PcapPlusPlus  20.08+
SSLLayer.h
Go to the documentation of this file.
1 #ifndef PACKETPP_SSL_LAYER
2 #define PACKETPP_SSL_LAYER
3 
4 #include "PointerVector.h"
5 #include "Layer.h"
6 #include "SSLCommon.h"
7 #include "SSLHandshake.h"
8 
161 namespace pcpp
162 {
163 
171  class SSLLayer : public Layer
172  {
173  public:
174 
179  static inline bool isSSLPort(uint16_t port);
180 
208  static bool IsSSLMessage(uint16_t srcPort, uint16_t dstPort, uint8_t* data, size_t dataLen, bool ignorePorts = false);
209 
221  static SSLLayer* createSSLMessage(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet);
222 
228 
233 
238 
239  // implement abstract methods
240 
244  size_t getHeaderLen() const;
245 
250  void parseNextLayer();
251 
253 
254  protected:
255  SSLLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet) : Layer(data, dataLen, prevLayer, packet) { m_Protocol = SSL; }
256 
257  }; // class SSLLayer
258 
259 
307  {
308  public:
309 
317  SSLHandshakeLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet);
318 
322  size_t getHandshakeMessagesCount() const { return m_MessageList.size(); }
323 
331  SSLHandshakeMessage* getHandshakeMessageAt(int index) const;
332 
337  template<class THandshakeMessage>
338  THandshakeMessage* getHandshakeMessageOfType() const;
339 
349  template<class THandshakeMessage>
350  THandshakeMessage* getNextHandshakeMessageOfType(SSLHandshakeMessage* after) const;
351 
352  // implement abstract methods
353 
354  std::string toString() const;
355 
360 
361  private:
363  }; // class SSLHandshakeLayer
364 
365 
372  {
373  public:
374 
382  SSLChangeCipherSpecLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
383  : SSLLayer(data, dataLen, prevLayer, packet) {}
384 
386 
387  // implement abstract methods
388 
389  std::string toString() const;
390 
395  }; // class SSLChangeCipherSpecLayer
396 
397 
403  class SSLAlertLayer : public SSLLayer
404  {
405  public:
406 
414  SSLAlertLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
415  : SSLLayer(data, dataLen, prevLayer, packet) {}
416 
417  ~SSLAlertLayer() {}
418 
422  SSLAlertLevel getAlertLevel() const;
423 
427  SSLAlertDescription getAlertDescription();
428 
429  // implement abstract methods
430 
431  std::string toString() const;
432 
437  }; // class SSLAlertLayer
438 
439 
446  {
447  public:
448 
456  SSLApplicationDataLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
457  : SSLLayer(data, dataLen, prevLayer, packet) {}
458 
460 
465  uint8_t* getEncryptedData() const;
466 
470  size_t getEncryptedDataLen() const;
471 
472  // implement abstract methods
473 
474  std::string toString() const;
475 
480  }; // class SSLApplicationDataLayer
481 
482 
483  template<class THandshakeMessage>
485  {
486  size_t vecSize = m_MessageList.size();
487  for (size_t i = 0; i < vecSize; i++)
488  {
489  SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(i));
490  if (dynamic_cast<THandshakeMessage*>(curElem) != NULL)
491  return (THandshakeMessage*)curElem;
492  }
493 
494  // element not found
495  return NULL;
496  } // getHandshakeMessageOfType
497 
498 
499  template<class THandshakeMessage>
501  {
502  size_t vecSize = m_MessageList.size();
503  size_t afterIndex;
504 
505  // find the index of "after"
506  for (afterIndex = 0; afterIndex < vecSize; afterIndex++)
507  {
508  SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(afterIndex));
509  if (curElem == after)
510  break;
511  }
512 
513  // "after" not found
514  if (afterIndex == vecSize)
515  return NULL;
516 
517  for (size_t i = afterIndex+1; i < vecSize; i++)
518  {
519  SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(i));
520  if (dynamic_cast<THandshakeMessage*>(curElem) != NULL)
521  return (THandshakeMessage*)curElem;
522  }
523 
524  // element not found
525  return NULL;
526  } // getNextHandshakeMessageOfType
527 
528 
529  // implementation of inline methods
530 
531  bool SSLLayer::isSSLPort(uint16_t port)
532  {
533  if (port == 443) // HTTPS, this is likely case
534  return true;
535 
536  switch (port)
537  {
538  case 261: // NSIIOPS
539  case 448: // DDM-SSL
540  case 465: // SMTPS
541  case 563: // NNTPS
542  case 614: // SSHELL
543  case 636: // LDAPS
544  case 989: // FTPS - data
545  case 990: // FTPS - control
546  case 992: // Telnet over TLS/SSL
547  case 993: // IMAPS
548  case 994: // IRCS
549  case 995: // POP3S
550  return true;
551  default:
552  return false;
553  }
554  } // isSSLPort
555 
556 } // namespace pcpp
557 
558 #endif /* PACKETPP_SSL_LAYER */
SSLAlertLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:414
The main namespace for the PcapPlusPlus lib.
OsiModelLayer
Definition: ProtocolType.h:238
static SSLLayer * createSSLMessage(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:403
static bool IsSSLMessage(uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen, bool ignorePorts=false)
THandshakeMessage * getHandshakeMessageOfType() const
Definition: SSLLayer.h:484
const ProtocolType SSL
Definition: ProtocolType.h:133
size_t getHeaderLen() const
Definition: Layer.h:70
Definition: Packet.h:26
Definition: PointerVector.h:24
Definition: SSLLayer.h:306
void parseNextLayer()
void computeCalculateFields()
Definition: SSLLayer.h:479
THandshakeMessage * getNextHandshakeMessageOfType(SSLHandshakeMessage *after) const
Definition: SSLLayer.h:500
OsiModelLayer getOsiModelLayer() const
Definition: SSLLayer.h:252
SSLChangeCipherSpecLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:382
Definition: SSLLayer.h:171
void computeCalculateFields()
Definition: SSLLayer.h:359
SSLAlertLevel
Definition: SSLCommon.h:253
SSLAlertDescription
Definition: SSLCommon.h:266
Definition: SSLLayer.h:445
Definition: SSLHandshake.h:306
size_t getHandshakeMessagesCount() const
Definition: SSLLayer.h:322
void computeCalculateFields()
Definition: SSLLayer.h:436
virtual std::string toString() const =0
SSLApplicationDataLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:456
Definition: SSLCommon.h:118
void computeCalculateFields()
Definition: SSLLayer.h:394
static bool isSSLPort(uint16_t port)
Definition: SSLLayer.h:531
Definition: SSLLayer.h:371
Definition: SSLCommon.h:24
ssl_tls_record_layer * getRecordLayer() const
Definition: SSLLayer.h:227
SSLVersion getRecordVersion() const
Definition: ProtocolType.h:251
SSLRecordType getRecordType() const
SSLRecordType
Definition: SSLCommon.h:99