1XS(3) User Contributed Perl Documentation XS(3)
2
6 CBOR::XS - Concise Binary Object Representation (CBOR, RFC7049)
7
9 use CBOR::XS;
10 $binary_cbor_data = encode_cbor $perl_value;
12 $perl_value = decode_cbor $binary_cbor_data;
13 # OO-interface
15 $coder = CBOR::XS->new;
17 $binary_cbor_data = $coder->encode ($perl_value);
18 $perl_value = $coder->decode ($binary_cbor_data);
19 # prefix decoding
21 my $many_cbor_strings = ...;
23 while (length $many_cbor_strings) {
24 my ($data, $length) = $cbor->decode_prefix ($many_cbor_strings);
25 # data was decoded
26 substr $many_cbor_strings, 0, $length, ""; # remove decoded cbor string
27 }
28
30 This module converts Perl data structures to the Concise Binary Object
31 Representation (CBOR) and vice versa. CBOR is a fast binary
32 serialisation format that aims to use an (almost) superset of the JSON
33 data model, i.e. when you can represent something useful in JSON, you
34 should be able to represent it in CBOR.
35 In short, CBOR is a faster and quite compact binary alternative to
37 JSON, with the added ability of supporting serialisation of Perl
38 objects. (JSON often compresses better than CBOR though, so if you plan
39 to compress the data later and speed is less important you might want
40 to compare both formats first).
41 The primary goal of this module is to be correct and the secondary goal
43 is to be fast. To reach the latter goal it was written in C.
44 To give you a general idea about speed, with texts in the megabyte
46 range, "CBOR::XS" usually encodes roughly twice as fast as Storable or
47 JSON::XS and decodes about 15%-30% faster than those. The shorter the
48 data, the worse Storable performs in comparison.
49 Regarding compactness, "CBOR::XS"-encoded data structures are usually
51 about 20% smaller than the same data encoded as (compact) JSON or
52 Storable.
53 In addition to the core CBOR data format, this module implements a
55 number of extensions, to support cyclic and shared data structures (see
56 "allow_sharing" and "allow_cycles"), string deduplication (see
57 "pack_strings") and scalar references (always enabled).
58 See MAPPING, below, on how CBOR::XS maps perl values to CBOR values and
60 vice versa.
61
63 The following convenience methods are provided by this module. They are
64 exported by default:
65 $cbor_data = encode_cbor $perl_scalar
67 Converts the given Perl data structure to CBOR representation.
68 Croaks on error.
69 $perl_scalar = decode_cbor $cbor_data
71 The opposite of "encode_cbor": expects a valid CBOR string to
72 parse, returning the resulting perl scalar. Croaks on error.
73
75 The object oriented interface lets you configure your own encoding or
76 decoding style, within the limits of supported formats.
77 $cbor = new CBOR::XS
79 Creates a new CBOR::XS object that can be used to de/encode CBOR
80 strings. All boolean flags described below are by default disabled.
81 The mutators for flags all return the CBOR object again and thus
83 calls can be chained:
84 my $cbor = CBOR::XS->new->encode ({a => [1,2]});
86 $cbor = new_safe CBOR::XS
88 Create a new, safe/secure CBOR::XS object. This is similar to
89 "new", but configures the coder object to be safe to use with
90 untrusted data. Currently, this is equivalent to:
91 my $cbor = CBOR::XS
93 ->new
94 ->forbid_objects
95 ->filter (\&CBOR::XS::safe_filter)
96 ->max_size (1e8);
97 But is more future proof (it is better to crash because of a change
99 than to be exploited in other ways).
100 $cbor = $cbor->max_depth ([$maximum_nesting_depth])
102 $max_depth = $cbor->get_max_depth
103 Sets the maximum nesting level (default 512) accepted while
104 encoding or decoding. If a higher nesting level is detected in CBOR
105 data or a Perl data structure, then the encoder and decoder will
106 stop and croak at that point.
107 Nesting level is defined by number of hash- or arrayrefs that the
109 encoder needs to traverse to reach a given point or the number of
110 "{" or "[" characters without their matching closing parenthesis
111 crossed to reach a given character in a string.
112 Setting the maximum depth to one disallows any nesting, so that
114 ensures that the object is only a single hash/object or array.
115 If no argument is given, the highest possible setting will be used,
117 which is rarely useful.
118 Note that nesting is implemented by recursion in C. The default
120 value has been chosen to be as large as typical operating systems
121 allow without crashing.
122 See "SECURITY CONSIDERATIONS", below, for more info on why this is
124 useful.
125 $cbor = $cbor->max_size ([$maximum_string_size])
127 $max_size = $cbor->get_max_size
128 Set the maximum length a CBOR string may have (in bytes) where
129 decoding is being attempted. The default is 0, meaning no limit.
130 When "decode" is called on a string that is longer then this many
131 bytes, it will not attempt to decode the string but throw an
132 exception. This setting has no effect on "encode" (yet).
133 If no argument is given, the limit check will be deactivated (same
135 as when 0 is specified).
136 See "SECURITY CONSIDERATIONS", below, for more info on why this is
138 useful.
139 $cbor = $cbor->allow_unknown ([$enable])
141 $enabled = $cbor->get_allow_unknown
142 If $enable is true (or missing), then "encode" will not throw an
143 exception when it encounters values it cannot represent in CBOR
144 (for example, filehandles) but instead will encode a CBOR "error"
145 value.
146 If $enable is false (the default), then "encode" will throw an
148 exception when it encounters anything it cannot encode as CBOR.
149 This option does not affect "decode" in any way, and it is
151 recommended to leave it off unless you know your communications
152 partner.
153 $cbor = $cbor->allow_sharing ([$enable])
155 $enabled = $cbor->get_allow_sharing
156 If $enable is true (or missing), then "encode" will not double-
157 encode values that have been referenced before (e.g. when the same
158 object, such as an array, is referenced multiple times), but
159 instead will emit a reference to the earlier value.
