RubyGems - packetgen - Versions diffs - 1.4.3 → 2.0.0 - Mend

packetgen 1.4.3 → 2.0.0

Files changed (35) hide show

checksums.yaml +4 -4
data/.travis.yml +3 -4
data/README.md +6 -6
data/lib/packetgen.rb +0 -1
data/lib/packetgen/capture.rb +15 -37
data/lib/packetgen/header.rb +6 -2
data/lib/packetgen/header/asn1_base.rb +86 -0
data/lib/packetgen/header/base.rb +68 -44
data/lib/packetgen/header/crypto.rb +62 -0
data/lib/packetgen/header/dns.rb +3 -3
data/lib/packetgen/header/dot11.rb +5 -0
data/lib/packetgen/header/esp.rb +7 -43
data/lib/packetgen/header/ike.rb +235 -0
data/lib/packetgen/header/ike/auth.rb +197 -0
data/lib/packetgen/header/ike/cert.rb +105 -0
data/lib/packetgen/header/ike/certreq.rb +69 -0
data/lib/packetgen/header/ike/id.rb +131 -0
data/lib/packetgen/header/ike/ke.rb +74 -0
data/lib/packetgen/header/ike/nonce.rb +35 -0
data/lib/packetgen/header/ike/notify.rb +220 -0
data/lib/packetgen/header/ike/payload.rb +307 -0
data/lib/packetgen/header/ike/sa.rb +577 -0
data/lib/packetgen/header/ike/sk.rb +255 -0
data/lib/packetgen/header/ike/ts.rb +287 -0
data/lib/packetgen/header/ike/vendor_id.rb +34 -0
data/lib/packetgen/header/ip.rb +4 -4
data/lib/packetgen/header/ipv6.rb +3 -3
data/lib/packetgen/header/snmp.rb +283 -0
data/lib/packetgen/header/tcp.rb +3 -3
data/lib/packetgen/inspect.rb +35 -9
data/lib/packetgen/packet.rb +23 -9
data/lib/packetgen/types/fields.rb +11 -3
data/lib/packetgen/version.rb +1 -1
data/packetgen.gemspec +2 -0
metadata +52 -2

data/lib/packetgen/header/ike/cert.rb ADDED Viewed

@@ -0,0 +1,105 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Certificate payloads.
+      #
+      # A Cert payload consists of the IKE generic payload header (see {Payload})
+      # and some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Cert Encoding |                                               |
+      #   +-+-+-+-+-+-+-+-+                                               +
+      #   |                                                               |
+      #   ~                       Certificate Data                        ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#encoding},
+      # * and {#content} (Certificate Data).
+      #
+      # == Create a Cert payload
+      #   # Create a IKE packet with a Cert payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Cert', encoding: 'X509_CERT_SIG')
+      #   certs = cert.to_der << ca_cert.to_der
+      #   pkt.ike_cert.content.read certs
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class Cert < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 37
+        ENCODING_PKCS7_WRAPPED_X509   = 1
+        ENCODING_PGP                  = 2
+        ENCODING_DNS_SIGNED_KEY       = 3
+        ENCODING_X509_CERT_SIG        = 4
+        ENCODING_KERBEROS_TOKEN       = 6
+        ENCODING_X509_CRL             = 7
+        ENCODING_X509_ARL             = 8
+        ENCODING_SPKI_CERT            = 9
+        ENCODING_X509_CERT_ATTR       = 10
+        ENCODING_HASH_URL_X509_CERT   = 12
+        ENCODING_HASH_URL_X509_BUNDLE = 13
+        # @attribute encoding
+        #   8-bit certificate encoding
+        #   @return [Integer]
+        define_field_before :content, :encoding, Types::Int8
+        def initialize(options={})
+          super
+          self.encoding = options[:encoding] if options[:encoding]
+        end
+        # Set encoding
+        # @param [Integer,String] value
+        # @return [Integer]
+        def encoding=(value)
+          encoding = case value
+               when Integer
+                 value
+               else
+                 c = self.class.constants.grep(/ENCODING_#{value}/).first
+                 c ? self.class.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown ID encoding #{value.inspect}" unless encoding
+          self[:encoding].value = encoding
+        end
+        # Get encoding name
+        # @return [String]
+        def human_encoding
+          name = self.class.constants.grep(/ENCODING_/).
+                 select { |c| self.class.const_get(c) == encoding }.
+                 first || "encoding #{encoding}"
+          name.to_s.sub(/ENCODING_/, '')
+        end
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            case attr
+            when :body
+              next
+            when :encoding
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
+                                          human_encoding]
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+      end
+    end
+    self.add_class IKE::Cert
+  end
+end

