File Coverage

blib/lib/Protocol/TLS/Constants.pm
Criterion Covered Total %
statement 17 17 100.0
branch 3 6 50.0
condition 2 5 40.0
subroutine 7 7 100.0
pod 0 3 0.0
total 29 38 76.3


line stmt bran cond sub pod time code
1             package Protocol::TLS::Constants;
2 3     3   21021 use strict;
  3         7  
  3         122  
3 3     3   17 use warnings;
  3         6  
  3         532  
4             use constant {
5              
6 3         4532 TLS_v10 => 0x0301,
7             TLS_v11 => 0x0302,
8             TLS_v12 => 0x0303,
9             TLS_v13 => 0x0304,
10              
11             # connectionEnd
12             CLIENT => 0,
13             SERVER => 1,
14              
15             # Content Type
16             CTYPE_CHANGE_CIPHER_SPEC => 20,
17             CTYPE_ALERT => 21,
18             CTYPE_HANDSHAKE => 22,
19             CTYPE_APPLICATION_DATA => 23,
20              
21             # Handshake Type
22             HSTYPE_HELLO_REQUEST => 0,
23             HSTYPE_CLIENT_HELLO => 1,
24             HSTYPE_SERVER_HELLO => 2,
25             HSTYPE_CERTIFICATE => 11,
26             HSTYPE_SERVER_KEY_EXCHANGE => 12,
27             HSTYPE_CERTIFICATE_REQUEST => 13,
28             HSTYPE_SERVER_HELLO_DONE => 14,
29             HSTYPE_CERTIFICATE_VERIFY => 15,
30             HSTYPE_CLIENT_KEY_EXCHANGE => 16,
31             HSTYPE_FINISHED => 20,
32              
33             # Ciphers
34             TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 => 0xc02b,
35             TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 => 0xc02f,
36             TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA => 0xc00a,
37             TLS_RSA_WITH_AES_128_CBC_SHA => 0x002f,
38             TLS_RSA_WITH_3DES_EDE_CBC_SHA => 0x000a,
39             TLS_RSA_WITH_RC4_128_SHA => 0x0005,
40             TLS_RSA_WITH_RC4_128_MD5 => 0x0004,
41             TLS_RSA_WITH_NULL_SHA256 => 0x003b,
42             TLS_RSA_WITH_NULL_SHA => 0x0002,
43             TLS_NULL_WITH_NULL_NULL => 0x0000,
44              
45             # State
46             STATE_IDLE => 0,
47             STATE_HS_START => 1,
48             STATE_SESS_NEW => 2,
49             STATE_SESS_RESUME => 3,
50             STATE_HS_RESUME => 4,
51             STATE_HS_HALF => 5,
52             STATE_HS_FULL => 6,
53             STATE_OPEN => 7,
54              
55             # Alert
56             WARNING => 1,
57             FATAL => 2,
58              
59             # Alert description
60             CLOSE_NOTIFY => 0,
61             UNEXPECTED_MESSAGE => 10,
62             BAD_RECORD_MAC => 20,
63             DECRYPTION_FAILED_RESERVED => 21,
64             RECORD_OVERFLOW => 22,
65             DECOMPRESSION_FAILURE => 30,
66             HANDSHAKE_FAILURE => 40,
67             NO_CERTIFICATE_RESERVED => 41,
68             BAD_CERTIFICATE => 42,
69             UNSUPPORTED_CERTIFICATE => 43,
70             CERTIFICATE_REVOKED => 44,
71             CERTIFICATE_EXPIRED => 45,
72             CERTIFICATE_UNKNOWN => 46,
73             ILLEGAL_PARAMETER => 47,
74             UNKNOWN_CA => 48,
75             ACCESS_DENIED => 49,
76             DECODE_ERROR => 50,
77             DECRYPT_ERROR => 51,
78             EXPORT_RESTRICTION_RESERVED => 60,
79             PROTOCOL_VERSION => 70,
80             INSUFFICIENT_SECURITY => 71,
81             INTERNAL_ERROR => 80,
82             USER_CANCELED => 90,
83             NO_RENEGOTIATION => 100,
84             UNSUPPORTED_EXTENSION => 110,
85              
86             # Hash Algorithm
87             HASH_NONE => 0,
88             HASH_MD5 => 1,
89             HASH_SHA1 => 2,
90             HASH_SHA224 => 3,
91             HASH_SHA256 => 4,
92             HASH_SHA384 => 5,
93             HASH_SHA512 => 6,
94              
95             # Signature Algorithm
96             SIGN_ANONYMOUS => 0,
97             SIGN_RSA => 1,
98             SIGN_DSA => 2,
99             SIGN_ECDSA => 64,
100              
101             # Client Certificate Type
102             RSA_SIGN => 1,
103             DSS_SIGN => 2,
