sensor-d4-tls-fingerprinting/etls/etls_alert.go

166 lines
4.9 KiB
Go
Raw Permalink Normal View History

2019-02-01 11:28:20 +01:00
// Copyright 2018 The GoPacket Authors. All rights reserved.
//
// Use of this source code is governed by a BSD-style license
// that can be found in the LICENSE file in the root of the source
// tree.
package etls
import (
"errors"
"fmt"
"github.com/google/gopacket"
)
// ETLSAlertLevel defines the alert level data type
type ETLSAlertLevel uint8
// ETLSAlertDescr defines the alert descrption data type
type ETLSAlertDescr uint8
const (
ETLSAlertWarning ETLSAlertLevel = 1
ETLSAlertFatal ETLSAlertLevel = 2
ETLSAlertUnknownLevel ETLSAlertLevel = 255
ETLSAlertCloseNotify ETLSAlertDescr = 0
ETLSAlertUnexpectedMessage ETLSAlertDescr = 10
ETLSAlertBadRecordMac ETLSAlertDescr = 20
ETLSAlertDecryptionFailedRESERVED ETLSAlertDescr = 21
ETLSAlertRecordOverflow ETLSAlertDescr = 22
ETLSAlertDecompressionFailure ETLSAlertDescr = 30
ETLSAlertHandshakeFailure ETLSAlertDescr = 40
ETLSAlertNoCertificateRESERVED ETLSAlertDescr = 41
ETLSAlertBadCertificate ETLSAlertDescr = 42
ETLSAlertUnsupportedCertificate ETLSAlertDescr = 43
ETLSAlertCertificateRevoked ETLSAlertDescr = 44
ETLSAlertCertificateExpired ETLSAlertDescr = 45
ETLSAlertCertificateUnknown ETLSAlertDescr = 46
ETLSAlertIllegalParameter ETLSAlertDescr = 47
ETLSAlertUnknownCa ETLSAlertDescr = 48
ETLSAlertAccessDenied ETLSAlertDescr = 49
ETLSAlertDecodeError ETLSAlertDescr = 50
ETLSAlertDecryptError ETLSAlertDescr = 51
ETLSAlertExportRestrictionRESERVED ETLSAlertDescr = 60
ETLSAlertProtocolVersion ETLSAlertDescr = 70
ETLSAlertInsufficientSecurity ETLSAlertDescr = 71
ETLSAlertInternalError ETLSAlertDescr = 80
ETLSAlertUserCanceled ETLSAlertDescr = 90
ETLSAlertNoRenegotiation ETLSAlertDescr = 100
ETLSAlertUnsupportedExtension ETLSAlertDescr = 110
ETLSAlertUnknownDescription ETLSAlertDescr = 255
)
// ETLS Alert
// 0 1 2 3 4 5 6 7 8
// +--+--+--+--+--+--+--+--+
// | Level |
// +--+--+--+--+--+--+--+--+
// | Description |
// +--+--+--+--+--+--+--+--+
// ETLSAlertRecord contains all the information that each Alert Record type should have
type ETLSAlertRecord struct {
ETLSRecordHeader
Level ETLSAlertLevel
Description ETLSAlertDescr
EncryptedMsg []byte
}
// DecodeFromBytes decodes the slice into the ETLS struct.
func (t *ETLSAlertRecord) decodeFromBytes(h ETLSRecordHeader, data []byte, df gopacket.DecodeFeedback) error {
// ETLS Record Header
t.ContentType = h.ContentType
t.Version = h.Version
t.Length = h.Length
if len(data) < 2 {
df.SetTruncated()
return errors.New("ETLS Alert packet too short")
}
if t.Length == 2 {
t.Level = ETLSAlertLevel(data[0])
t.Description = ETLSAlertDescr(data[1])
} else {
t.Level = ETLSAlertUnknownLevel
t.Description = ETLSAlertUnknownDescription
t.EncryptedMsg = data
}
return nil
}
// Strings shows the ETLS alert level nicely formatted
func (al ETLSAlertLevel) String() string {
switch al {
default:
return fmt.Sprintf("Unknown(%d)", al)
case ETLSAlertWarning:
return "Warning"
case ETLSAlertFatal:
return "Fatal"
}
}
// Strings shows the ETLS alert description nicely formatted
func (ad ETLSAlertDescr) String() string {
switch ad {
default:
return "Unknown"
case ETLSAlertCloseNotify:
return "close_notify"
case ETLSAlertUnexpectedMessage:
return "unexpected_message"
case ETLSAlertBadRecordMac:
return "bad_record_mac"
case ETLSAlertDecryptionFailedRESERVED:
return "decryption_failed_RESERVED"
case ETLSAlertRecordOverflow:
return "record_overflow"
case ETLSAlertDecompressionFailure:
return "decompression_failure"
case ETLSAlertHandshakeFailure:
return "handshake_failure"
case ETLSAlertNoCertificateRESERVED:
return "no_certificate_RESERVED"
case ETLSAlertBadCertificate:
return "bad_certificate"
case ETLSAlertUnsupportedCertificate:
return "unsupported_certificate"
case ETLSAlertCertificateRevoked:
return "certificate_revoked"
case ETLSAlertCertificateExpired:
return "certificate_expired"
case ETLSAlertCertificateUnknown:
return "certificate_unknown"
case ETLSAlertIllegalParameter:
return "illegal_parameter"
case ETLSAlertUnknownCa:
return "unknown_ca"
case ETLSAlertAccessDenied:
return "access_denied"
case ETLSAlertDecodeError:
return "decode_error"
case ETLSAlertDecryptError:
return "decrypt_error"
case ETLSAlertExportRestrictionRESERVED:
return "export_restriction_RESERVED"
case ETLSAlertProtocolVersion:
return "protocol_version"
case ETLSAlertInsufficientSecurity:
return "insufficient_security"
case ETLSAlertInternalError:
return "internal_error"
case ETLSAlertUserCanceled:
return "user_canceled"
case ETLSAlertNoRenegotiation:
return "no_renegotiation"
case ETLSAlertUnsupportedExtension:
return "unsupported_extension"
}
}