RubyGems - packetgen - Versions diffs - 1.4.3 → 2.0.0 - Mend

packetgen 1.4.3 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

checksums.yaml +4 -4
data/.travis.yml +3 -4
data/README.md +6 -6
data/lib/packetgen.rb +0 -1
data/lib/packetgen/capture.rb +15 -37
data/lib/packetgen/header.rb +6 -2
data/lib/packetgen/header/asn1_base.rb +86 -0
data/lib/packetgen/header/base.rb +68 -44
data/lib/packetgen/header/crypto.rb +62 -0
data/lib/packetgen/header/dns.rb +3 -3
data/lib/packetgen/header/dot11.rb +5 -0
data/lib/packetgen/header/esp.rb +7 -43
data/lib/packetgen/header/ike.rb +235 -0
data/lib/packetgen/header/ike/auth.rb +197 -0
data/lib/packetgen/header/ike/cert.rb +105 -0
data/lib/packetgen/header/ike/certreq.rb +69 -0
data/lib/packetgen/header/ike/id.rb +131 -0
data/lib/packetgen/header/ike/ke.rb +74 -0
data/lib/packetgen/header/ike/nonce.rb +35 -0
data/lib/packetgen/header/ike/notify.rb +220 -0
data/lib/packetgen/header/ike/payload.rb +307 -0
data/lib/packetgen/header/ike/sa.rb +577 -0
data/lib/packetgen/header/ike/sk.rb +255 -0
data/lib/packetgen/header/ike/ts.rb +287 -0
data/lib/packetgen/header/ike/vendor_id.rb +34 -0
data/lib/packetgen/header/ip.rb +4 -4
data/lib/packetgen/header/ipv6.rb +3 -3
data/lib/packetgen/header/snmp.rb +283 -0
data/lib/packetgen/header/tcp.rb +3 -3
data/lib/packetgen/inspect.rb +35 -9
data/lib/packetgen/packet.rb +23 -9
data/lib/packetgen/types/fields.rb +11 -3
data/lib/packetgen/version.rb +1 -1
data/packetgen.gemspec +2 -0
metadata +52 -2

data/lib/packetgen/header/ike/cert.rb ADDED Viewed

@@ -0,0 +1,105 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Certificate payloads.
+      #
+      # A Cert payload consists of the IKE generic payload header (see {Payload})
+      # and some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Cert Encoding |                                               |
+      #   +-+-+-+-+-+-+-+-+                                               +
+      #   |                                                               |
+      #   ~                       Certificate Data                        ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#encoding},
+      # * and {#content} (Certificate Data).
+      #
+      # == Create a Cert payload
+      #   # Create a IKE packet with a Cert payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Cert', encoding: 'X509_CERT_SIG')
+      #   certs = cert.to_der << ca_cert.to_der
+      #   pkt.ike_cert.content.read certs
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class Cert < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 37
+        ENCODING_PKCS7_WRAPPED_X509   = 1
+        ENCODING_PGP                  = 2
+        ENCODING_DNS_SIGNED_KEY       = 3
+        ENCODING_X509_CERT_SIG        = 4
+        ENCODING_KERBEROS_TOKEN       = 6
+        ENCODING_X509_CRL             = 7
+        ENCODING_X509_ARL             = 8
+        ENCODING_SPKI_CERT            = 9
+        ENCODING_X509_CERT_ATTR       = 10
+        ENCODING_HASH_URL_X509_CERT   = 12
+        ENCODING_HASH_URL_X509_BUNDLE = 13
+        # @attribute encoding
+        #   8-bit certificate encoding
+        #   @return [Integer]
+        define_field_before :content, :encoding, Types::Int8
+        def initialize(options={})
+          super
+          self.encoding = options[:encoding] if options[:encoding]
+        end
+        # Set encoding
+        # @param [Integer,String] value
+        # @return [Integer]
+        def encoding=(value)
+          encoding = case value
+               when Integer
+                 value
+               else
+                 c = self.class.constants.grep(/ENCODING_#{value}/).first
+                 c ? self.class.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown ID encoding #{value.inspect}" unless encoding
+          self[:encoding].value = encoding
+        end
+        # Get encoding name
+        # @return [String]
+        def human_encoding
+          name = self.class.constants.grep(/ENCODING_/).
+                 select { |c| self.class.const_get(c) == encoding }.
+                 first || "encoding #{encoding}"
+          name.to_s.sub(/ENCODING_/, '')
+        end
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            case attr
+            when :body
+              next
+            when :encoding
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
+                                          human_encoding]
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+      end
+    end
+    self.add_class IKE::Cert
+  end
+end