data/lib/packetgen/header/ike/certreq.rb ADDED Viewed

@@ -0,0 +1,69 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Certificate Request payloads.
+      #
+      # A CertReq payload consists of the IKE generic payload header (see {Payload})
+      # and some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Cert Encoding |                                               |
+      #   +-+-+-+-+-+-+-+-+                                               +
+      #   |                                                               |
+      #   ~                      Certification Authority                  ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#encoding},
+      # * and {#content} (Certification Authority).
+      #
+      # == Create a CertReq payload
+      #   # Create a IKE packet with a CertReq payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::CertReq', encoding: 'X509_CERT_SIG')
+      #   pkt.ike_certreq.content.read OpenSSL::Digest::SHA1.digest(ca_cert.to_der)
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class CertReq < Cert
+        # Payload type number
+        PAYLOAD_TYPE = 38
+        # Get list of 20-byte string (SHA-1 hashes)
+        # @return [String]
+        def human_content
+          strs = []
+          idx = 0
+          while idx < content.size do
+            strs << content[idx, 20]
+            idx += 20
+          end
+          strs.map(&:inspect).join(',')
+        end
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            case attr
+            when :body
+              next
+            when :content
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % ['hashes', :content, human_content]
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+      end
+    end
+    self.add_class IKE::CertReq
+  end
+end

data/lib/packetgen/header/ike/id.rb ADDED Viewed

@@ -0,0 +1,131 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Identification - Initiator payloads, denoted IDi
+      # (see RFC 7296, §3.5).
+      #
+      # A ID payload consists of the IKE generic payload header (see {Payload})
+      # and some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |   ID Type     |                 RESERVED                      |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                   Identification Data                         ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#type} (ID type),
+      # * {#reserved},
+      # * and {#content} (Identification Data).
+      #
+      # == Create a IDi payload
+      #   # Create a IKE packet with a IDi payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDi', type: 'FQDN')
+      #   pkt.ike_idi.content.read 'fqdn.example.org'
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class IDi < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 35
+        TYPE_IPV4_ADDR   = 1
+        TYPE_FQDN        = 2
+        TYPE_RFC822_ADDR = 3
+        TYPE_IPV6_ADDR   = 5
+        TYPE_DER_ASN1_DN = 9
+        TYPE_DER_ASN1_GN = 10
+        TYPE_KEY_ID      = 11
+        # @attribute :u32
+        #   32-bit word including ID Type and RESERVED fields
+        #   @return [Integer]
+        define_field_before :content, :u32, Types::Int32
+        # @attribute [r] type
+        #   8-bit ID type
+        #   @return [Integer]
+        # @attribute reserved
+        #   24-bit reserved field
+        #   @return [Integer]
+        define_bit_fields_on :u32, :type, 8, :reserved, 24
+        # Set ID type
+        # @param [Integer,String] value
+        # @return [Integer]
+        def type=(value)
+          type = case value
+               when Integer
+                 value
+               else
+                 c = self.class.constants.grep(/TYPE_#{value}/).first
+                 c ? self.class.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown ID type #{value.inspect}" unless type
+          self[:u32].value = (self[:u32].to_i & 0xffffff) | (type << 24)
+        end
+        # Get ID type name
+        # @return [String]
+        def human_type
+          name = self.class.constants.grep(/TYPE_/).
+                 select { |c| self.class.const_get(c) == type }.
+                 first || "type #{type}"
+          name.to_s.sub(/TYPE_/, '')
+        end
+        # Get human readable content, from {#type}
+        # @return [String]
+        def human_content
+          case type
+          when TYPE_IPV4_ADDR, TYPE_IPV4_ADDR
+            IPAddr.ntop(content)
+          when TYPE_DER_ASN1_DN, TYPE_DER_ASN1_GN
+            OpenSSL::X509::Name.new(content).to_s
+          else
+            content.inspect
+          end
+        end
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            case attr
+            when :body
+              next
+            when :u32
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % ['Int8', :type, human_type]
+              str << Inspect.inspect_attribute(:reserved, self.reserved, 2)
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+      end
+      # This class handles Identification - Responder payloads, denoted IDr.
+      # See {IDi}.
+      #
+      # == Create a IDr payload
+      #   # Create a IKE packet with a IDr payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDr', type: 'FQDN')
+      #   pkt.ike_idr.content.read 'fqdn.example.org'
+      # @author Sylvain Daubert
+      class IDr < IDi
+        # Payload type number
+        PAYLOAD_TYPE = 36
+      end
+    end
+    self.add_class IKE::IDi
+    self.add_class IKE::IDr
+  end
+end

