RubyGems - packetgen - Versions diffs - 2.8.7 → 3.0.0 - Mend

packetgen 2.8.7 → 3.0.0

Files changed (89) hide show

checksums.yaml +4 -4
data/.rubocop.yml +0 -1
data/README.md +5 -4
data/lib/packetgen.rb +6 -12
data/lib/packetgen/capture.rb +43 -39
data/lib/packetgen/config.rb +0 -1
data/lib/packetgen/deprecation.rb +1 -1
data/lib/packetgen/header.rb +9 -9
data/lib/packetgen/header/asn1_base.rb +10 -10
data/lib/packetgen/header/base.rb +42 -101
data/lib/packetgen/header/dhcp/option.rb +5 -11
data/lib/packetgen/header/dhcpv6/duid.rb +2 -0
data/lib/packetgen/header/dhcpv6/option.rb +2 -19
data/lib/packetgen/header/dhcpv6/options.rb +7 -0
data/lib/packetgen/header/dns.rb +5 -23
data/lib/packetgen/header/dns/name.rb +1 -0
data/lib/packetgen/header/dns/qdsection.rb +1 -0
data/lib/packetgen/header/dns/question.rb +3 -7
data/lib/packetgen/header/dns/rr.rb +3 -0
data/lib/packetgen/header/dns/rrsection.rb +1 -0
data/lib/packetgen/header/dot11.rb +1 -17
data/lib/packetgen/header/dot1x.rb +1 -0
data/lib/packetgen/header/eap.rb +4 -7
data/lib/packetgen/header/eth.rb +2 -0
data/lib/packetgen/header/http/headers.rb +3 -0
data/lib/packetgen/header/http/request.rb +5 -4
data/lib/packetgen/header/http/response.rb +5 -4
data/lib/packetgen/header/icmp.rb +6 -0
data/lib/packetgen/header/icmpv6.rb +6 -0
data/lib/packetgen/header/igmpv3/mq.rb +2 -0
data/lib/packetgen/header/ip.rb +32 -30
data/lib/packetgen/header/ip/addr.rb +1 -0
data/lib/packetgen/header/ip/option.rb +23 -20
data/lib/packetgen/header/ip/options.rb +11 -24
data/lib/packetgen/header/ipv6.rb +45 -34
data/lib/packetgen/header/ipv6/addr.rb +2 -0
data/lib/packetgen/header/ipv6/hop_by_hop.rb +7 -31
data/lib/packetgen/header/mdns.rb +1 -0
data/lib/packetgen/header/mldv2/mlq.rb +2 -0
data/lib/packetgen/header/ospfv2/lsa.rb +15 -25
data/lib/packetgen/header/ospfv3/ipv6_prefix.rb +1 -1
data/lib/packetgen/header/ospfv3/lsa.rb +8 -25
data/lib/packetgen/header/snmp.rb +2 -0
data/lib/packetgen/header/tcp.rb +23 -2
data/lib/packetgen/header/tcp/option.rb +51 -52
data/lib/packetgen/header/tcp/options.rb +17 -52
data/lib/packetgen/header/tftp.rb +3 -0
data/lib/packetgen/header/udp.rb +8 -0
data/lib/packetgen/packet.rb +119 -102
data/lib/packetgen/pcapng/block.rb +4 -10
data/lib/packetgen/pcapng/epb.rb +4 -4
data/lib/packetgen/pcapng/file.rb +7 -3
data/lib/packetgen/pcapng/idb.rb +2 -2
data/lib/packetgen/pcapng/shb.rb +3 -3
data/lib/packetgen/pcapng/spb.rb +1 -8
data/lib/packetgen/pcapng/unknown_block.rb +0 -7
data/lib/packetgen/types.rb +1 -0
data/lib/packetgen/types/array.rb +73 -71
data/lib/packetgen/types/cstring.rb +1 -1
data/lib/packetgen/types/enum.rb +3 -3
data/lib/packetgen/types/fields.rb +66 -106
data/lib/packetgen/types/int.rb +9 -5
data/lib/packetgen/types/length_from.rb +45 -0
data/lib/packetgen/types/oui.rb +2 -0
data/lib/packetgen/types/string.rb +10 -16
data/lib/packetgen/types/tlv.rb +7 -15
data/lib/packetgen/utils.rb +8 -8
data/lib/packetgen/utils/arp_spoofer.rb +1 -2
data/lib/packetgen/version.rb +1 -1
metadata +3 -21
data/lib/packetgen/header/crypto.rb +0 -62
data/lib/packetgen/header/esp.rb +0 -413
data/lib/packetgen/header/ike.rb +0 -243
data/lib/packetgen/header/ike/auth.rb +0 -165
data/lib/packetgen/header/ike/cert.rb +0 -76
data/lib/packetgen/header/ike/certreq.rb +0 -66
data/lib/packetgen/header/ike/id.rb +0 -99
data/lib/packetgen/header/ike/ke.rb +0 -79
data/lib/packetgen/header/ike/nonce.rb +0 -40
data/lib/packetgen/header/ike/notify.rb +0 -176
data/lib/packetgen/header/ike/payload.rb +0 -315
data/lib/packetgen/header/ike/sa.rb +0 -561
data/lib/packetgen/header/ike/sk.rb +0 -261
data/lib/packetgen/header/ike/ts.rb +0 -270
data/lib/packetgen/header/ike/vendor_id.rb +0 -39
data/lib/packetgen/header/netbios.rb +0 -20
data/lib/packetgen/header/netbios/datagram.rb +0 -105
data/lib/packetgen/header/netbios/name.rb +0 -67
data/lib/packetgen/header/netbios/session.rb +0 -64