160 This means that such values will only be encoded once, and will not
162 result in a deep cloning of the value on decode, in decoders
163 supporting the value sharing extension. This also makes it possible
164 to encode cyclic data structures (which need "allow_cycles" to be
165 enabled to be decoded by this module).
166 It is recommended to leave it off unless you know your
168 communication partner supports the value sharing extensions to CBOR
169 (<http://cbor.schmorp.de/value-sharing>), as without decoder
170 support, the resulting data structure might be unusable.
171 Detecting shared values incurs a runtime overhead when values are
173 encoded that have a reference counter large than one, and might
174 unnecessarily increase the encoded size, as potentially shared
175 values are encoded as shareable whether or not they are actually
176 shared.
177 At the moment, only targets of references can be shared (e.g.
179 scalars, arrays or hashes pointed to by a reference). Weirder
180 constructs, such as an array with multiple "copies" of the same
181 string, which are hard but not impossible to create in Perl, are
182 not supported (this is the same as with Storable).
183 If $enable is false (the default), then "encode" will encode shared
185 data structures repeatedly, unsharing them in the process. Cyclic
186 data structures cannot be encoded in this mode.
187 This option does not affect "decode" in any way - shared values and
189 references will always be decoded properly if present.
190 $cbor = $cbor->allow_cycles ([$enable])
192 $enabled = $cbor->get_allow_cycles
193 If $enable is true (or missing), then "decode" will happily decode
194 self-referential (cyclic) data structures. By default these will
195 not be decoded, as they need manual cleanup to avoid memory leaks,
196 so code that isn't prepared for this will not leak memory.
197 If $enable is false (the default), then "decode" will throw an
199 error when it encounters a self-referential/cyclic data structure.
200 FUTURE DIRECTION: the motivation behind this option is to avoid
202 real cycles - future versions of this module might chose to decode
203 cyclic data structures using weak references when this option is
204 off, instead of throwing an error.
205 This option does not affect "encode" in any way - shared values and
207 references will always be encoded properly if present.
208 $cbor = $cbor->forbid_objects ([$enable])
210 $enabled = $cbor->get_forbid_objects
211 Disables the use of the object serialiser protocol.
212 If $enable is true (or missing), then "encode" will will throw an
214 exception when it encounters perl objects that would be encoded
215 using the perl-object tag (26). When "decode" encounters such tags,
216 it will fall back to the general filter/tagged logic as if this
217 were an unknown tag (by default resulting in a "CBOR::XC::Tagged"
218 object).
219 If $enable is false (the default), then "encode" will use the
221 Types::Serialiser object serialisation protocol to serialise
222 objects into perl-object tags, and "decode" will do the same to
223 decode such tags.
224 See "SECURITY CONSIDERATIONS", below, for more info on why
226 forbidding this protocol can be useful.
227 $cbor = $cbor->pack_strings ([$enable])
229 $enabled = $cbor->get_pack_strings
230 If $enable is true (or missing), then "encode" will try not to
231 encode the same string twice, but will instead encode a reference
232 to the string instead. Depending on your data format, this can save
233 a lot of space, but also results in a very large runtime overhead
234 (expect encoding times to be 2-4 times as high as without).
235 It is recommended to leave it off unless you know your
237 communications partner supports the stringref extension to CBOR
238 (<http://cbor.schmorp.de/stringref>), as without decoder support,
239 the resulting data structure might not be usable.
240 If $enable is false (the default), then "encode" will encode
242 strings the standard CBOR way.
243 This option does not affect "decode" in any way - string references
245 will always be decoded properly if present.
246 $cbor = $cbor->text_keys ([$enable])
248 $enabled = $cbor->get_text_keys
249 If $enabled is true (or missing), then "encode" will encode all
250 perl hash keys as CBOR text strings/UTF-8 string, upgrading them as
251 needed.
252 If $enable is false (the default), then "encode" will encode hash
254 keys normally - upgraded perl strings (strings internally encoded
255 as UTF-8) as CBOR text strings, and downgraded perl strings as CBOR
256 byte strings.
257 This option does not affect "decode" in any way.
259 This option is useful for interoperability with CBOR decoders that
261 don't treat byte strings as a form of text. It is especially useful
262 as Perl gives very little control over hash keys.
263 Enabling this option can be slow, as all downgraded hash keys that
265 are encoded need to be scanned and converted to UTF-8.
266 $cbor = $cbor->text_strings ([$enable])
268 $enabled = $cbor->get_text_strings
269 This option works similar to "text_keys", above, but works on all
270 strings (including hash keys), so "text_keys" has no further effect
271 after enabling "text_strings".
272 If $enabled is true (or missing), then "encode" will encode all
274 perl strings as CBOR text strings/UTF-8 strings, upgrading them as
275 needed.
276 If $enable is false (the default), then "encode" will encode
278 strings normally (but see "text_keys") - upgraded perl strings
279 (strings internally encoded as UTF-8) as CBOR text strings, and
280 downgraded perl strings as CBOR byte strings.
281 This option does not affect "decode" in any way.
283 This option has similar advantages and disadvantages as
285 "text_keys". In addition, this option effectively removes the
286 ability to automatically encode byte strings, which might break
287 some "FREEZE" and "TO_CBOR" methods that rely on this.
288 A workaround is to use explicit type casts, which are unaffected by
290 this option.
291 $cbor = $cbor->validate_utf8 ([$enable])
293 $enabled = $cbor->get_validate_utf8
294 If $enable is true (or missing), then "decode" will validate that
295 elements (text strings) containing UTF-8 data in fact contain valid
296 UTF-8 data (instead of blindly accepting it). This validation
297 obviously takes extra time during decoding.
298 The concept of "valid UTF-8" used is perl's concept, which is a
300 superset of the official UTF-8.