data/lib/packetgen/header/ike/certreq.rb ADDED Viewed

@@ -0,0 +1,69 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Certificate Request payloads.
+      #
+      # A CertReq payload consists of the IKE generic payload header (see {Payload})
+      # and some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Cert Encoding |                                               |
+      #   +-+-+-+-+-+-+-+-+                                               +
+      #   |                                                               |
+      #   ~                      Certification Authority                  ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#encoding},
+      # * and {#content} (Certification Authority).
+      #
+      # == Create a CertReq payload
+      #   # Create a IKE packet with a CertReq payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::CertReq', encoding: 'X509_CERT_SIG')
+      #   pkt.ike_certreq.content.read OpenSSL::Digest::SHA1.digest(ca_cert.to_der)
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class CertReq < Cert
+        # Payload type number
+        PAYLOAD_TYPE = 38
+        # Get list of 20-byte string (SHA-1 hashes)
+        # @return [String]
+        def human_content
+          strs = []
+          idx = 0
+          while idx < content.size do
+            strs << content[idx, 20]
+            idx += 20
+          end
+          strs.map(&:inspect).join(',')
+        end
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            case attr
+            when :body
+              next
+            when :content
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % ['hashes', :content, human_content]
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+      end
+    end
+    self.add_class IKE::CertReq
+  end
+end

data/lib/packetgen/header/ike/id.rb ADDED Viewed

@@ -0,0 +1,131 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Identification - Initiator payloads, denoted IDi
+      # (see RFC 7296, §3.5).
+      #
+      # A ID payload consists of the IKE generic payload header (see {Payload})
+      # and some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |   ID Type     |                 RESERVED                      |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                   Identification Data                         ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#type} (ID type),
+      # * {#reserved},
+      # * and {#content} (Identification Data).
+      #
+      # == Create a IDi payload
+      #   # Create a IKE packet with a IDi payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDi', type: 'FQDN')
+      #   pkt.ike_idi.content.read 'fqdn.example.org'
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class IDi < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 35
+        TYPE_IPV4_ADDR   = 1
+        TYPE_FQDN        = 2
+        TYPE_RFC822_ADDR = 3
+        TYPE_IPV6_ADDR   = 5
+        TYPE_DER_ASN1_DN = 9
+        TYPE_DER_ASN1_GN = 10
+        TYPE_KEY_ID      = 11
+        # @attribute :u32
+        #   32-bit word including ID Type and RESERVED fields
+        #   @return [Integer]
+        define_field_before :content, :u32, Types::Int32
+        # @attribute [r] type
+        #   8-bit ID type
+        #   @return [Integer]
+        # @attribute reserved
+        #   24-bit reserved field
+        #   @return [Integer]
+        define_bit_fields_on :u32, :type, 8, :reserved, 24
+        # Set ID type
+        # @param [Integer,String] value
+        # @return [Integer]
+        def type=(value)
+          type = case value
+               when Integer
+                 value
+               else
+                 c = self.class.constants.grep(/TYPE_#{value}/).first
+                 c ? self.class.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown ID type #{value.inspect}" unless type
+          self[:u32].value = (self[:u32].to_i & 0xffffff) | (type << 24)
+        end
+        # Get ID type name
+        # @return [String]
+        def human_type
+          name = self.class.constants.grep(/TYPE_/).
+                 select { |c| self.class.const_get(c) == type }.
+                 first || "type #{type}"
+          name.to_s.sub(/TYPE_/, '')
+        end
+        # Get human readable content, from {#type}
+        # @return [String]
+        def human_content
+          case type
+          when TYPE_IPV4_ADDR, TYPE_IPV4_ADDR
+            IPAddr.ntop(content)
+          when TYPE_DER_ASN1_DN, TYPE_DER_ASN1_GN
+            OpenSSL::X509::Name.new(content).to_s
+          else
+            content.inspect
+          end
+        end
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            case attr
+            when :body
+              next
+            when :u32
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % ['Int8', :type, human_type]
+              str << Inspect.inspect_attribute(:reserved, self.reserved, 2)
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+      end
+      # This class handles Identification - Responder payloads, denoted IDr.
+      # See {IDi}.
+      #
+      # == Create a IDr payload
+      #   # Create a IKE packet with a IDr payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDr', type: 'FQDN')
+      #   pkt.ike_idr.content.read 'fqdn.example.org'
+      # @author Sylvain Daubert
+      class IDr < IDi
+        # Payload type number
+        PAYLOAD_TYPE = 36
+      end
+    end
+    self.add_class IKE::IDi
+    self.add_class IKE::IDr
+  end
+end

