def unpack(packed_bytes):
"Deserialize an EPB object from packed bytes"
util.assert_type_bytes(packed_bytes)
(block_type, block_total_len, interface_id, timestamp_high,
timestamp_low, pkt_data_captured_len,
pkt_data_orig_len) = struct.unpack(EnhancedPacketBlock.head_encoding,
packed_bytes[:28])
(block_total_len_end, ) = struct.unpack(
EnhancedPacketBlock.tail_encoding, packed_bytes[-4:])
time_utc_micros = util.uint64_join32(timestamp_high, timestamp_low)
assert block_type == EnhancedPacketBlock.SPEC_CODE #todo verify block type & all fields, all fns
assert block_total_len == block_total_len_end == len(packed_bytes)
assert pkt_data_captured_len <= pkt_data_orig_len
pkt_data_captured_pad_len = util.block32_ceil_num_bytes(
pkt_data_captured_len)
block_bytes_stripped = packed_bytes[28:-4]
pkt_data = block_bytes_stripped[:pkt_data_captured_len]
options_bytes = block_bytes_stripped[pkt_data_captured_pad_len:]
options_lst = option.unpack_all(
EnhancedPacketBlock.UNPACK_DISPATCH_TABLE, options_bytes)
result_obj = EnhancedPacketBlock(interface_id,
pkt_data,
pkt_data_orig_len,
options_lst,
timestamp=time_utc_micros)
return result_obj
def uint32_unpack(packed_bytes):
util.assert_type_bytes(packed_bytes)
assert len(packed_bytes) == 8
(type, length,
value) = struct.unpack('=HHL', packed_bytes[:8]) #todo use endian flag
assert (type, length) == (UINT32, 4)
return value
def uint16_unpack(packed_bytes):
util.assert_type_bytes(packed_bytes)
assert len(packed_bytes) == 8
(type, length,
value) = struct.unpack('=HHH', packed_bytes[:6]) #todo use endian flag
assert (type, length) == (UINT16, 2)
return value
def float64_unpack(packed_bytes):
util.assert_type_bytes(packed_bytes)
assert len(packed_bytes) == 12
(type, length,
value) = struct.unpack('=HHd', packed_bytes[:12]) #todo use endian flag
assert (type, length) == (FLOAT64, 8)
return value
def int8_unpack(packed_bytes):
util.assert_type_bytes(packed_bytes)
assert len(packed_bytes) == 8
(type, length,
value) = struct.unpack('=HHb', packed_bytes[:5]) #todo use endian flag
assert (type, length) == (INT8, 1)
return value
def unpack(packed_bytes):
"Deserialize a ISIS MRT Block object from packed bytes"
util.assert_type_bytes(packed_bytes)
cbc_obj = CustomBlockCopyable.unpack(packed_bytes)
assert cbc_obj.block_type == CustomBlockCopyable.SPEC_CODE
assert cbc_obj.pen_val == pcapng.pen.BROCADE_PEN
assert cbc_obj.options_lst == CustomMrtIsisBlock.cmib_options
mrt_info = mrt.mrt_isis_block_unpack(cbc_obj.content)
return mrt_info
def string_utf8_unpack(packed_bytes):
util.assert_type_bytes(packed_bytes)
(type, length) = struct.unpack('=HH',
packed_bytes[:4]) #todo use endian flag
content_pad = packed_bytes[4:]
assert type == STRING_UTF8
assert 0 <= length <= len(content_pad)
content = str(content_pad[:length])
return content
def segment_all(raw_bytes):
"""Given the packed bytes for multiple options,
returns a list of packed bytes for the individual options."""
util.assert_type_bytes(raw_bytes)
util.assert_block32_length(raw_bytes)
segments = []
while (0 < len(raw_bytes)):
(segment, raw_bytes_remaining) = segment_rolling(raw_bytes)
segments.append(segment)
raw_bytes = raw_bytes_remaining
return segments
def segment_rolling(raw_bytes): #todo inline below
#todo verify all fields
"""Given the packed bytes for multiple options, unpacks and returns the first option object
and the remaining packed bytes."""
