RubyGems - packetgen - Versions diffs - 2.8.7 → 3.0.0 - Mend

packetgen 2.8.7 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (89) hide show

checksums.yaml +4 -4
data/.rubocop.yml +0 -1
data/README.md +5 -4
data/lib/packetgen.rb +6 -12
data/lib/packetgen/capture.rb +43 -39
data/lib/packetgen/config.rb +0 -1
data/lib/packetgen/deprecation.rb +1 -1
data/lib/packetgen/header.rb +9 -9
data/lib/packetgen/header/asn1_base.rb +10 -10
data/lib/packetgen/header/base.rb +42 -101
data/lib/packetgen/header/dhcp/option.rb +5 -11
data/lib/packetgen/header/dhcpv6/duid.rb +2 -0
data/lib/packetgen/header/dhcpv6/option.rb +2 -19
data/lib/packetgen/header/dhcpv6/options.rb +7 -0
data/lib/packetgen/header/dns.rb +5 -23
data/lib/packetgen/header/dns/name.rb +1 -0
data/lib/packetgen/header/dns/qdsection.rb +1 -0
data/lib/packetgen/header/dns/question.rb +3 -7
data/lib/packetgen/header/dns/rr.rb +3 -0
data/lib/packetgen/header/dns/rrsection.rb +1 -0
data/lib/packetgen/header/dot11.rb +1 -17
data/lib/packetgen/header/dot1x.rb +1 -0
data/lib/packetgen/header/eap.rb +4 -7
data/lib/packetgen/header/eth.rb +2 -0
data/lib/packetgen/header/http/headers.rb +3 -0
data/lib/packetgen/header/http/request.rb +5 -4
data/lib/packetgen/header/http/response.rb +5 -4
data/lib/packetgen/header/icmp.rb +6 -0
data/lib/packetgen/header/icmpv6.rb +6 -0
data/lib/packetgen/header/igmpv3/mq.rb +2 -0
data/lib/packetgen/header/ip.rb +32 -30
data/lib/packetgen/header/ip/addr.rb +1 -0
data/lib/packetgen/header/ip/option.rb +23 -20
data/lib/packetgen/header/ip/options.rb +11 -24
data/lib/packetgen/header/ipv6.rb +45 -34
data/lib/packetgen/header/ipv6/addr.rb +2 -0
data/lib/packetgen/header/ipv6/hop_by_hop.rb +7 -31
data/lib/packetgen/header/mdns.rb +1 -0
data/lib/packetgen/header/mldv2/mlq.rb +2 -0
data/lib/packetgen/header/ospfv2/lsa.rb +15 -25
data/lib/packetgen/header/ospfv3/ipv6_prefix.rb +1 -1
data/lib/packetgen/header/ospfv3/lsa.rb +8 -25
data/lib/packetgen/header/snmp.rb +2 -0
data/lib/packetgen/header/tcp.rb +23 -2
data/lib/packetgen/header/tcp/option.rb +51 -52
data/lib/packetgen/header/tcp/options.rb +17 -52
data/lib/packetgen/header/tftp.rb +3 -0
data/lib/packetgen/header/udp.rb +8 -0
data/lib/packetgen/packet.rb +119 -102
data/lib/packetgen/pcapng/block.rb +4 -10
data/lib/packetgen/pcapng/epb.rb +4 -4
data/lib/packetgen/pcapng/file.rb +7 -3
data/lib/packetgen/pcapng/idb.rb +2 -2
data/lib/packetgen/pcapng/shb.rb +3 -3
data/lib/packetgen/pcapng/spb.rb +1 -8
data/lib/packetgen/pcapng/unknown_block.rb +0 -7
data/lib/packetgen/types.rb +1 -0
data/lib/packetgen/types/array.rb +73 -71
data/lib/packetgen/types/cstring.rb +1 -1
data/lib/packetgen/types/enum.rb +3 -3
data/lib/packetgen/types/fields.rb +66 -106
data/lib/packetgen/types/int.rb +9 -5
data/lib/packetgen/types/length_from.rb +45 -0
data/lib/packetgen/types/oui.rb +2 -0
data/lib/packetgen/types/string.rb +10 -16
data/lib/packetgen/types/tlv.rb +7 -15
data/lib/packetgen/utils.rb +8 -8
data/lib/packetgen/utils/arp_spoofer.rb +1 -2
data/lib/packetgen/version.rb +1 -1
metadata +3 -21
data/lib/packetgen/header/crypto.rb +0 -62
data/lib/packetgen/header/esp.rb +0 -413
data/lib/packetgen/header/ike.rb +0 -243
data/lib/packetgen/header/ike/auth.rb +0 -165
data/lib/packetgen/header/ike/cert.rb +0 -76
data/lib/packetgen/header/ike/certreq.rb +0 -66
data/lib/packetgen/header/ike/id.rb +0 -99
data/lib/packetgen/header/ike/ke.rb +0 -79
data/lib/packetgen/header/ike/nonce.rb +0 -40
data/lib/packetgen/header/ike/notify.rb +0 -176
data/lib/packetgen/header/ike/payload.rb +0 -315
data/lib/packetgen/header/ike/sa.rb +0 -561
data/lib/packetgen/header/ike/sk.rb +0 -261
data/lib/packetgen/header/ike/ts.rb +0 -270
data/lib/packetgen/header/ike/vendor_id.rb +0 -39
data/lib/packetgen/header/netbios.rb +0 -20
data/lib/packetgen/header/netbios/datagram.rb +0 -105
data/lib/packetgen/header/netbios/name.rb +0 -67
data/lib/packetgen/header/netbios/session.rb +0 -64

data/lib/packetgen/header/ike.rb DELETED Viewed

@@ -1,243 +0,0 @@
-# This file is part of PacketGen
-# See https://github.com/sdaubert/packetgen for more informations
-# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
-# This program is published under MIT license.