data/lib/packetgen/header/ike/ke.rb ADDED Viewed

@@ -0,0 +1,74 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Key Exchange payloads, as defined in RFC 7296 §3.4
+      #
+      # A KE payload contains a generic payload header (see {Payload}) and some
+      # specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |   Diffie-Hellman Group Num    |           RESERVED            |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                       Key Exchange Data                       ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#group_num} (type {Types::Int16}),
+      # * {#reserved} (type {Types::Int16}),
+      # * and {#content} (type {Types::String}).
+      #
+      # == Create a KE payload
+      #   # Create a IKE packet with a KE payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE')
+      #   # group name is taken from Transform::DH_* constants
+      #   pkt.add('IKE::KE', group: 'MODP4096')
+      #   # group number may also be used
+      #   pkt.ike_ke.group = 1
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class KE < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 34
+        # @!attribute group_num
+        #  16-bit DH group number
+        #  @return [Integer]
+        define_field_before :content, :group_num, Types::Int16
+        # @!attribute reserved
+        #  16-bit reserved field
+        #  @return [Integer]
+        define_field_before :content, :reserved, Types::Int16, default: 0
+        def initialize(options={})
+          super
+          self.group = options[:group] if options[:group]
+        end
+        # Set group
+        # @param [Integer,String] value may be a String taken from
+        #   {Transform}+::DH_*+ constant names.
+        # @return [Integer]
+        def group=(value)
+          group = case value
+                  when Integer
+                    value
+                  else
+                    cname = "DH_#{value}"
+                    Transform.const_defined?(cname) ? Transform.const_get(cname) : nil
+                  end
+          raise ArgumentError, "unknown group #{value.inspect}" unless group
+          self[:group_num].value = group
+        end
+      end
+    end
+    self.add_class IKE::KE
+  end
+end

data/lib/packetgen/header/ike/nonce.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Nonce payloads, as defined in RFC 7296 §3.9.
+      #
+      # A Nonce payload contains a generic payload header (see {Payload}) and
+      # data field (type {Types::String}):
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                            Nonce Data                         ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #
+      # == Create a Nonce payload
+      #   # Create a IKE packet with a Nonce payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE')
+      #   pkt.add('IKE::Nonce', data: "abcdefgh")
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class Nonce < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 40
+      end
+    end
+    self.add_class IKE::Nonce
+  end
+end

