github.com/gopacket/gopacket@v1.1.0/layers/tls_alert.go (about) 1 // Copyright 2018 The GoPacket Authors. All rights reserved. 2 // 3 // Use of this source code is governed by a BSD-style license 4 // that can be found in the LICENSE file in the root of the source 5 // tree. 6 7 package layers 8 9 import ( 10 "errors" 11 "fmt" 12 13 "github.com/gopacket/gopacket" 14 ) 15 16 // TLSAlertLevel defines the alert level data type 17 type TLSAlertLevel uint8 18 19 // TLSAlertDescr defines the alert descrption data type 20 type TLSAlertDescr uint8 21 22 const ( 23 TLSAlertWarning TLSAlertLevel = 1 24 TLSAlertFatal TLSAlertLevel = 2 25 TLSAlertUnknownLevel TLSAlertLevel = 255 26 27 TLSAlertCloseNotify TLSAlertDescr = 0 28 TLSAlertUnexpectedMessage TLSAlertDescr = 10 29 TLSAlertBadRecordMac TLSAlertDescr = 20 30 TLSAlertDecryptionFailedRESERVED TLSAlertDescr = 21 31 TLSAlertRecordOverflow TLSAlertDescr = 22 32 TLSAlertDecompressionFailure TLSAlertDescr = 30 33 TLSAlertHandshakeFailure TLSAlertDescr = 40 34 TLSAlertNoCertificateRESERVED TLSAlertDescr = 41 35 TLSAlertBadCertificate TLSAlertDescr = 42 36 TLSAlertUnsupportedCertificate TLSAlertDescr = 43 37 TLSAlertCertificateRevoked TLSAlertDescr = 44 38 TLSAlertCertificateExpired TLSAlertDescr = 45 39 TLSAlertCertificateUnknown TLSAlertDescr = 46 40 TLSAlertIllegalParameter TLSAlertDescr = 47 41 TLSAlertUnknownCa TLSAlertDescr = 48 42 TLSAlertAccessDenied TLSAlertDescr = 49 43 TLSAlertDecodeError TLSAlertDescr = 50 44 TLSAlertDecryptError TLSAlertDescr = 51 45 TLSAlertExportRestrictionRESERVED TLSAlertDescr = 60 46 TLSAlertProtocolVersion TLSAlertDescr = 70 47 TLSAlertInsufficientSecurity TLSAlertDescr = 71 48 TLSAlertInternalError TLSAlertDescr = 80 49 TLSAlertUserCanceled TLSAlertDescr = 90 50 TLSAlertNoRenegotiation TLSAlertDescr = 100 51 TLSAlertUnsupportedExtension TLSAlertDescr = 110 52 TLSAlertUnknownDescription TLSAlertDescr = 255 53 ) 54 55 // TLS Alert 56 // 0 1 2 3 4 5 6 7 8 57 // +--+--+--+--+--+--+--+--+ 58 // | Level | 59 // +--+--+--+--+--+--+--+--+ 60 // | Description | 61 // +--+--+--+--+--+--+--+--+ 62 63 // TLSAlertRecord contains all the information that each Alert Record type should have 64 type TLSAlertRecord struct { 65 TLSRecordHeader 66 67 Level TLSAlertLevel 68 Description TLSAlertDescr 69 70 EncryptedMsg []byte 71 } 72 73 // DecodeFromBytes decodes the slice into the TLS struct. 74 func (t *TLSAlertRecord) decodeFromBytes(h TLSRecordHeader, data []byte, df gopacket.DecodeFeedback) error { 75 // TLS Record Header 76 t.ContentType = h.ContentType 77 t.Version = h.Version 78 t.Length = h.Length 79 80 if len(data) < 2 { 81 df.SetTruncated() 82 return errors.New("TLS Alert packet too short") 83 } 84 85 if t.Length == 2 { 86 t.Level = TLSAlertLevel(data[0]) 87 t.Description = TLSAlertDescr(data[1]) 88 } else { 89 t.Level = TLSAlertUnknownLevel 90 t.Description = TLSAlertUnknownDescription 91 t.EncryptedMsg = data 92 } 93 94 return nil 95 } 96 97 // Strings shows the TLS alert level nicely formatted 98 func (al TLSAlertLevel) String() string { 99 switch al { 100 default: 101 return fmt.Sprintf("Unknown(%d)", al) 102 case TLSAlertWarning: 103 return "Warning" 104 case TLSAlertFatal: 105 return "Fatal" 106 } 107 } 108 109 // Strings shows the TLS alert description nicely formatted 110 func (ad TLSAlertDescr) String() string { 111 switch ad { 112 default: 113 return "Unknown" 114 case TLSAlertCloseNotify: 115 return "close_notify" 116 case TLSAlertUnexpectedMessage: 117 return "unexpected_message" 118 case TLSAlertBadRecordMac: 119 return "bad_record_mac" 120 case TLSAlertDecryptionFailedRESERVED: 121 return "decryption_failed_RESERVED" 122 case TLSAlertRecordOverflow: 123 return "record_overflow" 124 case TLSAlertDecompressionFailure: 125 return "decompression_failure" 126 case TLSAlertHandshakeFailure: 127 return "handshake_failure" 128 case TLSAlertNoCertificateRESERVED: 129 return "no_certificate_RESERVED" 130 case TLSAlertBadCertificate: 131 return "bad_certificate" 132 case TLSAlertUnsupportedCertificate: 133 return "unsupported_certificate" 134 case TLSAlertCertificateRevoked: 135 return "certificate_revoked" 136 case TLSAlertCertificateExpired: 137 return "certificate_expired" 138 case TLSAlertCertificateUnknown: 139 return "certificate_unknown" 140 case TLSAlertIllegalParameter: 141 return "illegal_parameter" 142 case TLSAlertUnknownCa: 143 return "unknown_ca" 144 case TLSAlertAccessDenied: 145 return "access_denied" 146 case TLSAlertDecodeError: 147 return "decode_error" 148 case TLSAlertDecryptError: 149 return "decrypt_error" 150 case TLSAlertExportRestrictionRESERVED: 151 return "export_restriction_RESERVED" 152 case TLSAlertProtocolVersion: 153 return "protocol_version" 154 case TLSAlertInsufficientSecurity: 155 return "insufficient_security" 156 case TLSAlertInternalError: 157 return "internal_error" 158 case TLSAlertUserCanceled: 159 return "user_canceled" 160 case TLSAlertNoRenegotiation: 161 return "no_renegotiation" 162 case TLSAlertUnsupportedExtension: 163 return "unsupported_extension" 164 } 165 }