301 If $enable is false (the default), then "decode" will blindly
303 accept UTF-8 data, marking them as valid UTF-8 in the resulting
304 data structure regardless of whether that's true or not.
305 Perl isn't too happy about corrupted UTF-8 in strings, but should
307 generally not crash or do similarly evil things. Extensions might
308 be not so forgiving, so it's recommended to turn on this setting if
309 you receive untrusted CBOR.
310 This option does not affect "encode" in any way - strings that are
312 supposedly valid UTF-8 will simply be dumped into the resulting
313 CBOR string without checking whether that is, in fact, true or not.
314 $cbor = $cbor->filter ([$cb->($tag, $value)])
316 $cb_or_undef = $cbor->get_filter
317 Sets or replaces the tagged value decoding filter (when $cb is
318 specified) or clears the filter (if no argument or "undef" is
319 provided).
320 The filter callback is called only during decoding, when a non-
322 enforced tagged value has been decoded (see "TAG HANDLING AND
323 EXTENSIONS" for a list of enforced tags). For specific tags, it's
324 often better to provide a default converter using the
325 %CBOR::XS::FILTER hash (see below).
326 The first argument is the numerical tag, the second is the
328 (decoded) value that has been tagged.
329 The filter function should return either exactly one value, which
331 will replace the tagged value in the decoded data structure, or no
332 values, which will result in default handling, which currently
333 means the decoder creates a "CBOR::XS::Tagged" object to hold the
334 tag and the value.
335 When the filter is cleared (the default state), the default filter
337 function, "CBOR::XS::default_filter", is used. This function simply
338 looks up the tag in the %CBOR::XS::FILTER hash. If an entry exists
339 it must be a code reference that is called with tag and value, and
340 is responsible for decoding the value. If no entry exists, it
341 returns no values. "CBOR::XS" provides a number of default filter
342 functions already, the the %CBOR::XS::FILTER hash can be freely
343 extended with more.
344 "CBOR::XS" additionally provides an alternative filter function
346 that is supposed to be safe to use with untrusted data (which the
347 default filter might not), called "CBOR::XS::safe_filter", which
348 works the same as the "default_filter" but uses the
349 %CBOR::XS::SAFE_FILTER variable instead. It is prepopulated with
350 the tag decoding functions that are deemed safe (basically the same
351 as %CBOR::XS::FILTER without all the bignum tags), and can be
352 extended by user code as wlel, although, obviously, one should be
353 very careful about adding decoding functions here, since the
354 expectation is that they are safe to use on untrusted data, after
355 all.
356 Example: decode all tags not handled internally into
358 "CBOR::XS::Tagged" objects, with no other special handling (useful
359 when working with potentially "unsafe" CBOR data).
360 CBOR::XS->new->filter (sub { })->decode ($cbor_data);
362 Example: provide a global filter for tag 1347375694, converting the
364 value into some string form.
365 $CBOR::XS::FILTER{1347375694} = sub {
367 my ($tag, $value);
368 "tag 1347375694 value $value"
370 };
371 Example: provide your own filter function that looks up tags in
373 your own hash:
374 my %my_filter = (
376 998347484 => sub {
377 my ($tag, $value);
378 "tag 998347484 value $value"
380 };
381 );
382 my $coder = CBOR::XS->new->filter (sub {
384 &{ $my_filter{$_[0]} or return }
385 });
386 Example: use the safe filter function (see "SECURITY
388 CONSIDERATIONS" for more considerations on security).
389 CBOR::XS->new->filter (\&CBOR::XS::safe_filter)->decode ($cbor_data);
391 $cbor_data = $cbor->encode ($perl_scalar)
393 Converts the given Perl data structure (a scalar value) to its CBOR
394 representation.
395 $perl_scalar = $cbor->decode ($cbor_data)
397 The opposite of "encode": expects CBOR data and tries to parse it,
398 returning the resulting simple scalar or reference. Croaks on
399 error.
400 ($perl_scalar, $octets) = $cbor->decode_prefix ($cbor_data)
402 This works like the "decode" method, but instead of raising an
403 exception when there is trailing garbage after the CBOR string, it
404 will silently stop parsing there and return the number of
405 characters consumed so far.
406 This is useful if your CBOR texts are not delimited by an outer
408 protocol and you need to know where the first CBOR string ends amd
409 the next one starts - CBOR strings are self-delimited, so it is
410 possible to concatenate CBOR strings without any delimiters or size
411 fields and recover their data.
412 CBOR::XS->new->decode_prefix ("......")
414 => ("...", 3)
415 INCREMENTAL PARSING
417 In some cases, there is the need for incremental parsing of JSON texts.
418 While this module always has to keep both CBOR text and resulting Perl
419 data structure in memory at one time, it does allow you to parse a CBOR
420 stream incrementally, using a similar to using "decode_prefix" to see
421 if a full CBOR object is available, but is much more efficient.
422 It basically works by parsing as much of a CBOR string as possible - if
424 the CBOR data is not complete yet, the pasrer will remember where it
425 was, to be able to restart when more data has been accumulated. Once
426 enough data is available to either decode a complete CBOR value or
427 raise an error, a real decode will be attempted.
428 A typical use case would be a network protocol that consists of sending
430 and receiving CBOR-encoded messages. The solution that works with CBOR
431 and about anything else is by prepending a length to every CBOR value,
432 so the receiver knows how many octets to read. More compact (and
433 slightly slower) would be to just send CBOR values back-to-back, as
434 "CBOR::XS" knows where a CBOR value ends, and doesn't need an explicit
435 length.
436 The following methods help with this:
438 @decoded = $cbor->incr_parse ($buffer)
440 This method attempts to decode exactly one CBOR value from the
441 beginning of the given $buffer. The value is removed from the
442 $buffer on success. When $buffer doesn't contain a complete value
443 yet, it returns nothing. Finally, when the $buffer doesn't start
444 with something that could ever be a valid CBOR value, it raises an
445 exception, just as "decode" would. In the latter case the decoder
446 state is undefined and must be reset before being able to parse
447 further.