util.assert_type_bytes(raw_bytes)
assert 4 <= len(raw_bytes)
(type_code, content_len_orig) = struct.unpack('=HH', raw_bytes[:4])
content_len_pad = util.block32_ceil_num_bytes(content_len_orig)
first_block_len_pad = 4 + content_len_pad
assert first_block_len_pad <= len(raw_bytes)
opt_bytes = raw_bytes[:first_block_len_pad]
raw_bytes_remaining = raw_bytes[first_block_len_pad:]
return (opt_bytes, raw_bytes_remaining)
def unpack(block_bytes): #todo verify block type & all fields
"Deserialize an SPB object from packed bytes"
util.assert_type_bytes(block_bytes)
(block_type, block_total_len,
original_pkt_len) = struct.unpack(SimplePacketBlock.head_encoding,
block_bytes[:12])
(block_total_len_end, ) = struct.unpack(
SimplePacketBlock.tail_encoding, block_bytes[-4:])
assert block_type == SimplePacketBlock.SPEC_CODE
assert block_total_len == block_total_len_end == len(block_bytes)
pkt_data = block_bytes[12:(12 + original_pkt_len)]
result_obj = SimplePacketBlock(pkt_data)
return result_obj
def test_section_header_block():
opts = [
option.ShbHardware("Dell"),
option.ShbOs("Ubuntu"),
option.ShbUserAppl("IntelliJ Idea")
]
shb_obj = block.SectionHeaderBlock(opts)
idb_bytes = shb_obj.pack()
shb_obj_unpacked = block.SectionHeaderBlock.unpack(idb_bytes)
util.assert_type_bytes(idb_bytes)
assert util.classname(
shb_obj_unpacked) == 'pcapng.block.SectionHeaderBlock'
print('710', shb_obj)
print('711', shb_obj_unpacked)
assert shb_obj == shb_obj_unpacked
def segment_all(raw_bytes):
"""Given concatenated packed bytes for PCAPNG blocks, returns a list of packed bytes for
individual block segments"""
util.assert_type_bytes(raw_bytes)
util.assert_block32_length(raw_bytes)
blk_segments = []
while (0 < len(raw_bytes)):
assert 8 <= len(raw_bytes)
(blk_type, blk_total_len, unused) = strip_header(raw_bytes)
assert blk_total_len <= len(raw_bytes)
blk_bytes = raw_bytes[:blk_total_len]
raw_bytes_remaining = raw_bytes[blk_total_len:]
blk_segments.append(blk_bytes)
raw_bytes = raw_bytes_remaining
return blk_segments
def pack(self):
"Serialize a IDB object into packed bytes"
options_bytes = option.pack_all(self.options_lst)
util.assert_type_bytes(options_bytes)
util.assert_block32_length(options_bytes)
block_total_len = (
4 + # block type
4 + # block total length
2 + 2 + # linktype + reserved
4 + # snaplen
len(options_bytes) + 4) # block total length
packed_bytes = (struct.pack(
self.block_head_encoding, self.SPEC_CODE, block_total_len,
self.link_type, self.reserved, self.snaplen) + options_bytes +
struct.pack(self.block_tail_encoding, block_total_len))
return packed_bytes
def unpack(packed_bytes): #todo verify block type & all fields
"Deserialize a CBC object from packed bytes"
util.assert_type_bytes(packed_bytes)
(block_type, block_total_len,
pen_val) = struct.unpack(CustomBlock.head_encoding, packed_bytes[:12])
(block_total_len_end, ) = struct.unpack(CustomBlock.tail_encoding,
packed_bytes[-4:])
assert (block_type == CustomBlockCopyable.SPEC_CODE)
assert pen_val == pcapng.pen.BROCADE_PEN
assert block_total_len == block_total_len_end == len(packed_bytes)
block_bytes_stripped = packed_bytes[12:-4]
(content_bytes, options_bytes
) = util.block32_lv_bytes_unpack_rolling(block_bytes_stripped)
options_lst = option.unpack_all(CustomBlock.UNPACK_DISPATCH_TABLE,
options_bytes)
result_obj = CustomBlockCopyable(pen_val, content_bytes, options_lst)
return result_obj
def unpack(block_bytes): #todo verify block type & all fields
"Deserialize a IDB object from packed bytes"
util.assert_type_bytes(block_bytes)
(block_type, block_total_len, link_type, reserved,
snaplen) = struct.unpack(InterfaceDescBlock.block_head_encoding,
block_bytes[:16])
(block_total_len_end, ) = struct.unpack(
InterfaceDescBlock.block_tail_encoding, block_bytes[-4:])
assert block_type == InterfaceDescBlock.SPEC_CODE
assert block_total_len == block_total_len_end == len(block_bytes)
assert reserved == 0
assert snaplen == 0
options_bytes = block_bytes[16:-4]
options_lst = option.unpack_all(
InterfaceDescBlock.UNPACK_DISPATCH_TABLE, options_bytes)
result_obj = InterfaceDescBlock(link_type, options_lst)
return result_obj
def unpack(block_bytes): #todo verify block type & all fields
"Deserialize a SHB object from packed bytes"
util.assert_type_bytes(block_bytes)
(block_type, block_total_len, byte_order_magic, major_version,
minor_version,
section_len) = struct.unpack(SectionHeaderBlock.block_head_encoding,
block_bytes[:24])
(block_total_len_end, ) = struct.unpack(
SectionHeaderBlock.block_tail_encoding, block_bytes[-4:])
assert block_type == SectionHeaderBlock.SPEC_CODE
assert byte_order_magic == BYTE_ORDER_MAGIC
assert major_version == SectionHeaderBlock.MAJOR_VERSION
assert minor_version == SectionHeaderBlock.MINOR_VERSION
assert block_total_len == block_total_len_end == len(block_bytes)
# section_len currently ignored
options_bytes = block_bytes[24:-4]
options_lst = option.unpack_all(
SectionHeaderBlock.UNPACK_DISPATCH_TABLE, options_bytes)
result_obj = SectionHeaderBlock(options_lst)
return result_obj
