vendor/github.com/pion/dtls/v2/pkg/protocol/alert/alert.go


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160

// Package alert implements TLS alert protocol https://tools.ietf.org/html/rfc5246#section-7.2
package alert

import (
	"errors"
	"fmt"

	"github.com/pion/dtls/v2/pkg/protocol"
)

var errBufferTooSmall = &protocol.TemporaryError{Err: errors.New("buffer is too small")} //nolint:goerr113

// Level is the level of the TLS Alert
type Level byte

// Level enums
const (
	Warning Level = 1
	Fatal   Level = 2
)

func (l Level) String() string {
	switch l {
	case Warning:
		return "Warning"
	case Fatal:
		return "Fatal"
	default:
		return "Invalid alert level"
	}
}

// Description is the extended info of the TLS Alert
type Description byte

// Description enums
const (
	CloseNotify            Description = 0
	UnexpectedMessage      Description = 10
	BadRecordMac           Description = 20
	DecryptionFailed       Description = 21
	RecordOverflow         Description = 22
	DecompressionFailure   Description = 30
	HandshakeFailure       Description = 40
	NoCertificate          Description = 41
	BadCertificate         Description = 42
	UnsupportedCertificate Description = 43
	CertificateRevoked     Description = 44
	CertificateExpired     Description = 45
	CertificateUnknown     Description = 46
	IllegalParameter       Description = 47
	UnknownCA              Description = 48
	AccessDenied           Description = 49
	DecodeError            Description = 50
	DecryptError           Description = 51
	ExportRestriction      Description = 60
	ProtocolVersion        Description = 70
	InsufficientSecurity   Description = 71
	InternalError          Description = 80
	UserCanceled           Description = 90
	NoRenegotiation        Description = 100
	UnsupportedExtension   Description = 110
)

func (d Description) String() string {
	switch d {
	case CloseNotify:
		return "CloseNotify"
	case UnexpectedMessage:
		return "UnexpectedMessage"
	case BadRecordMac:
		return "BadRecordMac"
	case DecryptionFailed:
		return "DecryptionFailed"
	case RecordOverflow:
		return "RecordOverflow"
	case DecompressionFailure:
		return "DecompressionFailure"
	case HandshakeFailure:
		return "HandshakeFailure"
	case NoCertificate:
		return "NoCertificate"
	case BadCertificate:
		return "BadCertificate"
	case UnsupportedCertificate:
		return "UnsupportedCertificate"
	case CertificateRevoked:
		return "CertificateRevoked"
	case CertificateExpired:
		return "CertificateExpired"
	case CertificateUnknown:
		return "CertificateUnknown"
	case IllegalParameter:
		return "IllegalParameter"
	case UnknownCA:
		return "UnknownCA"
	case AccessDenied:
		return "AccessDenied"
	case DecodeError:
		return "DecodeError"
	case DecryptError:
		return "DecryptError"
	case ExportRestriction:
		return "ExportRestriction"
	case ProtocolVersion:
		return "ProtocolVersion"
	case InsufficientSecurity:
		return "InsufficientSecurity"
	case InternalError:
		return "InternalError"
	case UserCanceled:
		return "UserCanceled"
	case NoRenegotiation:
		return "NoRenegotiation"
	case UnsupportedExtension:
		return "UnsupportedExtension"
	default:
		return "Invalid alert description"
	}
}

// Alert is one of the content types supported by the TLS record layer.
// Alert messages convey the severity of the message
// (warning or fatal) and a description of the alert.  Alert messages
// with a level of fatal result in the immediate termination of the
// connection.  In this case, other connections corresponding to the
// session may continue, but the session identifier MUST be invalidated,
// preventing the failed session from being used to establish new
// connections.  Like other messages, alert messages are encrypted and
// compressed, as specified by the current connection state.
// https://tools.ietf.org/html/rfc5246#section-7.2
type Alert struct {
	Level       Level
	Description Description
}

// ContentType returns the ContentType of this Content
func (a Alert) ContentType() protocol.ContentType {
	return protocol.ContentTypeAlert
}

// Marshal returns the encoded alert
func (a *Alert) Marshal() ([]byte, error) {
	return []byte{byte(a.Level), byte(a.Description)}, nil
}

// Unmarshal populates the alert from binary data
func (a *Alert) Unmarshal(data []byte) error {
	if len(data) != 2 {
		return errBufferTooSmall
	}

	a.Level = Level(data[0])
	a.Description = Description(data[1])
	return nil
}

func (a *Alert) String() string {
	return fmt.Sprintf("Alert %s: %s", a.Level, a.Description)
}