448 This method modifies the $buffer in place. When no CBOR value can
450 be decoded, the decoder stores the current string offset. On the
451 next call, continues decoding at the place where it stopped before.
452 For this to make sense, the $buffer must begin with the same octets
453 as on previous unsuccessful calls.
454 You can call this method in scalar context, in which case it either
456 returns a decoded value or "undef". This makes it impossible to
457 distinguish between CBOR null values (which decode to "undef") and
458 an unsuccessful decode, which is often acceptable.
459 @decoded = $cbor->incr_parse_multiple ($buffer)
461 Same as "incr_parse", but attempts to decode as many CBOR values as
462 possible in one go, instead of at most one. Calls to "incr_parse"
463 and "incr_parse_multiple" can be interleaved.
464 $cbor->incr_reset
466 Resets the incremental decoder. This throws away any saved state,
467 so that subsequent calls to "incr_parse" or "incr_parse_multiple"
468 start to parse a new CBOR value from the beginning of the $buffer
469 again.
470 This method can be called at any time, but it must be called if you
472 want to change your $buffer or there was a decoding error and you
473 want to reuse the $cbor object for future incremental parsings.
474
476 This section describes how CBOR::XS maps Perl values to CBOR values and
477 vice versa. These mappings are designed to "do the right thing" in most
478 circumstances automatically, preserving round-tripping characteristics
479 (what you put in comes out as something equivalent).
480 For the more enlightened: note that in the following descriptions,
482 lowercase perl refers to the Perl interpreter, while uppercase Perl
483 refers to the abstract Perl language itself.
484 CBOR -> PERL
486 integers
487 CBOR integers become (numeric) perl scalars. On perls without 64
488 bit support, 64 bit integers will be truncated or otherwise
489 corrupted.
490 byte strings
492 Byte strings will become octet strings in Perl (the Byte values
493 0..255 will simply become characters of the same value in Perl).
494 UTF-8 strings
496 UTF-8 strings in CBOR will be decoded, i.e. the UTF-8 octets will
497 be decoded into proper Unicode code points. At the moment, the
498 validity of the UTF-8 octets will not be validated - corrupt input
499 will result in corrupted Perl strings.
500 arrays, maps
502 CBOR arrays and CBOR maps will be converted into references to a
503 Perl array or hash, respectively. The keys of the map will be
504 stringified during this process.
505 null
507 CBOR null becomes "undef" in Perl.
508 true, false, undefined
510 These CBOR values become "Types:Serialiser::true",
511 "Types:Serialiser::false" and "Types::Serialiser::error",
512 respectively. They are overloaded to act almost exactly like the
513 numbers 1 and 0 (for true and false) or to throw an exception on
514 access (for error). See the Types::Serialiser manpage for details.
515 tagged values
517 Tagged items consists of a numeric tag and another CBOR value.
518 See "TAG HANDLING AND EXTENSIONS" and the description of "->filter"
520 for details on which tags are handled how.
521 anything else
523 Anything else (e.g. unsupported simple values) will raise a
524 decoding error.
525 PERL -> CBOR
527 The mapping from Perl to CBOR is slightly more difficult, as Perl is a
528 typeless language. That means this module can only guess which CBOR
529 type is meant by a perl value.
530 hash references
532 Perl hash references become CBOR maps. As there is no inherent
533 ordering in hash keys (or CBOR maps), they will usually be encoded
534 in a pseudo-random order. This order can be different each time a
535 hash is encoded.
536 Currently, tied hashes will use the indefinite-length format, while
538 normal hashes will use the fixed-length format.
539 array references
541 Perl array references become fixed-length CBOR arrays.
542 other references
544 Other unblessed references will be represented using the
545 indirection tag extension (tag value 22098,
546 <http://cbor.schmorp.de/indirection>). CBOR decoders are guaranteed
547 to be able to decode these values somehow, by either "doing the
548 right thing", decoding into a generic tagged object, simply
549 ignoring the tag, or something else.
550 CBOR::XS::Tagged objects
552 Objects of this type must be arrays consisting of a single "[tag,
553 value]" pair. The (numerical) tag will be encoded as a CBOR tag,
554 the value will be encoded as appropriate for the value. You must
555 use "CBOR::XS::tag" to create such objects.
556 Types::Serialiser::true, Types::Serialiser::false,
558 Types::Serialiser::error
559 These special values become CBOR true, CBOR false and CBOR
560 undefined values, respectively. You can also use "\1", "\0" and
561 "\undef" directly if you want.
562 other blessed objects
564 Other blessed objects are serialised via "TO_CBOR" or "FREEZE". See
565 "TAG HANDLING AND EXTENSIONS" for specific classes handled by this
566 module, and "OBJECT SERIALISATION" for generic object
567 serialisation.
568 simple scalars
570 Simple Perl scalars (any scalar that is not a reference) are the
571 most difficult objects to encode: CBOR::XS will encode undefined
572 scalars as CBOR null values, scalars that have last been used in a
573 string context before encoding as CBOR strings, and anything else
574 as number value:
575 # dump as number
577 encode_cbor [2] # yields [2]
578 encode_cbor [-3.0e17] # yields [-3e+17]
579 my $value = 5; encode_cbor [$value] # yields [5]
580 # used as string, so dump as string (either byte or text)
582 print $value;
583 encode_cbor [$value] # yields ["5"]
584 # undef becomes null
586 encode_cbor [undef] # yields [null]
587 You can force the type to be a CBOR string by stringifying it:
589 my $x = 3.1; # some variable containing a number
591 "$x"; # stringified
592 $x .= ""; # another, more awkward way to stringify
593 print $x; # perl does it for you, too, quite often
594 You can force whether a string is encoded as byte or text string by
596 using "utf8::upgrade" and "utf8::downgrade" (if "text_strings" is
597 disabled).
