Subversion Repositories uuid_mac_utils

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * See the License for the specific language governing permissions and

 * limitations under the License.

 * limitations under the License.

 */

 */

const IEEE_MAC_REGISTRY = __DIR__ . '/../web-data';

const IEEE_MAC_REGISTRY = __DIR__ . '/../web-data';

/**

/**

 * @param string $mac MAC, EUI, or IPv6-LinkLocal Address

 * @param string $mac MAC, EUI, or IPv6-LinkLocal Address

 * @return bool True if it is valid

 * @return bool True if it is valid

 */

 */

function mac_valid(string $mac): bool {

function mac_valid(string $mac): bool {

        $tmp = ipv6linklocal_to_mac48($mac);

        $tmp = ipv6linklocal_to_mac48($mac);

        return ($mac === '');

        return ($mac === '');

}

}

/**

/**

 * @param string $mac

 * @param string $mac

 * @return false|int

 * @return false|int

 */

 */

function eui_bits(string $mac) {

function eui_bits(string $mac) {

        if (!mac_valid($mac)) return false;

        if (!mac_valid($mac)) return false;

        $mac = mac_canonize($mac, '');

        $mac = mac_canonize($mac, '');

        return (int)(strlen($mac)*4);

        return (int)(strlen($mac)*4);

}

}

/**

/**

 * @param string $delimiter Desired delimiter for inserting between each octet

 * @param string $delimiter Desired delimiter for inserting between each octet

 * @return string|false The canonized address (Note: IPv6-Linklocal becomes EUI-64)

 * @return string|false The canonized address (Note: IPv6-Linklocal becomes EUI-64)

 */

 */

function mac_canonize(string $mac, string $delimiter="-") {

function mac_canonize(string $mac, string $delimiter="-") {

        if (!mac_valid($mac)) return false;

        if (!mac_valid($mac)) return false;

 */

 */

function eui64_to_eui48(string $eui64) {

function eui64_to_eui48(string $eui64) {

        if (!mac_valid($eui64)) return false;

        if (!mac_valid($eui64)) return false;

        $eui64 = mac_canonize($eui64, '');

        $eui64 = mac_canonize($eui64, '');

        if (eui_bits($eui64) == 48) return mac_canonize($eui64);

        if (eui_bits($eui64) == 48) return mac_canonize($eui64);

        if (substr($eui64, 6, 4) == 'FFFF') {

        if (substr($eui64, 6, 4) == 'FFFF') {

                // EUI-64 to MAC-48

                // EUI-64 to MAC-48

                return mac_canonize(substr($eui64, 0, 6).substr($eui64, 10, 6));

                return mac_canonize(substr($eui64, 0, 6).substr($eui64, 10, 6));

        } else if (substr($eui64, 6, 4) == 'FFFE') {

        } else if (substr($eui64, 6, 4) == 'FFFE') {

        // Note: MAC-48 is used for network hardware; EUI-48 is used to identify other devices and software.

        // Note: MAC-48 is used for network hardware; EUI-48 is used to identify other devices and software.

        //       MAC48-to-EUI64 Encapsulation uses 0xFFFF middle part

        //       MAC48-to-EUI64 Encapsulation uses 0xFFFF middle part

        if (!mac_valid($mac48)) return false;

        if (!mac_valid($mac48)) return false;

        $mac48 = mac_canonize($mac48, '');

        $mac48 = mac_canonize($mac48, '');

        if (eui_bits($mac48) == 64) return mac_canonize($mac48);

        if (eui_bits($mac48) == 64) return mac_canonize($mac48);

        $eui64 = substr($mac48, 0, 6).'FFFF'.substr($mac48, 6, 6);

        $eui64 = substr($mac48, 0, 6).'FFFF'.substr($mac48, 6, 6);

        return mac_canonize($eui64);

        return mac_canonize($eui64);

}

}

        // Note: MAC-48 is used for network hardware; EUI-48 is used to identify other devices and software.

        // Note: MAC-48 is used for network hardware; EUI-48 is used to identify other devices and software.

        //       EUI48-to-EUI64 Encapsulation uses 0xFFFF middle part

        //       EUI48-to-EUI64 Encapsulation uses 0xFFFF middle part

        if (!mac_valid($eui48)) return false;

        if (!mac_valid($eui48)) return false;

        $eui48 = mac_canonize($eui48, '');

        $eui48 = mac_canonize($eui48, '');

        if (eui_bits($eui48) == 64) return mac_canonize($eui48);

        if (eui_bits($eui48) == 64) return mac_canonize($eui48);

        $eui64 = substr($eui48, 0, 6).'FFFE'.substr($eui48, 6, 6);

        $eui64 = substr($eui48, 0, 6).'FFFE'.substr($eui48, 6, 6);

        return mac_canonize($eui64);

        return mac_canonize($eui64);

}

}

        // Note: MAC-48 is used for network hardware; EUI-48 is used to identify other devices and software.