-# frozen_string_literal: true
-module PacketGen
-  module Header
-    # This class handles a pseudo-header used to differentiate ESP from IKE headers
-    # in a UDP datagram with port 4500.
-    # @author Sylvain Daubert
-    # @since 2.0.0
-    class NonESPMarker < Base
-      # @!attribute non_esp_marker
-      #  32-bit zero marker to differentiate IKE packet over UDP port 4500 from ESP ones
-      #  @return [Integer]
-      define_field :non_esp_marker, Types::Int32, default: 0
-      # @!attribute body
-      #  @return [Types::String,Header::Base]
-      define_field :body, Types::String
-      # Check non_esp_marker field
-      # @see [Base#parse?]
-      def parse?
-        non_esp_marker.zero?
-      end
-    end
-    # IKE is the Internet Key Exchange protocol (RFC 7296). Ony IKEv2 is supported.
-    #
-    # A IKE header consists of a header, and a set of payloads. This class
-    # handles IKE header. For payloads, see {IKE::Payload}.
-    #
-    # == IKE header
-    # The format of a IKE header is shown below:
-    #                       1                   2                   3
-    #   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |                       IKE SA Initiator's SPI                  |
-    #  |                                                               |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |                       IKE SA Responder's SPI                  |
-    #  |                                                               |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |  Next Payload | MjVer | MnVer | Exchange Type |     Flags     |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |                          Message ID                           |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    #  |                            Length                             |
-    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-    # A IKE header consists of:
-    # * a IKE SA initiator SPI ({#init_spi}, {Types::Int64} type),
-    # * a IKE SA responder SPI ({#resp_spi}, {Types::Int64} type),
-    # * a Next Payload field ({#next}, {Types::Int8} type),
-    # * a Version field ({#version}, {Types::Int8} type, with first 4-bit field
-    #   as major number, and last 4-bit field as minor number),
-    # * a Exchange type ({#exchange_type}, {Types::Int8} type),
-    # * a {#flags} field ({Types::Int8} type),
-    # * a Message ID ({#message_id}, {Types::Int32} type),
-    # * and a {#length} ({Types::Int32} type).