598 utf8::upgrade $x; # encode $x as text string
600 utf8::downgrade $x; # encode $x as byte string
601 More options are available, see "TYPE CASTS", below, and the
603 "text_keys" and "text_strings" options.
604 Perl doesn't define what operations up- and downgrade strings, so
606 if the difference between byte and text is important, you should
607 up- or downgrade your string as late as possible before encoding.
608 You can also force the use of CBOR text strings by using
609 "text_keys" or "text_strings".
610 You can force the type to be a CBOR number by numifying it:
612 my $x = "3"; # some variable containing a string
614 $x += 0; # numify it, ensuring it will be dumped as a number
615 $x *= 1; # same thing, the choice is yours.
616 You can not currently force the type in other, less obscure, ways.
618 Tell me if you need this capability (but don't forget to explain
619 why it's needed :).
620 Perl values that seem to be integers generally use the shortest
622 possible representation. Floating-point values will use either the
623 IEEE single format if possible without loss of precision, otherwise
624 the IEEE double format will be used. Perls that use formats other
625 than IEEE double to represent numerical values are supported, but
626 might suffer loss of precision.
627 TYPE CASTS
629 EXPERIMENTAL: As an experimental extension, "CBOR::XS" allows you to
630 force specific cbor types to be used when encoding. That allows you to
631 encode types not normally accessible (e.g. half floats) as well as
632 force string types even when "text_strings" is in effect.
633 Type forcing is done by calling a special "cast" function which keeps a
635 copy of the value and returns a new value that can be handed over to
636 any CBOR encoder function.
637 The following casts are currently available (all of which are unary
639 operators):
640 CBOR::XS::as_int $value
642 Forces the value to be encoded as some form of (basic, not bignum)
643 integer type.
644 CBOR::XS::as_text $value
646 Forces the value to be encoded as (UTF-8) text values.
647 CBOR::XS::as_bytes $value
649 Forces the value to be encoded as a (binary) string value.
650 Example: encode a perl string as binary even though "text_strings"
652 is in effect.
653 CBOR::XS->new->text_strings->encode ([4, "text", CBOR::XS::bytes "bytevalue"]);
655 CBOR::XS::as_bool $value
657 Converts a Perl boolean (which can be any kind of scalar) into a
658 CBOR boolean. Strictly the same, but shorter to write, than:
659 $value ? Types::Serialiser::true : Types::Serialiser::false
661 CBOR::XS::as_float16 $value
663 Forces half-float (IEEE 754 binary16) encoding of the given value.
664 CBOR::XS::as_float32 $value
666 Forces single-float (IEEE 754 binary32) encoding of the given
667 value.
668 CBOR::XS::as_float64 $value
670 Forces double-float (IEEE 754 binary64) encoding of the given
671 value.
672 CBOR::XS::as_cbor $cbor_text
674 Not a type cast per-se, this type cast forces the argument to eb
675 encoded as-is. This can be used to embed pre-encoded CBOR data.
676 Note that no checking on the validity of the $cbor_text is done -
678 it's the callers responsibility to correctly encode values.
679 CBOR::XS::as_map [key => value...]
681 Treat the array reference as key value pairs and output a CBOR map.
682 This allows you to generate CBOR maps with arbitrary key types (or,
683 if you don't care about semantics, duplicate keys or prairs in a
684 custom order), which is otherwise hard to do with Perl.
685 The single argument must be an array reference with an even number
687 of elements.
688 Example: encode a CBOR map with a string and an integer as keys.
690 encode_cbor CBOR::XS::as_map [string => "value", 5 => "value"]
692 OBJECT SERIALISATION
694 This module implements both a CBOR-specific and the generic
695 Types::Serialier object serialisation protocol. The following
696 subsections explain both methods.
697 ENCODING
699 This module knows two way to serialise a Perl object: The CBOR-specific
701 way, and the generic way.
702 Whenever the encoder encounters a Perl object that it cannot serialise
704 directly (most of them), it will first look up the "TO_CBOR" method on
705 it.
706 If it has a "TO_CBOR" method, it will call it with the object as only
708 argument, and expects exactly one return value, which it will then
709 substitute and encode it in the place of the object.
710 Otherwise, it will look up the "FREEZE" method. If it exists, it will
712 call it with the object as first argument, and the constant string
713 "CBOR" as the second argument, to distinguish it from other
714 serialisers.
715 The "FREEZE" method can return any number of values (i.e. zero or
717 more). These will be encoded as CBOR perl object, together with the
718 classname.
719 These methods MUST NOT change the data structure that is being
721 serialised. Failure to comply to this can result in memory corruption -
722 and worse.
723 If an object supports neither "TO_CBOR" nor "FREEZE", encoding will
725 fail with an error.
726 DECODING
728 Objects encoded via "TO_CBOR" cannot (normally) be automatically
730 decoded, but objects encoded via "FREEZE" can be decoded using the
731 following protocol:
732 When an encoded CBOR perl object is encountered by the decoder, it will
734 look up the "THAW" method, by using the stored classname, and will fail
735 if the method cannot be found.
736 After the lookup it will call the "THAW" method with the stored
738 classname as first argument, the constant string "CBOR" as second
739 argument, and all values returned by "FREEZE" as remaining arguments.
740 EXAMPLES
742 Here is an example "TO_CBOR" method:
744 sub My::Object::TO_CBOR {
746 my ($obj) = @_;
747 ["this is a serialised My::Object object", $obj->{id}]
749 }
750 When a "My::Object" is encoded to CBOR, it will instead encode a simple
752 array with two members: a string, and the "object id". Decoding this
753 CBOR string will yield a normal perl array reference in place of the
754 object.
