PcapPlusPlus  20.08
SSLLayer.h
Go to the documentation of this file.
1 #ifndef PACKETPP_SSL_LAYER
2 #define PACKETPP_SSL_LAYER
3 
4 #include "PointerVector.h"
5 #include "Layer.h"
6 #include "SSLCommon.h"
7 #include "SSLHandshake.h"
8 
161 namespace pcpp
162 {
163 
171  class SSLLayer : public Layer
172  {
173  public:
174 
179  static inline bool isSSLPort(uint16_t port);
180 
203  static bool IsSSLMessage(uint16_t srcPort, uint16_t dstPort, uint8_t* data, size_t dataLen, bool ignorePorts = false);
204 
216  static SSLLayer* createSSLMessage(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet);
217 
223  static std::string sslVersionToString(SSLVersion ver);
224 
230 
235 
240 
241  // implement abstract methods
242 
246  size_t getHeaderLen() const;
247 
252  void parseNextLayer();
253 
255 
256  protected:
257  SSLLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet) : Layer(data, dataLen, prevLayer, packet) { m_Protocol = SSL; }
258 
259  }; // class SSLLayer
260 
261 
309  {
310  public:
311 
319  SSLHandshakeLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet);
320 
324  size_t getHandshakeMessagesCount() const { return m_MessageList.size(); }
325 
333  SSLHandshakeMessage* getHandshakeMessageAt(int index) const;
334 
339  template<class THandshakeMessage>
340  THandshakeMessage* getHandshakeMessageOfType() const;
341 
351  template<class THandshakeMessage>
352  THandshakeMessage* getNextHandshakeMessageOfType(SSLHandshakeMessage* after) const;
353 
354  // implement abstract methods
355 
356  std::string toString() const;
357 
362 
363  private:
365  }; // class SSLHandshakeLayer
366 
367 
374  {
375  public:
376 
384  SSLChangeCipherSpecLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
385  : SSLLayer(data, dataLen, prevLayer, packet) {}
386 
388 
389  // implement abstract methods
390 
391  std::string toString() const;
392 
397  }; // class SSLChangeCipherSpecLayer
398 
399 
405  class SSLAlertLayer : public SSLLayer
406  {
407  public:
408 
416  SSLAlertLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
417  : SSLLayer(data, dataLen, prevLayer, packet) {}
418 
419  ~SSLAlertLayer() {}
420 
424  SSLAlertLevel getAlertLevel() const;
425 
429  SSLAlertDescription getAlertDescription();
430 
431  // implement abstract methods
432 
433  std::string toString() const;
434 
439  }; // class SSLAlertLayer
440 
441 
448  {
449  public:
450 
458  SSLApplicationDataLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
459  : SSLLayer(data, dataLen, prevLayer, packet) {}
460 
462 
467  uint8_t* getEncrpytedData() const;
468 
472  size_t getEncrpytedDataLen() const;
473 
474  // implement abstract methods
475 
476  std::string toString() const;
477 
482  }; // class SSLApplicationDataLayer
483 
484 
485  template<class THandshakeMessage>
487  {
488  size_t vecSize = m_MessageList.size();
489  for (size_t i = 0; i < vecSize; i++)
490  {
491  SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(i));
492  if (dynamic_cast<THandshakeMessage*>(curElem) != NULL)
493  return (THandshakeMessage*)curElem;
494  }
495 
496  // element not found
497  return NULL;
498  } // getHandshakeMessageOfType
499 
500 
501  template<class THandshakeMessage>
503  {
504  size_t vecSize = m_MessageList.size();
505  size_t afterIndex;
506 
507  // find the index of "after"
508  for (afterIndex = 0; afterIndex < vecSize; afterIndex++)
509  {
510  SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(afterIndex));
511  if (curElem == after)
512  break;
513  }
514 
515  // "after" not found
516  if (afterIndex == vecSize)
517  return NULL;
518 
519  for (size_t i = afterIndex+1; i < vecSize; i++)
520  {
521  SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(i));
522  if (dynamic_cast<THandshakeMessage*>(curElem) != NULL)
523  return (THandshakeMessage*)curElem;
524  }
525 
526  // element not found
527  return NULL;
528  } // getNextHandshakeMessageOfType
529 
530 
531  // implementation of inline methods
532 
533  bool SSLLayer::isSSLPort(uint16_t port)
534  {
535  if (port == 443) // HTTPS, this is likely case
536  return true;
537 
538  switch (port)
539  {
540  case 261: // NSIIOPS
541  case 448: // DDM-SSL
542  case 465: // SMTPS
543  case 563: // NNTPS
544  case 614: // SSHELL
545  case 636: // LDAPS
546  case 989: // FTPS - data
547  case 990: // FTPS - control
548  case 992: // Telnet over TLS/SSL
549  case 993: // IMAPS
550  case 994: // IRCS
551  case 995: // POP3S
552  return true;
553  default:
554  return false;
555  }
556  } // isSSLPort
557 
558 } // namespace pcpp
559 
560 #endif /* PACKETPP_SSL_LAYER */
SSLAlertLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:416
The main namespace for the PcapPlusPlus lib.
OsiModelLayer
Definition: ProtocolType.h:233
static std::string sslVersionToString(SSLVersion ver)
static SSLLayer * createSSLMessage(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:405
static bool IsSSLMessage(uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen, bool ignorePorts=false)
THandshakeMessage * getHandshakeMessageOfType() const
Definition: SSLLayer.h:486
const ProtocolType SSL
Definition: ProtocolType.h:133
SSLVersion
Definition: SSLCommon.h:112
size_t getHeaderLen() const
Definition: Layer.h:70
Definition: Packet.h:26
Definition: PointerVector.h:24
Definition: SSLLayer.h:308
void parseNextLayer()
void computeCalculateFields()
Definition: SSLLayer.h:481
THandshakeMessage * getNextHandshakeMessageOfType(SSLHandshakeMessage *after) const
Definition: SSLLayer.h:502
OsiModelLayer getOsiModelLayer() const
Definition: SSLLayer.h:254
SSLChangeCipherSpecLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:384
Definition: SSLLayer.h:171
void computeCalculateFields()
Definition: SSLLayer.h:361
SSLAlertLevel
Definition: SSLCommon.h:160
SSLAlertDescription
Definition: SSLCommon.h:173
Definition: SSLLayer.h:447
Definition: SSLHandshake.h:243
size_t getHandshakeMessagesCount() const
Definition: SSLLayer.h:324
void computeCalculateFields()
Definition: SSLLayer.h:438
virtual std::string toString() const =0
SSLApplicationDataLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:458
void computeCalculateFields()
Definition: SSLLayer.h:396
static bool isSSLPort(uint16_t port)
Definition: SSLLayer.h:533
Definition: SSLLayer.h:373
Definition: SSLCommon.h:22
ssl_tls_record_layer * getRecordLayer() const
Definition: SSLLayer.h:229
SSLVersion getRecordVersion() const
Definition: ProtocolType.h:246
SSLRecordType getRecordType() const
SSLRecordType
Definition: SSLCommon.h:97