-    #
-    # == Create a IKE header
-    # === Standalone
-    #   ike = PacketGen::Header::IKE.new
-    # === Classical IKE packet
-    #   pkt = PacketGen.gen('IP').add('UDP').add('IKE')
-    #   # access to IKE header
-    #   pkt.ike    # => PacketGen::Header::IKE
-    # === NAT-T IKE packet
-    #   # NonESPMarker is used to insert a 32-bit null field between UDP header
-    #   # and IKE one to differentiate it from ESP-in-UDP (see RFC 3948)
-    #   pkt = PacketGen.gen('IP').add('UDP').add('NonESPMarker').add('IKE)
-    # @author Sylvain Daubert
-    # @since 2.0.0
-    class IKE < Base
-      # Classical well-known UDP port for IKE
-      UDP_PORT1 = 500
-      # Well-known UDP port for IKE when NAT is detected
-      UDP_PORT2 = 4500
-      PROTO_IKE = 1
-      PROTO_AH  = 2
-      PROTO_ESP = 3
-      EXCHANGE_TYPES = {
-        'IKE_SA_INIT'     => 34,
-        'IKE_AUTH'        => 35,
-        'CREATE_CHILD_SA' => 36,
-        'INFORMATIONAL'   => 37
-      }.freeze
-      # @!attribute init_spi
-      #  64-bit initiator SPI
-      #  @return [Integer]
-      define_field :init_spi, Types::Int64
-      # @!attribute resp_spi
-      #  64-bit responder SPI
-      #  @return [Integer]
-      define_field :resp_spi, Types::Int64
-      # @!attribute next
-      #  8-bit next payload type
-      #  @return [Integer]
-      define_field :next, Types::Int8
-      # @!attribute version
-      #  8-bit IKE version
-      #  @return [Integer]
-      define_field :version, Types::Int8, default: 0x20
-      # @!attribute [r] exchange_type
-      #  8-bit exchange type
-      #  @return [Integer]
-      define_field :exchange_type, Types::Int8Enum, enum: EXCHANGE_TYPES
-      # @!attribute flags
-      #  8-bit flags
-      #  @return [Integer]
-      define_field :flags, Types::Int8
-      # @!attribute message_id
-      #  32-bit message ID
-      #  @return [Integer]
-      define_field :message_id, Types::Int32
-      # @!attribute length
-      #  32-bit length of total message (header + payloads)
-      #  @return [Integer]
-      define_field :length, Types::Int32
-      # Defining a body permits using Packet#parse to parse IKE payloads.
-      # But this method is hidden as prefered way to access payloads is via #payloads
-      define_field :body, Types::String
-      # @!attribute mjver
-      #  4-bit major version value
-      #  @return [Integer]
-      # @!attribute mnver
-      #  4-bit minor version value
-      #  @return [Integer]
-      define_bit_fields_on :version, :mjver, 4, :mnver, 4
-      # @!attribute rsv1
-      #  @return [Integer]
-      # @!attribute rsv2
-      #  @return [Integer]
-      # @!attribute flag_i
-      #  bit set in message sent by the original initiator
-      #  @return [Boolean]
-      # @!attribute flag_r
-      #  indicate this message is a response to a message containing the same Message ID
-      #  @return [Boolean]
-      # @!attribute flag_v
-      #  version flag. Ignored by IKEv2 peers, and should be set to 0
-      #  @return [Boolean]
-      define_bit_fields_on :flags, :rsv1, 2, :flag_r, :flag_v, :flag_i, :rsv2, 3
-      # @param [Hash] options
-      # @see Base#initialize
-      def initialize(options={})
-        super
-        calc_length unless options[:length]
-        self.type = options[:type] if options[:type]
-        self.type = options[:exchange_type] if options[:exchange_type]
-      end
-      alias type exchange_type
-      alias type= exchange_type=
-      # Get exchange type name
-      # @return [String
-      def human_exchange_type
-        self[:exchange_type].to_human
-      end
-      alias human_type human_exchange_type
-      # Calculate length field
-      # @return [Integer]
-      def calc_length
-        Base.calculate_and_set_length self
-      end
-      # IKE payloads
-      # @return [Array<Payload>]
-      def payloads
-        payloads = []
-        body = self.body
-        while body.is_a?(Payload)
-          payloads << body
-          body = body.body
-        end
-        payloads
-      end
-      # @return [String]
-      def inspect
-        super do |attr|
-          case attr
-          when :flags
-            str_flags = ''.dup
-            %w[r v i].each do |flag|
-              str_flags << (send("flag_#{flag}?") ? flag.upcase : '.')
-            end
-            str = Inspect.shift_level
-            str << Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
-                                        str_flags]
-          end
-        end
-      end
-      # Toggle +I+ and +R+ flags.
-      # @return [self]
-      def reply!
-        self.flag_r = !self.flag_r?
-        self.flag_i = !self.flag_i?
-        self
-      end
-      # @api private
-      # @note This method is used internally by PacketGen and should not be
-      #       directly called
-      # @param [Packet] packet
-      # @return [void]
-      # @since 2.7.0 Set UDP sport according to bindings, only if sport is 0.
-      #  Needed by new bind API.
-      def added_to_packet(packet)
-        return unless packet.is? 'UDP'
-        return unless packet.udp.sport.zero?