755 A more useful and practical example would be a serialisation method for
757 the URI module. CBOR has a custom tag value for URIs, namely 32:
758 sub URI::TO_CBOR {
760 my ($self) = @_;
761 my $uri = "$self"; # stringify uri
762 utf8::upgrade $uri; # make sure it will be encoded as UTF-8 string
763 CBOR::XS::tag 32, "$_[0]"
764 }
765 This will encode URIs as a UTF-8 string with tag 32, which indicates an
767 URI.
768 Decoding such an URI will not (currently) give you an URI object, but
770 instead a CBOR::XS::Tagged object with tag number 32 and the string -
771 exactly what was returned by "TO_CBOR".
772 To serialise an object so it can automatically be deserialised, you
774 need to use "FREEZE" and "THAW". To take the URI module as example,
775 this would be a possible implementation:
776 sub URI::FREEZE {
778 my ($self, $serialiser) = @_;
779 "$self" # encode url string
780 }
781 sub URI::THAW {
783 my ($class, $serialiser, $uri) = @_;
784 $class->new ($uri)
785 }
786 Unlike "TO_CBOR", multiple values can be returned by "FREEZE". For
788 example, a "FREEZE" method that returns "type", "id" and "variant"
789 values would cause an invocation of "THAW" with 5 arguments:
790 sub My::Object::FREEZE {
792 my ($self, $serialiser) = @_;
793 ($self->{type}, $self->{id}, $self->{variant})
795 }
796 sub My::Object::THAW {
798 my ($class, $serialiser, $type, $id, $variant) = @_;
799 $class-<new (type => $type, id => $id, variant => $variant)
801 }
802
804 There is no way to distinguish CBOR from other formats
805 programmatically. To make it easier to distinguish CBOR from other
806 formats, the CBOR specification has a special "magic string" that can
807 be prepended to any CBOR string without changing its meaning.
808 This string is available as $CBOR::XS::MAGIC. This module does not
810 prepend this string to the CBOR data it generates, but it will ignore
811 it if present, so users can prepend this string as a "file type"
812 indicator as required.
813
815 CBOR has the concept of tagged values - any CBOR value can be tagged
816 with a numeric 64 bit number, which are centrally administered.
817 "CBOR::XS" handles a few tags internally when en- or decoding. You can
819 also create tags yourself by encoding "CBOR::XS::Tagged" objects, and
820 the decoder will create "CBOR::XS::Tagged" objects itself when it hits
821 an unknown tag.
822 These objects are simply blessed array references - the first member of
824 the array being the numerical tag, the second being the value.
825 You can interact with "CBOR::XS::Tagged" objects in the following ways:
827 $tagged = CBOR::XS::tag $tag, $value
829 This function(!) creates a new "CBOR::XS::Tagged" object using the
830 given $tag (0..2**64-1) to tag the given $value (which can be any
831 Perl value that can be encoded in CBOR, including serialisable Perl
832 objects and "CBOR::XS::Tagged" objects).
833 $tagged->[0]
835 $tagged->[0] = $new_tag
836 $tag = $tagged->tag
837 $new_tag = $tagged->tag ($new_tag)
838 Access/mutate the tag.
839 $tagged->[1]
841 $tagged->[1] = $new_value
842 $value = $tagged->value
843 $new_value = $tagged->value ($new_value)
844 Access/mutate the tagged value.
845 EXAMPLES
847 Here are some examples of "CBOR::XS::Tagged" uses to tag objects.
848 You can look up CBOR tag value and emanings in the IANA registry at
850 <http://www.iana.org/assignments/cbor-tags/cbor-tags.xhtml>.
851 Prepend a magic header ($CBOR::XS::MAGIC):
853 my $cbor = encode_cbor CBOR::XS::tag 55799, $value;
855 # same as:
856 my $cbor = $CBOR::XS::MAGIC . encode_cbor $value;
857 Serialise some URIs and a regex in an array:
859 my $cbor = encode_cbor [
861 (CBOR::XS::tag 32, "http://www.nethype.de/"),
862 (CBOR::XS::tag 32, "http://software.schmorp.de/"),
863 (CBOR::XS::tag 35, "^[Pp][Ee][Rr][lL]\$"),
864 ];
865 Wrap CBOR data in CBOR:
867 my $cbor_cbor = encode_cbor
869 CBOR::XS::tag 24,
870 encode_cbor [1, 2, 3];
871
873 This section describes how this module handles specific tagged values
874 and extensions. If a tag is not mentioned here and no additional
875 filters are provided for it, then the default handling applies
876 (creating a CBOR::XS::Tagged object on decoding, and only encoding the
877 tag when explicitly requested).
878 Tags not handled specifically are currently converted into a
880 CBOR::XS::Tagged object, which is simply a blessed array reference
881 consisting of the numeric tag value followed by the (decoded) CBOR
882 value.
883 Future versions of this module reserve the right to special case
885 additional tags (such as base64url).
886 ENFORCED TAGS
888 These tags are always handled when decoding, and their handling cannot
889 be overridden by the user.
890 26 (perl-object, <http://cbor.schmorp.de/perl-object>)
892 These tags are automatically created (and decoded) for serialisable
893 objects using the "FREEZE/THAW" methods (the Types::Serialier
894 object serialisation protocol). See "OBJECT SERIALISATION" for
895 details.
896 28, 29 (shareable, sharedref, <http://cbor.schmorp.de/value-sharing>)
898 These tags are automatically decoded when encountered (and they do
899 not result in a cyclic data structure, see "allow_cycles"),
900 resulting in shared values in the decoded object. They are only
901 encoded, however, when "allow_sharing" is enabled.
902 Not all shared values can be successfully decoded: values that
904 reference themselves will currently decode as "undef" (this is not
905 the same as a reference pointing to itself, which will be
906 represented as a value that contains an indirect reference to
907 itself - these will be decoded properly).
908 Note that considerably more shared value data structures can be
910 decoded than will be encoded - currently, only values pointed to by
911 references will be shared, others will not. While non-reference
912 shared values can be generated in Perl with some effort, they were
913 considered too unimportant to be supported in the encoder. The
914 decoder, however, will decode these values as shared values.
