(e) => panic!("{}", e),
+/// }
+/// # }
+/// ```
 #[derive(Debug, PartialEq)]
 pub struct SnmpMessage<'a> {
     /// Version, as raw-encoded: 0 for SNMPv1, 1 for SNMPv2c
@@ -220,6 +245,31 @@ impl<'a> SnmpMessage<'a> {
     }
 }
 
+impl<'a> FromBer<'a, SnmpError> for SnmpMessage<'a> {
+    fn from_ber(bytes: &'a [u8]) -> asn1_rs::ParseResult<'a, Self, SnmpError> {
+        // parse a SNMP v1 or V2 message
+        Sequence::from_der_and_then(bytes, |i| {
+            let (i, version) = u32::from_ber(i).map_err(Err::convert)?;
+            if version > 1 {
+                return Err(Err::Error(SnmpError::InvalidVersion));
+            }
+            let (i, community) = parse_ber_octetstring_as_str(i).map_err(Err::convert)?;
+            let (i, pdu) = if version == 0 {
+                parse_snmp_v1_pdu(i)?
+            } else {
+                parse_snmp_v2c_pdu(i)?
+            };
+            let msg = SnmpMessage {
+                version,
+                community: community.to_string(),
+                pdu,
+            };
+            Ok((i, msg))
+        })
+        //.map_err(Err::convert)
+    }
+}
+
 #[derive(Debug, PartialEq)]
 pub struct SnmpVariable<'a> {
     pub oid: Oid<'a>,
diff --git a/src/snmpv3.rs b/src/snmpv3.rs
@@ -52,6 +52,29 @@ pub enum SecurityParameters<'a> {
 }
 
 /// An SNMPv3 message
+///
+/// # Examples
+///
+/// ```rust
+/// use snmp_parser::{ScopedPduData, SecurityModel, SnmpV3Message};
+/// use snmp_parser::asn1_rs::FromBer;
+///
+/// static SNMPV3_REQ: &[u8] = include_bytes!("../assets/snmpv3_req.bin");
+///
+/// # fn main() {
+/// match SnmpV3Message::from_ber(&SNMPV3_REQ) {
+///   Ok((_, ref r)) => {
+///     assert!(r.version == 3);
+///     assert!(r.header_data.msg_security_model == SecurityModel::USM);
+///     match r.data {
+///       ScopedPduData::Plaintext(ref _pdu) => { },
+///       ScopedPduData::Encrypted(_) => (),
+///     }
+///   },
+///   Err(e) => panic!("{}", e),
+/// }
+/// # }
+/// ```
 #[derive(Debug, PartialEq)]
 pub struct SnmpV3Message<'a> {
     /// Version, as raw-encoded: 3 for SNMPv3
@@ -61,6 +84,25 @@ pub struct SnmpV3Message<'a> {
     pub data: ScopedPduData<'a>,
 }
 
+impl<'a> FromBer<'a, SnmpError> for SnmpV3Message<'a> {
+    fn from_ber(bytes: &'a [u8]) -> asn1_rs::ParseResult<'a, Self, SnmpError> {
+        Sequence::from_der_and_then(bytes, |i| {
+            let (i, version) = u32::from_ber(i).map_err(Err::convert)?;
+            let (i, header_data) = parse_snmp_v3_headerdata(i)?;
+            let (i, secp) = map_res(<&[u8]>::from_ber, |x| parse_secp(x, &header_data))(i)
+                .map_err(Err::convert)?;
+            let (i, data) = parse_snmp_v3_data(i, &header_data)?;
+            let msg = SnmpV3Message {
+                version,
+                header_data,
+                security_params: secp,
+                data,
+            };
+            Ok((i, msg))
+        })
+    }
+}
+
 #[derive(Clone, Copy, Debug, PartialEq)]
 pub struct HeaderData {
     pub msg_id: u32,
@@ -168,20 +210,7 @@ pub(crate) fn parse_secp<'a>(
 /// # }
 /// ```
 pub fn parse_snmp_v3(bytes: &[u8]) -> IResult<&[u8], SnmpV3Message, SnmpError> {
-    Sequence::from_der_and_then(bytes, |i| {
-        let (i, version) = u32::from_ber(i).map_err(Err::convert)?;
-        let (i, header_data) = parse_snmp_v3_headerdata(i)?;
-        let (i, secp) =
-            map_res(<&[u8]>::from_ber, |x| parse_secp(x, &header_data))(i).map_err(Err::convert)?;
-        let (i, data) = parse_snmp_v3_data(i, &header_data)?;
-        let msg = SnmpV3Message {
-            version,
-            header_data,
-            security_params: secp,
-            data,
-        };
-        Ok((i, msg))
-    })
+    SnmpV3Message::from_ber(bytes)
 }
 
 #[inline]