data/lib/packetgen/header/ike/ke.rb ADDED Viewed

@@ -0,0 +1,74 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Key Exchange payloads, as defined in RFC 7296 §3.4
+      #
+      # A KE payload contains a generic payload header (see {Payload}) and some
+      # specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |   Diffie-Hellman Group Num    |           RESERVED            |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                       Key Exchange Data                       ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#group_num} (type {Types::Int16}),
+      # * {#reserved} (type {Types::Int16}),
+      # * and {#content} (type {Types::String}).
+      #
+      # == Create a KE payload
+      #   # Create a IKE packet with a KE payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE')
+      #   # group name is taken from Transform::DH_* constants
+      #   pkt.add('IKE::KE', group: 'MODP4096')
+      #   # group number may also be used
+      #   pkt.ike_ke.group = 1
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class KE < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 34
+        # @!attribute group_num
+        #  16-bit DH group number
+        #  @return [Integer]
+        define_field_before :content, :group_num, Types::Int16
+        # @!attribute reserved
+        #  16-bit reserved field
+        #  @return [Integer]
+        define_field_before :content, :reserved, Types::Int16, default: 0
+        def initialize(options={})
+          super
+          self.group = options[:group] if options[:group]
+        end
+        # Set group
+        # @param [Integer,String] value may be a String taken from
+        #   {Transform}+::DH_*+ constant names.
+        # @return [Integer]
+        def group=(value)
+          group = case value
+                  when Integer
+                    value
+                  else
+                    cname = "DH_#{value}"
+                    Transform.const_defined?(cname) ? Transform.const_get(cname) : nil
+                  end
+          raise ArgumentError, "unknown group #{value.inspect}" unless group
+          self[:group_num].value = group
+        end
+      end
+    end
+    self.add_class IKE::KE
+  end
+end

data/lib/packetgen/header/ike/nonce.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Nonce payloads, as defined in RFC 7296 §3.9.
+      #
+      # A Nonce payload contains a generic payload header (see {Payload}) and
+      # data field (type {Types::String}):
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                            Nonce Data                         ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #
+      # == Create a Nonce payload
+      #   # Create a IKE packet with a Nonce payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE')
+      #   pkt.add('IKE::Nonce', data: "abcdefgh")
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class Nonce < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 40
+      end
+    end
+    self.add_class IKE::Nonce
+  end
+end