915 256, 25 (stringref-namespace, stringref,
917 <http://cbor.schmorp.de/stringref>)
918 These tags are automatically decoded when encountered. They are
919 only encoded, however, when "pack_strings" is enabled.
920 22098 (indirection, <http://cbor.schmorp.de/indirection>)
922 This tag is automatically generated when a reference are
923 encountered (with the exception of hash and array references). It
924 is converted to a reference when decoding.
925 55799 (self-describe CBOR, RFC 7049)
927 This value is not generated on encoding (unless explicitly
928 requested by the user), and is simply ignored when decoding.
929 NON-ENFORCED TAGS
931 These tags have default filters provided when decoding. Their handling
932 can be overridden by changing the %CBOR::XS::FILTER entry for the tag,
933 or by providing a custom "filter" callback when decoding.
934 When they result in decoding into a specific Perl class, the module
936 usually provides a corresponding "TO_CBOR" method as well.
937 When any of these need to load additional modules that are not part of
939 the perl core distribution (e.g. URI), it is (currently) up to the user
940 to provide these modules. The decoding usually fails with an exception
941 if the required module cannot be loaded.
942 0, 1 (date/time string, seconds since the epoch)
944 These tags are decoded into Time::Piece objects. The corresponding
945 "Time::Piece::TO_CBOR" method always encodes into tag 1 values
946 currently.
947 The Time::Piece API is generally surprisingly bad, and fractional
949 seconds are only accidentally kept intact, so watch out. On the
950 plus side, the module comes with perl since 5.10, which has to
951 count for something.
952 2, 3 (positive/negative bignum)
954 These tags are decoded into Math::BigInt objects. The corresponding
955 "Math::BigInt::TO_CBOR" method encodes "small" bigints into normal
956 CBOR integers, and others into positive/negative CBOR bignums.
957 4, 5, 264, 265 (decimal fraction/bigfloat)
959 Both decimal fractions and bigfloats are decoded into
960 Math::BigFloat objects. The corresponding "Math::BigFloat::TO_CBOR"
961 method always encodes into a decimal fraction (either tag 4 or
962 264).
963 NaN and infinities are not encoded properly, as they cannot be
965 represented in CBOR.
966 See "BIGNUM SECURITY CONSIDERATIONS" for more info.
968 30 (rational numbers)
970 These tags are decoded into Math::BigRat objects. The corresponding
971 "Math::BigRat::TO_CBOR" method encodes rational numbers with
972 denominator 1 via their numerator only, i.e., they become normal
973 integers or "bignums".
974 See "BIGNUM SECURITY CONSIDERATIONS" for more info.
976 21, 22, 23 (expected later JSON conversion)
978 CBOR::XS is not a CBOR-to-JSON converter, and will simply ignore
979 these tags.
980 32 (URI)
982 These objects decode into URI objects. The corresponding
983 "URI::TO_CBOR" method again results in a CBOR URI value.
984
986 CBOR is supposed to implement a superset of the JSON data model, and
987 is, with some coercion, able to represent all JSON texts (something
988 that other "binary JSON" formats such as BSON generally do not
989 support).
990 CBOR implements some extra hints and support for JSON interoperability,
992 and the spec offers further guidance for conversion between CBOR and
993 JSON. None of this is currently implemented in CBOR, and the guidelines
994 in the spec do not result in correct round-tripping of data. If JSON
995 interoperability is improved in the future, then the goal will be to
996 ensure that decoded JSON data will round-trip encoding and decoding to
997 CBOR intact.
998
1000 Tl;dr... if you want to decode or encode CBOR from untrusted sources,
1001 you should start with a coder object created via "new_safe" (which
1002 implements the mitigations explained below):
1003 my $coder = CBOR::XS->new_safe;
1005 my $data = $coder->decode ($cbor_text);
1007 my $cbor = $coder->encode ($data);
1008 Longer version: When you are using CBOR in a protocol, talking to
1010 untrusted potentially hostile creatures requires some thought:
1011 Security of the CBOR decoder itself
1013 First and foremost, your CBOR decoder should be secure, that is,
1014 should not have any buffer overflows or similar bugs that could
1015 potentially be exploited. Obviously, this module should ensure that
1016 and I am trying hard on making that true, but you never know.
1017 CBOR::XS can invoke almost arbitrary callbacks during decoding
1019 CBOR::XS supports object serialisation - decoding CBOR can cause
1020 calls to any "THAW" method in any package that exists in your
1021 process (that is, CBOR::XS will not try to load modules, but any
1022 existing "THAW" method or function can be called, so they all have
1023 to be secure).
1024 Less obviously, it will also invoke "TO_CBOR" and "FREEZE" methods
1026 - even if all your "THAW" methods are secure, encoding data
1027 structures from untrusted sources can invoke those and trigger bugs
1028 in those.
1029 So, if you are not sure about the security of all the modules you
1031 have loaded (you shouldn't), you should disable this part using
1032 "forbid_objects" or using "new_safe".
1033 CBOR can be extended with tags that call library code
1035 CBOR can be extended with tags, and "CBOR::XS" has a registry of
1036 conversion functions for many existing tags that can be extended
1037 via third-party modules (see the "filter" method).
1038 If you don't trust these, you should configure the "safe" filter
1040 function, "CBOR::XS::safe_filter" ("new_safe" does this), which by
1041 default only includes conversion functions that are considered
1042 "safe" by the author (but again, they can be extended by third
1043 party modules).
1044 Depending on your level of paranoia, you can use the "safe" filter:
1046 $cbor->filter (\&CBOR::XS::safe_filter);
1048 ... your own filter...
1050 $cbor->filter (sub { ... do your stuffs here ... });
1052 ... or even no filter at all, disabling all tag decoding:
1054 $cbor->filter (sub { });
1056 This is never a problem for encoding, as the tag mechanism only
1058 exists in CBOR texts.
