/src/botan/src/lib/tls/tls_alert.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Alert Message |
3 | | * (C) 2004-2006,2011 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/tls_alert.h> |
9 | | #include <botan/tls_exceptn.h> |
10 | | |
11 | | namespace Botan { |
12 | | |
13 | | namespace TLS { |
14 | | |
15 | | Alert::Alert(const secure_vector<uint8_t>& buf) |
16 | 50.1k | { |
17 | 50.1k | if(buf.size() != 2) |
18 | 84 | throw Decoding_Error("Bad size (" + std::to_string(buf.size()) + |
19 | 84 | ") for TLS alert message"); |
20 | | |
21 | 50.0k | if(buf[0] == 1) m_fatal = false; |
22 | 3.18k | else if(buf[0] == 2) m_fatal = true; |
23 | 31 | else |
24 | 31 | throw TLS_Exception(Alert::ILLEGAL_PARAMETER, "Bad code for TLS alert level"); |
25 | | |
26 | 50.0k | const uint8_t dc = buf[1]; |
27 | | |
28 | 50.0k | m_type_code = static_cast<Type>(dc); |
29 | 50.0k | } |
30 | | |
31 | | std::vector<uint8_t> Alert::serialize() const |
32 | 5.04k | { |
33 | 5.04k | return std::vector<uint8_t>({ |
34 | 4.95k | static_cast<uint8_t>(is_fatal() ? 2 : 1), |
35 | 5.04k | static_cast<uint8_t>(type()) |
36 | 5.04k | }); |
37 | 5.04k | } |
38 | | |
39 | | std::string Alert::type_string() const |
40 | 0 | { |
41 | 0 | switch(type()) |
42 | 0 | { |
43 | 0 | case CLOSE_NOTIFY: |
44 | 0 | return "close_notify"; |
45 | 0 | case UNEXPECTED_MESSAGE: |
46 | 0 | return "unexpected_message"; |
47 | 0 | case BAD_RECORD_MAC: |
48 | 0 | return "bad_record_mac"; |
49 | 0 | case DECRYPTION_FAILED: |
50 | 0 | return "decryption_failed"; |
51 | 0 | case RECORD_OVERFLOW: |
52 | 0 | return "record_overflow"; |
53 | 0 | case DECOMPRESSION_FAILURE: |
54 | 0 | return "decompression_failure"; |
55 | 0 | case HANDSHAKE_FAILURE: |
56 | 0 | return "handshake_failure"; |
57 | 0 | case NO_CERTIFICATE: |
58 | 0 | return "no_certificate"; |
59 | 0 | case BAD_CERTIFICATE: |
60 | 0 | return "bad_certificate"; |
61 | 0 | case UNSUPPORTED_CERTIFICATE: |
62 | 0 | return "unsupported_certificate"; |
63 | 0 | case CERTIFICATE_REVOKED: |
64 | 0 | return "certificate_revoked"; |
65 | 0 | case CERTIFICATE_EXPIRED: |
66 | 0 | return "certificate_expired"; |
67 | 0 | case CERTIFICATE_UNKNOWN: |
68 | 0 | return "certificate_unknown"; |
69 | 0 | case ILLEGAL_PARAMETER: |
70 | 0 | return "illegal_parameter"; |
71 | 0 | case UNKNOWN_CA: |
72 | 0 | return "unknown_ca"; |
73 | 0 | case ACCESS_DENIED: |
74 | 0 | return "access_denied"; |
75 | 0 | case DECODE_ERROR: |
76 | 0 | return "decode_error"; |
77 | 0 | case DECRYPT_ERROR: |
78 | 0 | return "decrypt_error"; |
79 | 0 | case EXPORT_RESTRICTION: |
80 | 0 | return "export_restriction"; |
81 | 0 | case PROTOCOL_VERSION: |
82 | 0 | return "protocol_version"; |
83 | 0 | case INSUFFICIENT_SECURITY: |
84 | 0 | return "insufficient_security"; |
85 | 0 | case INTERNAL_ERROR: |
86 | 0 | return "internal_error"; |
87 | 0 | case INAPPROPRIATE_FALLBACK: |
88 | 0 | return "inappropriate_fallback"; |
89 | 0 | case USER_CANCELED: |
90 | 0 | return "user_canceled"; |
91 | 0 | case NO_RENEGOTIATION: |
92 | 0 | return "no_renegotiation"; |
93 | | |
94 | 0 | case UNSUPPORTED_EXTENSION: |
95 | 0 | return "unsupported_extension"; |
96 | 0 | case CERTIFICATE_UNOBTAINABLE: |
97 | 0 | return "certificate_unobtainable"; |
98 | 0 | case UNRECOGNIZED_NAME: |
99 | 0 | return "unrecognized_name"; |
100 | 0 | case BAD_CERTIFICATE_STATUS_RESPONSE: |
101 | 0 | return "bad_certificate_status_response"; |
102 | 0 | case BAD_CERTIFICATE_HASH_VALUE: |
103 | 0 | return "bad_certificate_hash_value"; |
104 | 0 | case UNKNOWN_PSK_IDENTITY: |
105 | 0 | return "unknown_psk_identity"; |
106 | 0 | case CERTIFICATE_REQUIRED: |
107 | 0 | return "certificate_required"; |
108 | 0 | case NO_APPLICATION_PROTOCOL: |
109 | 0 | return "no_application_protocol"; |
110 | | |
111 | 0 | case NULL_ALERT: |
112 | 0 | return "none"; |
113 | 0 | } |
114 | | |
115 | | /* |
116 | | * This is effectively the default case for the switch above, but we |
117 | | * leave it out so that when an alert type is added to the enum the |
118 | | * compiler can warn us that it is not included in the switch |
119 | | * statement. |
120 | | */ |
121 | 0 | return "unrecognized_alert_" + std::to_string(type()); |
122 | 0 | } |
123 | | |
124 | | } |
125 | | |
126 | | } |