data/lib/packetgen/header/ike.rb DELETED Viewed

@@ -1,243 +0,0 @@
-# This file is part of PacketGen
-# See https://github.com/sdaubert/packetgen for more informations
-# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
-# This program is published under MIT license.
-# frozen_string_literal: true
-module PacketGen
-  module Header
-    # This class handles a pseudo-header used to differentiate ESP from IKE headers
-    # in a UDP datagram with port 4500.
-    # @author Sylvain Daubert
-    # @since 2.0.0
-    class NonESPMarker < Base
-      # @!attribute non_esp_marker
-      #  32-bit zero marker to differentiate IKE packet over UDP port 4500 from ESP ones
-      #  @return [Integer]
-      define_field :non_esp_marker, Types::Int32, default: 0
-      # @!attribute body
-      #  @return [Types::String,Header::Base]
-      define_field :body, Types::String
-      # Check non_esp_marker field
-      # @see [Base#parse?]
-      def parse?
-        non_esp_marker.zero?
-      end
-    end
-    # IKE is the Internet Key Exchange protocol (RFC 7296). Ony IKEv2 is supported.
-    #
-    # A IKE header consists of a header, and a set of payloads. This class
-    # handles IKE header. For payloads, see {IKE::Payload}.
-    #
-    # == IKE header
-    # The format of a IKE header is shown below:
-    #                       1                   2                   3
-    #   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |                       IKE SA Initiator's SPI                  |
-    #  |                                                               |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |                       IKE SA Responder's SPI                  |
-    #  |                                                               |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |  Next Payload | MjVer | MnVer | Exchange Type |     Flags     |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |                          Message ID                           |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |                            Length                             |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    # A IKE header consists of:
-    # * a IKE SA initiator SPI ({#init_spi}, {Types::Int64} type),
-    # * a IKE SA responder SPI ({#resp_spi}, {Types::Int64} type),
-    # * a Next Payload field ({#next}, {Types::Int8} type),
-    # * a Version field ({#version}, {Types::Int8} type, with first 4-bit field
-    #   as major number, and last 4-bit field as minor number),
-    # * a Exchange type ({#exchange_type}, {Types::Int8} type),
-    # * a {#flags} field ({Types::Int8} type),
-    # * a Message ID ({#message_id}, {Types::Int32} type),
-    # * and a {#length} ({Types::Int32} type).
-    #
-    # == Create a IKE header
-    # === Standalone
-    #   ike = PacketGen::Header::IKE.new
-    # === Classical IKE packet
-    #   pkt = PacketGen.gen('IP').add('UDP').add('IKE')
-    #   # access to IKE header
-    #   pkt.ike    # => PacketGen::Header::IKE
-    # === NAT-T IKE packet
-    #   # NonESPMarker is used to insert a 32-bit null field between UDP header
-    #   # and IKE one to differentiate it from ESP-in-UDP (see RFC 3948)
-    #   pkt = PacketGen.gen('IP').add('UDP').add('NonESPMarker').add('IKE)
-    # @author Sylvain Daubert
-    # @since 2.0.0
-    class IKE < Base
-      # Classical well-known UDP port for IKE
-      UDP_PORT1 = 500
-      # Well-known UDP port for IKE when NAT is detected
-      UDP_PORT2 = 4500
-      PROTO_IKE = 1
-      PROTO_AH  = 2
-      PROTO_ESP = 3
-      EXCHANGE_TYPES = {
-        'IKE_SA_INIT'     => 34,
-        'IKE_AUTH'        => 35,
-        'CREATE_CHILD_SA' => 36,
-        'INFORMATIONAL'   => 37
-      }.freeze
-      # @!attribute init_spi
-      #  64-bit initiator SPI
-      #  @return [Integer]
-      define_field :init_spi, Types::Int64
-      # @!attribute resp_spi
-      #  64-bit responder SPI
-      #  @return [Integer]
-      define_field :resp_spi, Types::Int64
-      # @!attribute next
-      #  8-bit next payload type
-      #  @return [Integer]
-      define_field :next, Types::Int8
-      # @!attribute version
-      #  8-bit IKE version