1059 Resource-starving attacks: object memory usage
1061 You need to avoid resource-starving attacks. That means you should
1062 limit the size of CBOR data you accept, or make sure then when your
1063 resources run out, that's just fine (e.g. by using a separate
1064 process that can crash safely). The size of a CBOR string in octets
1065 is usually a good indication of the size of the resources required
1066 to decode it into a Perl structure. While CBOR::XS can check the
1067 size of the CBOR text (using "max_size" - done by "new_safe"), it
1068 might be too late when you already have it in memory, so you might
1069 want to check the size before you accept the string.
1070 As for encoding, it is possible to construct data structures that
1072 are relatively small but result in large CBOR texts (for example by
1073 having an array full of references to the same big data structure,
1074 which will all be deep-cloned during encoding by default). This is
1075 rarely an actual issue (and the worst case is still just running
1076 out of memory), but you can reduce this risk by using
1077 "allow_sharing".
1078 Resource-starving attacks: stack overflows
1080 CBOR::XS recurses using the C stack when decoding objects and
1081 arrays. The C stack is a limited resource: for instance, on my
1082 amd64 machine with 8MB of stack size I can decode around 180k
1083 nested arrays but only 14k nested CBOR objects (due to perl itself
1084 recursing deeply on croak to free the temporary). If that is
1085 exceeded, the program crashes. To be conservative, the default
1086 nesting limit is set to 512. If your process has a smaller stack,
1087 you should adjust this setting accordingly with the "max_depth"
1088 method.
1089 Resource-starving attacks: CPU en-/decoding complexity
1091 CBOR::XS will use the Math::BigInt, Math::BigFloat and Math::BigRat
1092 libraries to represent encode/decode bignums. These can be very
1093 slow (as in, centuries of CPU time) and can even crash your program
1094 (and are generally not very trustworthy). See the next section on
1095 bignum security for details.
1096 Data breaches: leaking information in error messages
1098 CBOR::XS might leak contents of your Perl data structures in its
1099 error messages, so when you serialise sensitive information you
1100 might want to make sure that exceptions thrown by CBOR::XS will not
1101 end up in front of untrusted eyes.
1102 Something else...
1104 Something else could bomb you, too, that I forgot to think of. In
1105 that case, you get to keep the pieces. I am always open for hints,
1106 though...
1107
1109 CBOR::XS provides a "TO_CBOR" method for both Math::BigInt and
1110 Math::BigFloat that tries to encode the number in the simplest possible
1111 way, that is, either a CBOR integer, a CBOR bigint/decimal fraction
1112 (tag 4) or an arbitrary-exponent decimal fraction (tag 264). Rational
1113 numbers (Math::BigRat, tag 30) can also contain bignums as members.
1114 CBOR::XS will also understand base-2 bigfloat or arbitrary-exponent
1116 bigfloats (tags 5 and 265), but it will never generate these on its
1117 own.
1118 Using the built-in Math::BigInt::Calc support, encoding and decoding
1120 decimal fractions is generally fast. Decoding bigints can be slow for
1121 very big numbers (tens of thousands of digits, something that could
1122 potentially be caught by limiting the size of CBOR texts), and decoding
1123 bigfloats or arbitrary-exponent bigfloats can be extremely slow
1124 (minutes, decades) for large exponents (roughly 40 bit and longer).
1125 Additionally, Math::BigInt can take advantage of other bignum
1127 libraries, such as Math::GMP, which cannot handle big floats with large
1128 exponents, and might simply abort or crash your program, due to their
1129 code quality.
1130 This can be a concern if you want to parse untrusted CBOR. If it is,
1132 you might want to disable decoding of tag 2 (bigint) and 3 (negative
1133 bigint) types. You should also disable types 5 and 265, as these can be
1134 slow even without bigints.
1135 Disabling bigints will also partially or fully disable types that rely
1137 on them, e.g. rational numbers that use bignums.
1138
1140 This section contains some random implementation notes. They do not
1141 describe guaranteed behaviour, but merely behaviour as-is implemented
1142 right now.
1143 64 bit integers are only properly decoded when Perl was built with 64
1145 bit support.
1146 Strings and arrays are encoded with a definite length. Hashes as well,
1148 unless they are tied (or otherwise magical).
1149 Only the double data type is supported for NV data types - when Perl
1151 uses long double to represent floating point values, they might not be
1152 encoded properly. Half precision types are accepted, but not encoded.
1153 Strict mode and canonical mode are not implemented.
1155
1157 On perls that were built without 64 bit integer support (these are rare
1158 nowadays, even on 32 bit architectures, as all major Perl distributions
1159 are built with 64 bit integer support), support for any kind of 64 bit
1160 value in CBOR is very limited - most likely, these 64 bit values will
1161 be truncated, corrupted, or otherwise not decoded correctly. This also
1162 includes string, float, array and map sizes that are stored as 64 bit
1163 integers.
1164
1166 This module is not guaranteed to be thread safe and there are no plans
1167 to change this until Perl gets thread support (as opposed to the
1168 horribly slow so-called "threads" which are simply slow and bloated
1169 process simulations - use fork, it's much faster, cheaper, better).
1170 (It might actually work, but you have been warned).
1172
1174 While the goal of this module is to be correct, that unfortunately does
1175 not mean it's bug-free, only that I think its design is bug-free. If
1176 you keep reporting bugs they will be fixed swiftly, though.
1177 Please refrain from using rt.cpan.org or any other bug reporting
1179 service. I put the contact address into my modules for a reason.
1180
1182 The JSON and JSON::XS modules that do similar, but human-readable,
1183 serialisation.
1184 The Types::Serialiser module provides the data model for true, false
1186 and error values.
1187
1189 Marc Lehmann <schmorp@schmorp.de>
1190 http://home.schmorp.de/
1191perl v5.32.1 2021-01-26 XS(3)