-        packet.udp.sport = if packet.is?('NonESPMarker')
-                             UDP_PORT2
-                           else
-                             UDP_PORT1
-                           end
-      end
-    end
-    self.add_class IKE
-    self.add_class NonESPMarker
-    UDP.bind IKE, dport: IKE::UDP_PORT1
-    UDP.bind IKE, sport: IKE::UDP_PORT1
-    UDP.bind NonESPMarker, dport: IKE::UDP_PORT2
-    UDP.bind NonESPMarker, sport: IKE::UDP_PORT2
-    NonESPMarker.bind IKE
-  end
-end
-require_relative 'ike/payload'

data/lib/packetgen/header/ike/auth.rb DELETED Viewed

@@ -1,165 +0,0 @@
-# coding: utf-8
-# This file is part of PacketGen
-# See https://github.com/sdaubert/packetgen for more informations
-# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
-# This program is published under MIT license.
-# frozen_string_literal: true
-module PacketGen
-  module Header
-    class IKE
-      # This class handles Authentication payloads.
-      #
-      # A AUTH payload consists of the IKE generic payload header (see {Payload})
-      # and some specific fields:
-      #                        1                   2                   3
-      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Auth Method   |                RESERVED                       |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   |                                                               |
-      #   ~                      Authentication Data                      ~
-      #   |                                                               |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      # These specific fields are:
-      # * {#type} (ID type),
-      # * {#reserved},
-      # * and {#content} (Identification Data).
-      #
-      # == Create a KE payload
-      #   # create a IKE packet with a Auth payload
-      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Auth', method: 'SHARED_KEY')
-      #   pkt.calc_length
-      # @author Sylvain Daubert
-      class Auth < Payload
-        # Payload type number
-        PAYLOAD_TYPE = 39
-        METHODS = {
-          'RSA_SIGNATURE'     => 1,
-          'SHARED_KEY'        => 2,
-          'DSA_SIGNATURE'     => 3,
-          'ECDSA256'          => 9,
-          'ECDSA384'          => 10,
-          'ECDSA512'          => 11,
-          'PASSWORD'          => 12,
-          'NULL'              => 13,
-          'DIGITAL_SIGNATURE' => 14
-        }.freeze
-        # @attribute [r] method
-        #   8-bit Auth Method
-        #   @return [Integer]
-        define_field_before :content, :method, Types::Int8Enum, enum: METHODS
-        # @attribute reserved
-        #   24-bit reserved field
-        #   @return [Integer]
-        define_field_before :content, :reserved, Types::Int24
-        # Check authentication (see RFC 7296 §2.15)
-        # @param [Packet] init_msg first IKE message sent by peer
-        # @param [String] nonce my nonce, sent in first message
-        # @param [String] sk_p secret key used to compute prf(SK_px, IDx')
-        # @param [Integer] prf PRF type to use (see {Transform}+::PRF_*+ constants)
-        # @param [String] shared_secret shared secret to use as PSK (shared secret
-        #    method only)
-        # @param [OpenSSL::X509::Certificate] cert certificate to check AUTH signature,
-        #   if not embedded in IKE message
-        # @return [Boolean]
-        # @note For now, only NULL, SHARED_KEY and RSA, DSA and ECDSA signatures are
-        #   supported.
-        # @note For certificates, only check AUTH authenticity with given (or guessed
-        #   from packet) certificate, but certificate chain is not verified.
-        def check?(init_msg: nil, nonce: '', sk_p: '', prf: 1, shared_secret: '',
-                   cert: nil)
-          raise TypeError, 'init_msg should be a Packet' unless init_msg.is_a?(Packet)
-          signed_octets = init_msg.ike.to_s
-          signed_octets << nonce
-          id = packet.ike.flag_i? ? packet.ike_idi : packet.ike_idr
-          signed_octets << prf(prf, sk_p, id.to_s[4, id.length - 4])
-          case method
-          when METHODS['SHARED_KEY']
-            auth  = prf(prf(shared_secret, 'Key Pad for IKEv2'), signed_octets)
-            auth == content
-          when METHODS['RSA_SIGNATURE'], METHODS['ECDSA256'], METHODS['ECDSA384'],
-               METHODS['ECDSA512']
-            if packet.ike_cert
-              # FIXME: Expect a ENCODING_X509_CERT_SIG
-              #        Others types not supported for now...
-              cert = OpenSSL::X509::Certificate.new(packet.ike_cert.content)
-            elsif cert.nil?