-      #  @return [Integer]
-      define_field :version, Types::Int8, default: 0x20
-      # @!attribute [r] exchange_type
-      #  8-bit exchange type
-      #  @return [Integer]
-      define_field :exchange_type, Types::Int8Enum, enum: EXCHANGE_TYPES
-      # @!attribute flags
-      #  8-bit flags
-      #  @return [Integer]
-      define_field :flags, Types::Int8
-      # @!attribute message_id
-      #  32-bit message ID
-      #  @return [Integer]
-      define_field :message_id, Types::Int32
-      # @!attribute length
-      #  32-bit length of total message (header + payloads)
-      #  @return [Integer]
-      define_field :length, Types::Int32
-      # Defining a body permits using Packet#parse to parse IKE payloads.
-      # But this method is hidden as prefered way to access payloads is via #payloads
-      define_field :body, Types::String
-      # @!attribute mjver
-      #  4-bit major version value
-      #  @return [Integer]
-      # @!attribute mnver
-      #  4-bit minor version value
-      #  @return [Integer]
-      define_bit_fields_on :version, :mjver, 4, :mnver, 4
-      # @!attribute rsv1
-      #  @return [Integer]
-      # @!attribute rsv2
-      #  @return [Integer]
-      # @!attribute flag_i
-      #  bit set in message sent by the original initiator
-      #  @return [Boolean]
-      # @!attribute flag_r
-      #  indicate this message is a response to a message containing the same Message ID
-      #  @return [Boolean]
-      # @!attribute flag_v
-      #  version flag. Ignored by IKEv2 peers, and should be set to 0
-      #  @return [Boolean]
-      define_bit_fields_on :flags, :rsv1, 2, :flag_r, :flag_v, :flag_i, :rsv2, 3
-      # @param [Hash] options
-      # @see Base#initialize
-      def initialize(options={})
-        super
-        calc_length unless options[:length]
-        self.type = options[:type] if options[:type]
-        self.type = options[:exchange_type] if options[:exchange_type]
-      end
-      alias type exchange_type
-      alias type= exchange_type=
-      # Get exchange type name
-      # @return [String
-      def human_exchange_type
-        self[:exchange_type].to_human
-      end
-      alias human_type human_exchange_type
-      # Calculate length field
-      # @return [Integer]
-      def calc_length
-        Base.calculate_and_set_length self
-      end
-      # IKE payloads
-      # @return [Array<Payload>]
-      def payloads
-        payloads = []
-        body = self.body
-        while body.is_a?(Payload)
-          payloads << body
-          body = body.body
-        end
-        payloads
-      end
-      # @return [String]
-      def inspect
-        super do |attr|
-          case attr
-          when :flags
-            str_flags = ''.dup
-            %w[r v i].each do |flag|
-              str_flags << (send("flag_#{flag}?") ? flag.upcase : '.')
-            end
-            str = Inspect.shift_level
-            str << Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
-                                        str_flags]
-          end
-        end
-      end
-      # Toggle +I+ and +R+ flags.
-      # @return [self]
-      def reply!
-        self.flag_r = !self.flag_r?
-        self.flag_i = !self.flag_i?
-        self
-      end
-      # @api private
-      # @note This method is used internally by PacketGen and should not be
-      #       directly called
-      # @param [Packet] packet
-      # @return [void]
-      # @since 2.7.0 Set UDP sport according to bindings, only if sport is 0.
-      #  Needed by new bind API.
-      def added_to_packet(packet)
-        return unless packet.is? 'UDP'
-        return unless packet.udp.sport.zero?
-        packet.udp.sport = if packet.is?('NonESPMarker')
-                             UDP_PORT2
-                           else
-                             UDP_PORT1
-                           end
-      end
-    end
-    self.add_class IKE
-    self.add_class NonESPMarker
-    UDP.bind IKE, dport: IKE::UDP_PORT1
-    UDP.bind IKE, sport: IKE::UDP_PORT1
-    UDP.bind NonESPMarker, dport: IKE::UDP_PORT2
-    UDP.bind NonESPMarker, sport: IKE::UDP_PORT2
-    NonESPMarker.bind IKE
-  end
-end
-require_relative 'ike/payload'

