/src/botan/build/include/botan/tls_alert.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Alert Message |
3 | | * (C) 2004-2006,2011,2012 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #ifndef BOTAN_TLS_ALERT_H_ |
9 | | #define BOTAN_TLS_ALERT_H_ |
10 | | |
11 | | #include <botan/secmem.h> |
12 | | #include <string> |
13 | | |
14 | | namespace Botan { |
15 | | |
16 | | namespace TLS { |
17 | | |
18 | | /** |
19 | | * SSL/TLS Alert Message |
20 | | */ |
21 | | class BOTAN_PUBLIC_API(2,0) Alert final |
22 | | { |
23 | | public: |
24 | | /** |
25 | | * Type codes for TLS alerts |
26 | | */ |
27 | | enum Type { |
28 | | CLOSE_NOTIFY = 0, |
29 | | UNEXPECTED_MESSAGE = 10, |
30 | | BAD_RECORD_MAC = 20, |
31 | | DECRYPTION_FAILED = 21, |
32 | | RECORD_OVERFLOW = 22, |
33 | | DECOMPRESSION_FAILURE = 30, |
34 | | HANDSHAKE_FAILURE = 40, |
35 | | NO_CERTIFICATE = 41, // SSLv3 only |
36 | | BAD_CERTIFICATE = 42, |
37 | | UNSUPPORTED_CERTIFICATE = 43, |
38 | | CERTIFICATE_REVOKED = 44, |
39 | | CERTIFICATE_EXPIRED = 45, |
40 | | CERTIFICATE_UNKNOWN = 46, |
41 | | ILLEGAL_PARAMETER = 47, |
42 | | UNKNOWN_CA = 48, |
43 | | ACCESS_DENIED = 49, |
44 | | DECODE_ERROR = 50, |
45 | | DECRYPT_ERROR = 51, |
46 | | EXPORT_RESTRICTION = 60, |
47 | | PROTOCOL_VERSION = 70, |
48 | | INSUFFICIENT_SECURITY = 71, |
49 | | INTERNAL_ERROR = 80, |
50 | | INAPPROPRIATE_FALLBACK = 86, |
51 | | USER_CANCELED = 90, |
52 | | NO_RENEGOTIATION = 100, |
53 | | MISSING_EXTENSION = 109, // RFC 8446 |
54 | | UNSUPPORTED_EXTENSION = 110, |
55 | | CERTIFICATE_UNOBTAINABLE = 111, |
56 | | UNRECOGNIZED_NAME = 112, |
57 | | BAD_CERTIFICATE_STATUS_RESPONSE = 113, |
58 | | BAD_CERTIFICATE_HASH_VALUE = 114, |
59 | | UNKNOWN_PSK_IDENTITY = 115, |
60 | | CERTIFICATE_REQUIRED = 116, // RFC 8446 |
61 | | |
62 | | NO_APPLICATION_PROTOCOL = 120, // RFC 7301 |
63 | | |
64 | | // pseudo alert values |
65 | | NULL_ALERT = 256 |
66 | | }; |
67 | | |
68 | | /** |
69 | | * @return true iff this alert is non-empty |
70 | | */ |
71 | 6.46k | bool is_valid() const { return (m_type_code != NULL_ALERT); } |
72 | | |
73 | | /** |
74 | | * @return if this alert is a fatal one or not |
75 | | * |
76 | | * Note: |
77 | | * RFC 8446 6. |
78 | | * In TLS 1.3, the severity is implicit in the type of alert being sent, |
79 | | * and the "level" field can safely be ignored. |
80 | | * Everything is considered fatal except for USER_CANCELED and CLOSE_NOTIFY (RFC 8446 6.1) |
81 | | */ |
82 | 61.1k | bool is_fatal() const { return m_fatal; } |
83 | | |
84 | | /** |
85 | | * @return type of alert |
86 | | */ |
87 | 85.3k | Type type() const { return m_type_code; } |
88 | | |
89 | | /** |
90 | | * @return type of alert |
91 | | */ |
92 | | std::string type_string() const; |
93 | | |
94 | | /** |
95 | | * Serialize an alert |
96 | | */ |
97 | | std::vector<uint8_t> serialize() const; |
98 | | |
99 | | /** |
100 | | * Deserialize an Alert message |
101 | | * @param buf the serialized alert |
102 | | */ |
103 | | explicit Alert(const secure_vector<uint8_t>& buf); |
104 | | |
105 | | /** |
106 | | * Create a new Alert |
107 | | * @param type_code the type of alert |
108 | | * @param fatal specifies if this is a fatal alert |
109 | | */ |
110 | | Alert(Type type_code, bool fatal = false) : |
111 | 6.46k | m_fatal(fatal), m_type_code(type_code) {} |
112 | | |
113 | 0 | Alert() : m_fatal(false), m_type_code(NULL_ALERT) {} |
114 | | private: |
115 | | bool m_fatal; |
116 | | Type m_type_code; |
117 | | }; |
118 | | |
119 | | } |
120 | | |
121 | | } |
122 | | |
123 | | #endif |