-              raise CryptoError, 'a certificate should be provided'
-            end
-            text = cert.to_text
-            m = text.match(/Public Key Algorithm: ([a-zA-Z0-9-]+)/)
-            digest = case m[1]
-                     when 'id-ecPublicKey'
-                       m2 = text.match(/Public-Key: \((\d+) bit\)/)
-                       case m2[1]
-                       when '256'
-                         OpenSSL::Digest::SHA256.new
-                       when '384'
-                         OpenSSL::Digest::SHA384.new
-                       when '521'
-                         OpenSSL::Digest::SHA512.new
-                       end
-                     when /sha([235]\d+)/
-                       OpenSSL::Digest.const_get("SHA#{$1}").new
-                     when /sha1/, 'rsaEncryption'
-                       OpenSSL::Digest::SHA1.new
-                     end
-            signature = format_signature(cert.public_key, content.to_s)
-            cert.public_key.verify(digest, signature, signed_octets)
-          when METHOD_NULL
-            true
-          else
-            raise NotImplementedError, "unsupported method #{human_method}"
-          end
-        end
-        # Get authentication method name
-        # @return [String]
-        def human_method
-          self[:method].to_human
-        end
-        private
-        def prf(type, key, msg)
-          case type
-          when Transform::PRF_HMAC_MD5, Transform::PRF_HMAC_SHA1,
-               Transform::PRF_HMAC_SHA2_256, Transform::PRF_HMAC_SHA2_384,
-               Transform::PRF_HMAC_SHA2_512
-            digestname = Transform.constants.grep(/PRF_/)
-                                  .detect { |c| Transform.const_get(c) == type }
-                                  .to_s.sub(/^PRF_HMAC_/, '').sub(/2_/, '')
-            digest = OpenSSL::Digest.const_get(digestname).new
-          else
-            raise NotImplementedError, 'for now, only HMAC-based PRF are supported'
-          end
-          hmac = OpenSSL::HMAC.new(key, digest)
-          hmac << msg
-          hmac.digest
-        end
-        def format_signature(pkey, sig)
-          if pkey.is_a?(OpenSSL::PKey::EC)
-            # PKey::EC need a signature as a DER string representing a sequence of
-            # 2 integers: r and s
-            r = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sig[0, sig.size / 2], 2).to_i)
-            s = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sig[sig.size / 2,
-                                                               sig.size / 2], 2).to_i)
-            OpenSSL::ASN1::Sequence.new([r, s]).to_der
-          else
-            sig
-          end
-        end
-      end
-    end
-  end
-end

data/lib/packetgen/header/ike/cert.rb DELETED Viewed

@@ -1,76 +0,0 @@
-# coding: utf-8
-# This file is part of PacketGen
-# See https://github.com/sdaubert/packetgen for more informations
-# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
-# This program is published under MIT license.
-# frozen_string_literal: true
-module PacketGen
-  module Header
-    class IKE
-      # This class handles Certificate payloads.
-      #
-      # A Cert payload consists of the IKE generic payload header (see {Payload})
-      # and some specific fields:
-      #                        1                   2                   3
-      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      #   | Cert Encoding |                                               |
-      #   +-+-+-+-+-+-+-+-+                                               +
-      #   |                                                               |
-      #   ~                       Certificate Data                        ~
-      #   |                                                               |
-      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      # These specific fields are:
-      # * {#encoding},
-      # * and {#content} (Certificate Data).
-      #
-      # == Create a Cert payload
-      #   # Create a IKE packet with a Cert payload
-      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Cert', encoding: 'X509_CERT_SIG')
-      #   certs = cert.to_der << ca_cert.to_der
-      #   pkt.ike_cert.content.read certs
-      #   pkt.calc_length
-      # @author Sylvain Daubert
-      class Cert < Payload
-        # Payload type number
-        PAYLOAD_TYPE = 37
-        ENCODINGS = {
-          'PKCS7_WRAPPED_X509'   => 1,
-          'PGP'                  => 2,
-          'DNS_SIGNED_KEY'       => 3,
-          'X509_CERT_SIG'        => 4,
-          'KERBEROS_TOKEN'       => 6,
-          'X509_CRL'             => 7,
-          'X509_ARL'             => 8,
-          'SPKI_CERT'            => 9,
-          'X509_CERT_ATTR'       => 10,
-          'HASH_URL_X509_CERT'   => 12,
-          'HASH_URL_X509_BUNDLE' => 13
-        }.freeze
-        # @attribute encoding
-        #   8-bit certificate encoding
-        #   @return [Integer]
-        define_field_before :content, :encoding, Types::Int8Enum, enum: ENCODINGS
-        def initialize(options={})
-          super
-          self.encoding = options[:encoding] if options[:encoding]
-        end
-        # Get encoding name
-        # @return [String]
-        def human_encoding
-          self[:encoding].to_human
-        end
-      end
-    end
-    self.add_class IKE::Cert
-  end
-end