data/lib/packetgen/header/ike/auth.rb DELETED Viewed

@@ -1,165 +0,0 @@
-# coding: utf-8
-# This file is part of PacketGen
-# See https://github.com/sdaubert/packetgen for more informations
-# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
-# This program is published under MIT license.
-# frozen_string_literal: true
-module PacketGen
-  module Header
-    class IKE
-      # This class handles Authentication payloads.
-      #
-      # A AUTH payload consists of the IKE generic payload header (see {Payload})
-      # and some specific fields:
-      #                        1                   2                   3
-      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Auth Method   |                RESERVED                       |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |                                                               |
-      #   ~                      Authentication Data                      ~
-      #   |                                                               |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      # These specific fields are:
-      # * {#type} (ID type),
-      # * {#reserved},
-      # * and {#content} (Identification Data).
-      #
-      # == Create a KE payload
-      #   # create a IKE packet with a Auth payload
-      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Auth', method: 'SHARED_KEY')
-      #   pkt.calc_length
-      # @author Sylvain Daubert
-      class Auth < Payload
-        # Payload type number
-        PAYLOAD_TYPE = 39
-        METHODS = {
-          'RSA_SIGNATURE'     => 1,
-          'SHARED_KEY'        => 2,
-          'DSA_SIGNATURE'     => 3,
-          'ECDSA256'          => 9,
-          'ECDSA384'          => 10,
-          'ECDSA512'          => 11,
-          'PASSWORD'          => 12,
-          'NULL'              => 13,
-          'DIGITAL_SIGNATURE' => 14
-        }.freeze
-        # @attribute [r] method
-        #   8-bit Auth Method
-        #   @return [Integer]
-        define_field_before :content, :method, Types::Int8Enum, enum: METHODS
-        # @attribute reserved
-        #   24-bit reserved field
-        #   @return [Integer]
-        define_field_before :content, :reserved, Types::Int24
-        # Check authentication (see RFC 7296 §2.15)
-        # @param [Packet] init_msg first IKE message sent by peer
-        # @param [String] nonce my nonce, sent in first message
-        # @param [String] sk_p secret key used to compute prf(SK_px, IDx')
-        # @param [Integer] prf PRF type to use (see {Transform}+::PRF_*+ constants)
-        # @param [String] shared_secret shared secret to use as PSK (shared secret
-        #    method only)
-        # @param [OpenSSL::X509::Certificate] cert certificate to check AUTH signature,
-        #   if not embedded in IKE message
-        # @return [Boolean]
-        # @note For now, only NULL, SHARED_KEY and RSA, DSA and ECDSA signatures are
-        #   supported.
-        # @note For certificates, only check AUTH authenticity with given (or guessed
-        #   from packet) certificate, but certificate chain is not verified.
-        def check?(init_msg: nil, nonce: '', sk_p: '', prf: 1, shared_secret: '',
-                   cert: nil)
-          raise TypeError, 'init_msg should be a Packet' unless init_msg.is_a?(Packet)
-          signed_octets = init_msg.ike.to_s
-          signed_octets << nonce
-          id = packet.ike.flag_i? ? packet.ike_idi : packet.ike_idr
-          signed_octets << prf(prf, sk_p, id.to_s[4, id.length - 4])
-          case method
-          when METHODS['SHARED_KEY']
-            auth  = prf(prf(shared_secret, 'Key Pad for IKEv2'), signed_octets)
-            auth == content
-          when METHODS['RSA_SIGNATURE'], METHODS['ECDSA256'], METHODS['ECDSA384'],
-               METHODS['ECDSA512']
-            if packet.ike_cert
-              # FIXME: Expect a ENCODING_X509_CERT_SIG
-              #        Others types not supported for now...
-              cert = OpenSSL::X509::Certificate.new(packet.ike_cert.content)
-            elsif cert.nil?
-              raise CryptoError, 'a certificate should be provided'
-            end
-            text = cert.to_text
-            m = text.match(/Public Key Algorithm: ([a-zA-Z0-9-]+)/)
-            digest = case m[1]
-                     when 'id-ecPublicKey'
-                       m2 = text.match(/Public-Key: \((\d+) bit\)/)
-                       case m2[1]
-                       when '256'
-                         OpenSSL::Digest::SHA256.new
-                       when '384'
-                         OpenSSL::Digest::SHA384.new
-                       when '521'
-                         OpenSSL::Digest::SHA512.new
-                       end
-                     when /sha([235]\d+)/
-                       OpenSSL::Digest.const_get("SHA#{$1}").new
-                     when /sha1/, 'rsaEncryption'
-                       OpenSSL::Digest::SHA1.new
-                     end
-            signature = format_signature(cert.public_key, content.to_s)
-            cert.public_key.verify(digest, signature, signed_octets)
-          when METHOD_NULL
-            true
-          else
-            raise NotImplementedError, "unsupported method #{human_method}"
-          end
-        end
-        # Get authentication method name
-        # @return [String]
-        def human_method
-          self[:method].to_human
-        end
-        private
-        def prf(type, key, msg)
-          case type
-          when Transform::PRF_HMAC_MD5, Transform::PRF_HMAC_SHA1,
-               Transform::PRF_HMAC_SHA2_256, Transform::PRF_HMAC_SHA2_384,
-               Transform::PRF_HMAC_SHA2_512
-            digestname = Transform.constants.grep(/PRF_/)
-                                  .detect { |c| Transform.const_get(c) == type }
-                                  .to_s.sub(/^PRF_HMAC_/, '').sub(/2_/, '')
-            digest = OpenSSL::Digest.const_get(digestname).new
-          else
-            raise NotImplementedError, 'for now, only HMAC-based PRF are supported'
-          end
-          hmac = OpenSSL::HMAC.new(key, digest)
-          hmac << msg
-          hmac.digest
-        end
-        def format_signature(pkey, sig)
-          if pkey.is_a?(OpenSSL::PKey::EC)
-            # PKey::EC need a signature as a DER string representing a sequence of
-            # 2 integers: r and s
-            r = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sig[0, sig.size / 2], 2).to_i)
-            s = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sig[sig.size / 2,
-                                                               sig.size / 2], 2).to_i)
-            OpenSSL::ASN1::Sequence.new([r, s]).to_der
-          else
-            sig
-          end
-        end
-      end
-    end
-  end
-end