data/lib/packetgen/header/ike/notify.rb ADDED Viewed

@@ -0,0 +1,220 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Notify payloads, as defined in RFC 7296 §3.10.
+      #
+      # A Notify payload contains a generic payload header (see {Payload}) and
+      # some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |  Protocol ID  |   SPI Size    |      Notify Message Type      |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                Security Parameter Index (SPI)                 ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                       Notification Data                       ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#protocol} (type {Types::Int8}),
+      # * {#spi_size} (type {Types::Int8}),
+      # * {#message_type} (type {Types::Int16}),
+      # * {#spi} (type {Types::String}),
+      # * {#content} (type {Types::String}).
+      #
+      # == Create a Notify payload
+      #   # Create a IKE packet with a Notify payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Notify', protocol: 'IKE', type: 'INVALID_SYNTAX')
+      #   pkt.ike_notify.spi      # => ""
+      #   pkt.ike_notify.content  # => ""
+      #   pkt.calc_length
+      # == Create a Notify payload with a SPI
+      #   # Create a IKE packet with a Notify payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Notify', protocol: 'ESP', spi_size: 4, type: 'INVALID_SYNTAX')
+      #   pkt.ike_notify.spi.read PacketGen::Types::Int32.new(0x12345678).to_s
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class Notify < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 41
+        # Unsupported critical payload
+        TYPE_UNSUPPORTED_CRITICAL_PAYLOAD = 1
+        # Invalid IKE SPI
+        TYPE_INVALID_IKE_SPI = 4
+        # Invalid major version
+        TYPE_INVALID_MAJOR_VERSION = 5
+        # Invalid syntax
+        TYPE_INVALID_SYNTAX = 7
+        # Invalid message ID
+        TYPE_INVALID_MESSAGE_ID = 9
+        # Invalid SPI
+        TYPE_INVALID_SPI = 11
+        # No proposal chosen (none of the proposed crypto suites was acceptable)
+        TYPE_NO_PROPOSAL_CHOSEN = 14
+        # Invalid KE payload
+        TYPE_INVALID_KE_PAYLOAD = 17
+        # Authentication failed
+        TYPE_AUTHENTICATION_FAILED = 24
+        # Single pair required
+        TYPE_SINGLE_PAIR_REQUIRED = 34
+        # No additional SAs
+        TYPE_NO_ADDITIONAL_SAS = 35
+        # Internal address failture
+        TYPE_INTERNAL_ADDRESS_FAILURE = 36
+        # Failed CP required
+        TYPE_FAILED_CP_REQUIRED = 37
+        # traffic selectors unacceptable
+        TYPE_TS_UNACCEPTABLE  = 38
+        # invalid selectors
+        TYPE_INVALID_SELECTORS = 39
+        # Temporary failure
+        TYPE_TEMPORARY_FAILURE = 43
+        # Child SA not found
+        TYPE_CHILD_SA_NOT_FOUND = 44
+        # Initial contact
+        TYPE_INITIAL_CONTACT = 16384
+        # Set window size
+        TYPE_SET_WINDOW_SIZE = 16385
+        # Additional traffic selector possible
+        TYPE_ADDITIONAL_TS_POSSIBLE = 16386
+        # IPcomp supported
+        TYPE_IPCOMP_SUPPORTED = 16387
+        # NAT detection source IP
+        TYPE_NAT_DETECTION_SOURCE_IP = 16388
+        # NAT detection destination IP
+        TYPE_NAT_DETECTION_DESTINATION_IP = 16389
+        # Cookie
+        TYPE_COOKIE = 16390
+        # Use transport mode (tunnel mode is default)
+        TYPE_USE_TRANSPORT_MODE = 16391
+        # HTTP certificate look up supported
+        TYPE_HTTP_CERT_LOOKUP_SUPPORTED = 16392
+        # Rekey SA
+        TYPE_REKEY_SA = 16393
+        # ESP TFC paddin not supported
+        TYPE_ESP_TFC_PADDING_NOT_SUPPORTED = 16394
+        # Non-first fragment also
+        TYPE_NON_FIRST_FRAGMENTS_ALSO = 16395
+        # @!attribute [r] protocol
+        #  8-bit protocol ID. If this notification concerns an existing
+        #  SA whose SPI is given in the SPI field, this field indicates the
+        #  type of that SA.  For notifications concerning Child SAs, this
+        #  field MUST contain either (2) to indicate AH or (3) to indicate
+        #  ESP.  Of the notifications defined in this document, the SPI is
+        #  included only with INVALID_SELECTORS, REKEY_SA, and
+        #  CHILD_SA_NOT_FOUND.  If the SPI field is empty, this field MUST be
+        #  sent as zero and MUST be ignored on receipt.
+        #  @return [Integer]
+        define_field_before :content, :protocol, Types::Int8
+        # @!attribute spi_size
+        #  8-bit SPI size. Give size of SPI field. Length in octets of the SPI as
+        #  defined by the IPsec protocol ID or zero if no SPI is applicable. For a
+        #  notification concerning the IKE SA, the SPI Size MUST be zero and
+        #  the field must be empty.Set to 0 for an initial IKE SA
+        #  negotiation, as SPI is obtained from outer header.
+        #  @return [Integer]
+        define_field_before :content, :spi_size, Types::Int8, default: 0
+        # @!attribute message_type
+        #  16-bit notify message type. Specifies the type of notification message.
+        #  @return [Integer]
+        define_field_before :content, :message_type, Types::Int16
+        # @!attribute spi
+        #   the sending entity's SPI. When the {#spi_size} field is zero,
+        #   this field is not present in the proposal.
+        #   @return [String]
+        define_field_before :content, :spi, Types::String,
+                            builder: ->(t) { Types::String.new('', length_from: t[:spi_size]) }
+        alias type message_type
+        def initialize(options={})
+          if options[:spi] and options[:spi_size].nil?
+            options[:spi_size] = options[:spi].size
+          end
+          super
+          self.protocol = options[:protocol] if options[:protocol]
+          self.message_type = options[:message_type] if options[:message_type]
+          self.type = options[:type] if options[:type]
+        end
+        # Set protocol
+        # @param [Integer,String] value
+        # @return [Integer]
+        def protocol=(value)
+          proto = case value
+               when Integer
+                 value
+               else
+                 c = IKE.constants.grep(/PROTO_#{value}/).first
+                 c ? IKE.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown protocol #{value.inspect}" unless proto
+          self[:protocol].value = proto
+        end
+        # Set message type
+        # @param [Integer,String] value
+        # @return [Integer]
+        def message_type=(value)
+          type = case value
+               when Integer
+                 value
+               else
+                 c = self.class.constants.grep(/TYPE_#{value}/).first
+                 c ? self.class.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown message type #{value.inspect}" unless type
+          self[:message_type].value = type
+        end
+        alias type= message_type=
+        # Get protocol name
+        # @return [String]
+        def human_protocol
+          name = IKE.constants.grep(/PROTO/).
+                 select { |c| IKE.const_get(c) == protocol }.
+                 first || "proto #{protocol}"
+          name.to_s.sub(/PROTO_/, '')
+        end
+        # Get message type name
+        # @return [String]
+        def human_message_type
+          name = self.class.constants.grep(/TYPE_/).
+                 select { |c| self.class.const_get(c) == type }.
+                 first || "type #{type}"
+          name.to_s.sub(/TYPE_/, '')
+        end
+        alias human_type human_message_type
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            next if attr == :body
+            if %i(protocol message_type).include? attr
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
+                                          send("human_#{attr}")]
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+      end
+    end
+    self.add_class IKE::Nonce
+  end
+end