        // Note: MAC-48 is used for network hardware; EUI-48 is used to identify other devices and software.

        //       EUI48-to-ModifiedEUI64 Encapsulation uses 0xFFFE middle part (SIC! This was a mistake by IETF, since it should actually be 0xFFFF!)

        //       EUI48-to-ModifiedEUI64 Encapsulation uses 0xFFFE middle part (SIC! This was a mistake by IETF, since it should actually be 0xFFFF!)

        if (!mac_valid($eui48)) return false;

        if (!mac_valid($eui48)) return false;

        $eui48 = mac_canonize($eui48, '');

        $eui48 = mac_canonize($eui48, '');

        if (eui_bits($eui48) == 64) return mac_canonize($eui48);

        if (eui_bits($eui48) == 64) return mac_canonize($eui48);

        $eui64 = substr($eui48, 0, 6).'FFFE'.substr($eui48, 6, 6);

        $eui64 = substr($eui48, 0, 6).'FFFE'.substr($eui48, 6, 6);

        $eui64[1] = dechex(hexdec($eui64[1]) | 2); // flip seventh bit

        $eui64[1] = dechex(hexdec($eui64[1]) | 2); // flip seventh bit

        $mac = str_pad($mac, 16, '0', STR_PAD_LEFT);

        $mac = str_pad($mac, 16, '0', STR_PAD_LEFT);

        return strtolower('fe80::'.substr($mac,0, 4).':'.substr($mac,4, 4).':'.substr($mac,8, 4).':'.substr($mac,12, 4));

        return strtolower('fe80::'.substr($mac,0, 4).':'.substr($mac,4, 4).':'.substr($mac,8, 4).':'.substr($mac,12, 4));

}

}

/**

/**

 * @return void

 * @return void

 * @throws Exception

 * @throws Exception

 */

 */

function decode_mac(string $mac) {

function decode_mac(string $mac) {

        echo sprintf("%-32s %s\n", "Input:", $mac);

        echo sprintf("%-32s %s\n", "Input:", $mac);

        // Format MAC for machine readability

        // Format MAC for machine readability

        $mac = mac_canonize($mac, '');

        $mac = mac_canonize($mac, '');

        $type = '';

        $type = '';

        $tmp = ipv6linklocal_to_mac48($mac);

                $tmp = ipv6linklocal_to_mac48($mac);

        if ($tmp !== false) {

                if ($tmp !== false) {

                $mac = $tmp;

                        $mac = $tmp;

                $type = 'IPv6-Link-Local';

                        $type = 'IPv6-Link-Local';

        }

                }

                        }

                                }

                } else {

                        } else {

                        assert(false); /** @phpstan-ignore-line */

                                assert(false); /** @phpstan-ignore-line */

                }

                        }

        }

                }

        echo sprintf("%-32s %s\n", "Type:", $type);

        echo sprintf("%-32s %s\n", "Type:", $type);

        echo "\n";

        echo "\n";

        // Show various representations

        // Show various representations

        $eui48 = eui64_to_eui48($mac);

                $eui48 = eui64_to_eui48($mac);

        echo sprintf("%-32s %s\n", "EUI-48:", (eui_bits($eui48) != 48) ? 'Not available' : $eui48);

                echo sprintf("%-32s %s\n", "EUI-48:", (eui_bits($eui48) != 48) ? 'Not available' : $eui48);

        if (eui_bits($mac) == 48) {

                if (eui_bits($mac) == 48) {

                $eui64 = mac48_to_eui64($mac);

                        $eui64 = mac48_to_eui64($mac);

                echo sprintf("%-32s %s\n", "EUI-64:", ((eui_bits($eui64) != 64) ? 'Not available' : $eui64).' (MAC-48 to EUI-64 Encapsulation)');

                        echo sprintf("%-32s %s\n", "EUI-64:", ((eui_bits($eui64) != 64) ? 'Not available' : $eui64).' (MAC-48 to EUI-64 Encapsulation)');

                echo sprintf("%-32s %s\n", "IPv6 link local address:", $ipv6);

                        echo sprintf("%-32s %s\n", "IPv6 link local address:", $ipv6);

        } else {

                } else {

                $eui64 = mac_canonize($mac);

                        $eui64 = mac_canonize($mac);

                echo sprintf("%-32s %s\n", "EUI-64:", $eui64);

                        echo sprintf("%-32s %s\n", "EUI-64:", $eui64);

        }

                }

        // Vergabestelle

        // Vergabestelle

        $ul = hexdec($mac[1]) & 2; // Bit #LSB+1 of Byte 1

        $ul = hexdec($mac[1]) & 2; // Bit #LSB+1 of Byte 1

        $ul_ = ($ul == 0) ? '[0] Universally Administered Address (UAA)' : '[1] Locally Administered Address (LAA)';