data/lib/packetgen/header/ike/cert.rb DELETED Viewed

@@ -1,76 +0,0 @@
-# coding: utf-8
-# This file is part of PacketGen
-# See https://github.com/sdaubert/packetgen for more informations
-# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
-# This program is published under MIT license.
-# frozen_string_literal: true
-module PacketGen
-  module Header
-    class IKE
-      # This class handles Certificate payloads.
-      #
-      # A Cert payload consists of the IKE generic payload header (see {Payload})
-      # and some specific fields:
-      #                        1                   2                   3
-      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Cert Encoding |                                               |
-      #   +-+-+-+-+-+-+-+-+                                               +
-      #   |                                                               |
-      #   ~                       Certificate Data                        ~
-      #   |                                                               |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      # These specific fields are:
-      # * {#encoding},
-      # * and {#content} (Certificate Data).
-      #
-      # == Create a Cert payload
-      #   # Create a IKE packet with a Cert payload
-      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Cert', encoding: 'X509_CERT_SIG')
-      #   certs = cert.to_der << ca_cert.to_der
-      #   pkt.ike_cert.content.read certs
-      #   pkt.calc_length
-      # @author Sylvain Daubert
-      class Cert < Payload
-        # Payload type number
-        PAYLOAD_TYPE = 37
-        ENCODINGS = {
-          'PKCS7_WRAPPED_X509'   => 1,
-          'PGP'                  => 2,
-          'DNS_SIGNED_KEY'       => 3,
-          'X509_CERT_SIG'        => 4,
-          'KERBEROS_TOKEN'       => 6,
-          'X509_CRL'             => 7,
-          'X509_ARL'             => 8,
-          'SPKI_CERT'            => 9,
-          'X509_CERT_ATTR'       => 10,
-          'HASH_URL_X509_CERT'   => 12,
-          'HASH_URL_X509_BUNDLE' => 13
-        }.freeze
-        # @attribute encoding
-        #   8-bit certificate encoding
-        #   @return [Integer]
-        define_field_before :content, :encoding, Types::Int8Enum, enum: ENCODINGS
-        def initialize(options={})
-          super
-          self.encoding = options[:encoding] if options[:encoding]
-        end
-        # Get encoding name
-        # @return [String]
-        def human_encoding
-          self[:encoding].to_human
-        end
-      end
-    end
-    self.add_class IKE::Cert
-  end
-end