data/lib/packetgen/header/ike/notify.rb ADDED Viewed

@@ -0,0 +1,220 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+      # This class handles Notify payloads, as defined in RFC 7296 §3.10.
+      #
+      # A Notify payload contains a generic payload header (see {Payload}) and
+      # some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |  Protocol ID  |   SPI Size    |      Notify Message Type      |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                Security Parameter Index (SPI)                 ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                       Notification Data                       ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#protocol} (type {Types::Int8}),
+      # * {#spi_size} (type {Types::Int8}),
+      # * {#message_type} (type {Types::Int16}),
+      # * {#spi} (type {Types::String}),
+      # * {#content} (type {Types::String}).
+      #
+      # == Create a Notify payload
+      #   # Create a IKE packet with a Notify payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Notify', protocol: 'IKE', type: 'INVALID_SYNTAX')
+      #   pkt.ike_notify.spi      # => ""
+      #   pkt.ike_notify.content  # => ""
+      #   pkt.calc_length
+      # == Create a Notify payload with a SPI
+      #   # Create a IKE packet with a Notify payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Notify', protocol: 'ESP', spi_size: 4, type: 'INVALID_SYNTAX')
+      #   pkt.ike_notify.spi.read PacketGen::Types::Int32.new(0x12345678).to_s
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class Notify < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 41
+        # Unsupported critical payload
+        TYPE_UNSUPPORTED_CRITICAL_PAYLOAD = 1
+        # Invalid IKE SPI
+        TYPE_INVALID_IKE_SPI = 4
+        # Invalid major version
+        TYPE_INVALID_MAJOR_VERSION = 5
+        # Invalid syntax
+        TYPE_INVALID_SYNTAX = 7
+        # Invalid message ID
+        TYPE_INVALID_MESSAGE_ID = 9
+        # Invalid SPI
+        TYPE_INVALID_SPI = 11
+        # No proposal chosen (none of the proposed crypto suites was acceptable)
+        TYPE_NO_PROPOSAL_CHOSEN = 14
+        # Invalid KE payload
+        TYPE_INVALID_KE_PAYLOAD = 17
+        # Authentication failed
+        TYPE_AUTHENTICATION_FAILED = 24
+        # Single pair required
+        TYPE_SINGLE_PAIR_REQUIRED = 34
+        # No additional SAs
+        TYPE_NO_ADDITIONAL_SAS = 35
+        # Internal address failture
+        TYPE_INTERNAL_ADDRESS_FAILURE = 36
+        # Failed CP required
+        TYPE_FAILED_CP_REQUIRED = 37
+        # traffic selectors unacceptable
+        TYPE_TS_UNACCEPTABLE  = 38
+        # invalid selectors
+        TYPE_INVALID_SELECTORS = 39
+        # Temporary failure
+        TYPE_TEMPORARY_FAILURE = 43
+        # Child SA not found
+        TYPE_CHILD_SA_NOT_FOUND = 44
+        # Initial contact
+        TYPE_INITIAL_CONTACT = 16384
+        # Set window size
+        TYPE_SET_WINDOW_SIZE = 16385
+        # Additional traffic selector possible
+        TYPE_ADDITIONAL_TS_POSSIBLE = 16386
+        # IPcomp supported
+        TYPE_IPCOMP_SUPPORTED = 16387
+        # NAT detection source IP
+        TYPE_NAT_DETECTION_SOURCE_IP = 16388
+        # NAT detection destination IP
+        TYPE_NAT_DETECTION_DESTINATION_IP = 16389
+        # Cookie
+        TYPE_COOKIE = 16390
+        # Use transport mode (tunnel mode is default)
+        TYPE_USE_TRANSPORT_MODE = 16391
+        # HTTP certificate look up supported
+        TYPE_HTTP_CERT_LOOKUP_SUPPORTED = 16392
+        # Rekey SA
+        TYPE_REKEY_SA = 16393
+        # ESP TFC paddin not supported
+        TYPE_ESP_TFC_PADDING_NOT_SUPPORTED = 16394
+        # Non-first fragment also
+        TYPE_NON_FIRST_FRAGMENTS_ALSO = 16395
+        # @!attribute [r] protocol
+        #  8-bit protocol ID. If this notification concerns an existing
+        #  SA whose SPI is given in the SPI field, this field indicates the
+        #  type of that SA.  For notifications concerning Child SAs, this
+        #  field MUST contain either (2) to indicate AH or (3) to indicate
+        #  ESP.  Of the notifications defined in this document, the SPI is
+        #  included only with INVALID_SELECTORS, REKEY_SA, and
+        #  CHILD_SA_NOT_FOUND.  If the SPI field is empty, this field MUST be
+        #  sent as zero and MUST be ignored on receipt.
+        #  @return [Integer]
+        define_field_before :content, :protocol, Types::Int8
+        # @!attribute spi_size
+        #  8-bit SPI size. Give size of SPI field. Length in octets of the SPI as
+        #  defined by the IPsec protocol ID or zero if no SPI is applicable. For a
+        #  notification concerning the IKE SA, the SPI Size MUST be zero and
+        #  the field must be empty.Set to 0 for an initial IKE SA
+        #  negotiation, as SPI is obtained from outer header.
+        #  @return [Integer]
+        define_field_before :content, :spi_size, Types::Int8, default: 0
+        # @!attribute message_type
+        #  16-bit notify message type. Specifies the type of notification message.
+        #  @return [Integer]
+        define_field_before :content, :message_type, Types::Int16
+        # @!attribute spi
+        #   the sending entity's SPI. When the {#spi_size} field is zero,
+        #   this field is not present in the proposal.
+        #   @return [String]
+        define_field_before :content, :spi, Types::String,
+                            builder: ->(t) { Types::String.new('', length_from: t[:spi_size]) }
+        alias type message_type
+        def initialize(options={})
+          if options[:spi] and options[:spi_size].nil?
+            options[:spi_size] = options[:spi].size
+          end
+          super
+          self.protocol = options[:protocol] if options[:protocol]
+          self.message_type = options[:message_type] if options[:message_type]
+          self.type = options[:type] if options[:type]
+        end
+        # Set protocol
+        # @param [Integer,String] value
+        # @return [Integer]
+        def protocol=(value)
+          proto = case value
+               when Integer
+                 value
+               else
+                 c = IKE.constants.grep(/PROTO_#{value}/).first
+                 c ? IKE.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown protocol #{value.inspect}" unless proto
+          self[:protocol].value = proto
+        end
+        # Set message type
+        # @param [Integer,String] value
+        # @return [Integer]
+        def message_type=(value)
+          type = case value
+               when Integer
+                 value
+               else
+                 c = self.class.constants.grep(/TYPE_#{value}/).first
+                 c ? self.class.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown message type #{value.inspect}" unless type
+          self[:message_type].value = type
+        end
+        alias type= message_type=
+        # Get protocol name
+        # @return [String]
+        def human_protocol
+          name = IKE.constants.grep(/PROTO/).
+                 select { |c| IKE.const_get(c) == protocol }.
+                 first || "proto #{protocol}"
+          name.to_s.sub(/PROTO_/, '')
+        end
+        # Get message type name
+        # @return [String]
+        def human_message_type
+          name = self.class.constants.grep(/TYPE_/).
+                 select { |c| self.class.const_get(c) == type }.
+                 first || "type #{type}"
+          name.to_s.sub(/TYPE_/, '')
+        end
+        alias human_type human_message_type
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            next if attr == :body
+            if %i(protocol message_type).include? attr
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
+                                          send("human_#{attr}")]
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+      end
+    end
+    self.add_class IKE::Nonce
+  end
+end