104             RSA_FIXED_DH => 3,
105             DSS_FIXED_DH => 4,
106             RSA_EPHEMERAL_DH_RESERVED => 5,
107             DSS_EPHEMERAL_DH_RESERVED => 6,
108             FORTEZZA_DMS_RESERVED => 20,
109 3     3   16 };
  3         4  
110              
111             require Exporter;
112             our @ISA = qw(Exporter);
113             our %EXPORT_TAGS = (
114             versions => [qw(TLS_v10 TLS_v11 TLS_v12 TLS_v13)],
115             c_types => [
116             qw( CTYPE_CHANGE_CIPHER_SPEC CTYPE_ALERT CTYPE_HANDSHAKE
117             CTYPE_APPLICATION_DATA )
118             ],
119             hs_types => [
120             qw( HSTYPE_HELLO_REQUEST HSTYPE_CLIENT_HELLO HSTYPE_SERVER_HELLO
121             HSTYPE_CERTIFICATE HSTYPE_SERVER_KEY_EXCHANGE
122             HSTYPE_CERTIFICATE_REQUEST HSTYPE_SERVER_HELLO_DONE
123             HSTYPE_CERTIFICATE_VERIFY HSTYPE_CLIENT_KEY_EXCHANGE HSTYPE_FINISHED )
124             ],
125             end_types => [qw( CLIENT SERVER )],
126             ciphers => [
127             qw( TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
128             TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
129             TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA
130             TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_SHA
131             TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_NULL_SHA
132             TLS_NULL_WITH_NULL_NULL )
133             ],
134             state_types => [
135             qw( STATE_IDLE STATE_HS_START STATE_SESS_NEW STATE_SESS_RESUME
136             STATE_HS_RESUME STATE_HS_HALF STATE_HS_FULL STATE_OPEN )
137             ],
138             alert_types => [qw( WARNING FATAL )],
139             alert_desc => [
140             qw( CLOSE_NOTIFY UNEXPECTED_MESSAGE BAD_RECORD_MAC
141             DECRYPTION_FAILED_RESERVED RECORD_OVERFLOW DECOMPRESSION_FAILURE
142             HANDSHAKE_FAILURE NO_CERTIFICATE_RESERVED BAD_CERTIFICATE
143             UNSUPPORTED_CERTIFICATE CERTIFICATE_REVOKED CERTIFICATE_EXPIRED
144             CERTIFICATE_UNKNOWN ILLEGAL_PARAMETER UNKNOWN_CA ACCESS_DENIED
145             DECODE_ERROR DECRYPT_ERROR EXPORT_RESTRICTION_RESERVED PROTOCOL_VERSION
146             INSUFFICIENT_SECURITY INTERNAL_ERROR USER_CANCELED NO_RENEGOTIATION
147             UNSUPPORTED_EXTENSION)
148             ],
149             hash_alg => [
150             qw( HASH_NONE HASH_MD5 HASH_SHA1 HASH_SHA224 HASH_SHA256 HASH_SHA384
151             HASH_SHA512 )
152             ],
153             sign_alg => [qw( SIGN_ANONYMOUS SIGN_RSA SIGN_DSA SIGN_ECDSA )],
154             client_c_types => [
155             qw( RSA_SIGN DSS_SIGN RSA_FIXED_DH DSS_FIXED_DH RSA_EPHEMERAL_DH_RESERVED
156             DSS_EPHEMERAL_DH_RESERVED FORTEZZA_DMS_RESERVED )
157             ],
158             );
159              
160             my ( %reverse, %ciphers );
161             {
162 3     3   18 no strict 'refs';
  3         22  
  3         1124  
163             for my $k ( keys %EXPORT_TAGS ) {
164             for my $v ( @{ $EXPORT_TAGS{$k} } ) {
165             $reverse{$k}{ &{$v} } = $v;
166             }
167             }
168              
169             for my $c ( keys %{ $reverse{ciphers} } ) {
170             $ciphers{$c} =
171             [ $reverse{ciphers}{$c} =~ /^TLS_(.+)_WITH_(.+)_([^_]+)$/ ];
172             }
173             }
174              
175             sub const_name {
176 73     73 0 159 my ( $tag, $value ) = @_;
177 73 50 50     742 exists $reverse{$tag} ? ( $reverse{$tag}{$value} || '' ) : '';
178             }
179              
180             sub is_tls_version {
181 24 50 33 24 0 272 $_[0] < TLS_v10 || $_[0] > TLS_v12 ? undef : $_[0];
182             }
183              
184             sub cipher_type {
185 6 50   6 0 38 exists $ciphers{ $_[0] } ? @{ $ciphers{ $_[0] } } : ();
  6         66  
186             }
187              
188             our @EXPORT_OK = (
189             qw(const_name is_tls_version cipher_type ),
190             map { @$_ } values %EXPORT_TAGS
191             );
192              
193             1