        $ul_ = ($ul == 0) ? '[0] Universally Administered Address (UAA)' : '[1] Locally Administered Address (LAA)';

        echo sprintf("%-32s %s\n", "Administration type (U/L flag):", $ul_);

        echo sprintf("%-32s %s\n", "Administration type (U/L flag):", $ul_);

        // Empfaengergruppe

        // Empfaengergruppe

        $ig = hexdec($mac[1]) & 1; // Bit #LSB+0 of Byte 1

        $ig = hexdec($mac[1]) & 1; // Bit #LSB+0 of Byte 1

        echo sprintf("%-32s %s\n", "Transmission type (I/G flag):", $ig_);

        echo sprintf("%-32s %s\n", "Transmission type (I/G flag):", $ig_);

        // Query IEEE registries

        // Query IEEE registries

        if (count(glob(IEEE_MAC_REGISTRY.DIRECTORY_SEPARATOR.'*.txt')) > 0) {

        if (count(glob(IEEE_MAC_REGISTRY.DIRECTORY_SEPARATOR.'*.txt')) > 0) {

                if (

                        if (

                        # The IEEE Registration Authority distinguishes between IABs and OUI-36 values. Both are 36-bit values which may be used to generate EUI-48 values, but IABs may not be used to generate EUI-64 values.[6]

                                # The IEEE Registration Authority distinguishes between IABs and OUI-36 values. Both are 36-bit values which may be used to generate EUI-48 values, but IABs may not be used to generate EUI-64 values.[6]

                        # Note: The Individual Address Block (IAB) is an inactive registry activity, which has been replaced by the MA-S registry product as of January 1, 2014.

                                # Note: The Individual Address Block (IAB) is an inactive registry activity, which has been replaced by the MA-S registry product as of January 1, 2014.

                        ($x = _lookup_ieee_registry(IEEE_MAC_REGISTRY . DIRECTORY_SEPARATOR . 'iab.txt', 'IAB', $mac)) ||

                                ($x = _lookup_ieee_registry(IEEE_MAC_REGISTRY . DIRECTORY_SEPARATOR . 'iab.txt', 'IAB', $mac)) ||

                        ($x = _lookup_ieee_registry(IEEE_MAC_REGISTRY . DIRECTORY_SEPARATOR . 'oui36.txt', 'OUI-36 (MA-S)', $mac)) ||

                                ($x = _lookup_ieee_registry(IEEE_MAC_REGISTRY . DIRECTORY_SEPARATOR . 'oui36.txt', 'OUI-36 (MA-S)', $mac)) ||

                        ($x = _lookup_ieee_registry(IEEE_MAC_REGISTRY . DIRECTORY_SEPARATOR . 'oui.txt', 'OUI-24 (MA-L)', $mac))

                                ($x = _lookup_ieee_registry(IEEE_MAC_REGISTRY . DIRECTORY_SEPARATOR . 'oui.txt', 'OUI-24 (MA-L)', $mac))

                ) {

                        ) {

                        echo $x;

                                echo $x;

                }

                        }

        }

                }

        $vm = '';

        $vm = '';

        // === FAQ "Detection rules which don't have their dedicated page yet" ===

        // === FAQ "Detection rules which don't have their dedicated page yet" ===

        // https://wiki.xenproject.org/wiki/Xen_Networking

        // https://wiki.xenproject.org/wiki/Xen_Networking

        // https://mcpmag.com/articles/2007/11/27/hey-vm-whats-your-hypervisor.aspx

        // https://mcpmag.com/articles/2007/11/27/hey-vm-whats-your-hypervisor.aspx

        $hightest = eui64_to_eui48($high);

        $hightest = eui64_to_eui48($high);

        if ($hightest === false) return false;

        if ($hightest === false) return false;

        if ((eui_bits($mactest) != eui_bits($lowtest)) || (eui_bits($lowtest) != eui_bits($hightest))) {

        if ((eui_bits($mactest) != eui_bits($lowtest)) || (eui_bits($lowtest) != eui_bits($hightest))) {

                $mactest = eui48_to_eui64($mac);

                $mactest = eui48_to_eui64($mac);

                $lowtest = eui48_to_eui64($low);

                $lowtest = eui48_to_eui64($low);

                $hightest = eui48_to_eui64($high);

                $hightest = eui48_to_eui64($high);

        }

        }

        $mactest = strtoupper(preg_replace('@[^0-9A-F]@', '', $mactest));

        $mactest = strtoupper(preg_replace('@[^0-9A-F]@', '', $mactest));

        $lowtest = strtoupper(preg_replace('@[^0-9A-F]@', '', $lowtest));

        $lowtest = strtoupper(preg_replace('@[^0-9A-F]@', '', $lowtest));

        $hightest = strtoupper(preg_replace('@[^0-9A-F]@', '', $hightest));

        $hightest = strtoupper(preg_replace('@[^0-9A-F]@', '', $hightest));