PcapPlusPlus  Next
SSLHandshake.h
Go to the documentation of this file.
1 #pragma once
2 
3 #include <utility>
4 #include "SSLCommon.h"
5 #include "PointerVector.h"
6 #include "Asn1Codec.h"
7 
10 
13 namespace pcpp
14 {
23  {
24  public:
33  SSLSymetricEncryptionAlgorithm symKeyAlg, SSLHashingAlgorithm MACAlg, const char* name)
34  : m_Id(id), m_KeyExAlg(keyExAlg), m_AuthAlg(authAlg), m_SymKeyAlg(symKeyAlg), m_MACAlg(MACAlg), m_Name(name)
35  {}
36 
38  uint16_t getID() const
39  {
40  return m_Id;
41  }
42 
44  std::string asString() const
45  {
46  return m_Name;
47  }
48 
51  {
52  return m_KeyExAlg;
53  }
54 
57  {
58  return m_AuthAlg;
59  }
60 
63  {
64  return m_SymKeyAlg;
65  }
66 
69  {
70  return m_MACAlg;
71  }
72 
76  static SSLCipherSuite* getCipherSuiteByID(uint16_t id);
77 
81  static SSLCipherSuite* getCipherSuiteByName(std::string name);
82 
83  private:
84  uint16_t m_Id;
85  SSLKeyExchangeAlgorithm m_KeyExAlg;
88  SSLHashingAlgorithm m_MACAlg;
89  std::string m_Name;
90  };
91 
97  {
98  public:
101  explicit SSLExtension(uint8_t* data);
102 
103  virtual ~SSLExtension() = default;
104 
107 
109  uint16_t getTypeAsInt() const;
110 
112  uint16_t getLength() const;
113 
115  uint16_t getTotalLength() const;
116 
118  uint8_t* getData() const;
119 
120  protected:
124  {
126  uint16_t extensionType;
130  uint8_t extensionData[];
131  };
132 
133  uint8_t* m_RawData;
134 
135  SSLExtensionStruct* getExtensionStruct() const
136  {
137  return reinterpret_cast<SSLExtensionStruct*>(m_RawData);
138  }
139  };
140 
145  {
146  public:
149  explicit SSLServerNameIndicationExtension(uint8_t* data) : SSLExtension(data)
150  {}
151 
153  std::string getHostName() const;
154  };
155 
160  {
161  public:
164  explicit SSLSupportedVersionsExtension(uint8_t* data) : SSLExtension(data)
165  {}
166 
168  std::vector<SSLVersion> getSupportedVersions() const;
169  };
170 
175  {
176  public:
179  explicit TLSSupportedGroupsExtension(uint8_t* data) : SSLExtension(data)
180  {}
181 
183  std::vector<uint16_t> getSupportedGroups() const;
184  };
185 
190  {
191  public:
194  explicit TLSECPointFormatExtension(uint8_t* data) : SSLExtension(data)
195  {}
196 
198  std::vector<uint8_t> getECPointFormatList() const;
199  };
200 
207  {
208  public:
215  SSLx509Certificate(uint8_t* data, size_t dataLen, bool allDataExists)
216  : m_Data(data), m_DataLen(dataLen), m_AllDataExists(allDataExists)
217  {}
218 
220  uint8_t* getData() const
221  {
222  return m_Data;
223  }
224 
226  size_t getDataLength() const
227  {
228  return m_DataLen;
229  }
230 
234 
238  bool allDataExists() const
239  {
240  return m_AllDataExists;
241  }
242 
243  private:
244  std::unique_ptr<Asn1Record> m_Asn1Record;
245  uint8_t* m_Data;
246  size_t m_DataLen;
247  bool m_AllDataExists;
248  };
249 
250  class SSLHandshakeLayer;
251 
259  {
260  public:
261  virtual ~SSLHandshakeMessage() = default;
262 
268  static SSLHandshakeMessage* createHandshakeMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container);
269 
272 
276  virtual size_t getMessageLength() const;
277 
282  virtual bool isMessageComplete() const;
283 
286  {
287  return m_Container;
288  }
289 
291  virtual std::string toString() const = 0;
292 
293  protected:
294  SSLHandshakeMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container);
295 
296  uint8_t* m_Data;
297  size_t m_DataLen;
298  SSLHandshakeLayer* m_Container;
299  };
300 
305  {
306  public:
314  {
316  uint16_t tlsVersion;
318  std::vector<uint16_t> cipherSuites;
320  std::vector<uint16_t> extensions;
322  std::vector<uint16_t> supportedGroups;
324  std::vector<uint8_t> ecPointFormats;
325 
335  std::string toString();
336 
338  std::string toMD5();
339 
342  std::pair<std::string, std::string> toStringAndMD5();
343  };
344 
350  SSLClientHelloMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container);
351 
352  ~SSLClientHelloMessage() override = default;
353 
357  {
358  return reinterpret_cast<ssl_tls_client_server_hello*>(m_Data);
359  }
360 
365 
367  uint8_t getSessionIDLength() const;
368 
371  uint8_t* getSessionID() const;
372 
374  int getCipherSuiteCount() const;
375 
382  SSLCipherSuite* getCipherSuite(int index) const;
383 
392  uint16_t getCipherSuiteID(int index, bool& isValid) const;
393 
395  uint8_t getCompressionMethodsValue() const;
396 
398  int getExtensionCount() const;
399 
402  uint16_t getExtensionsLength() const;
403 
409  SSLExtension* getExtension(int index) const;
410 
416  SSLExtension* getExtensionOfType(uint16_t type) const;
417 
422 
426  template <class TExtension> TExtension* getExtensionOfType() const;
427 
437 
438  // implement abstract methods
439 
440  std::string toString() const override;
441 
442  private:
443  PointerVector<SSLExtension> m_ExtensionList;
444  };
445 
450  {
451  public:
458  {
460  uint16_t tlsVersion;
462  uint16_t cipherSuite;
464  std::vector<uint16_t> extensions;
465 
471  std::string toString();
472 
474  std::string toMD5();
475 
478  std::pair<std::string, std::string> toStringAndMD5();
479  };
480 
486  SSLServerHelloMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container);
487 
488  ~SSLServerHelloMessage() override = default;
489 
493  {
494  return reinterpret_cast<ssl_tls_client_server_hello*>(m_Data);
495  }
496 
505 
507  uint8_t getSessionIDLength() const;
508 
511  uint8_t* getSessionID() const;
512 
518 
525  uint16_t getCipherSuiteID(bool& isValid) const;
526 
528  uint8_t getCompressionMethodsValue() const;
529 
531  int getExtensionCount() const;
532 
535  uint16_t getExtensionsLength() const;
536 
542  SSLExtension* getExtension(int index) const;
543 
549  SSLExtension* getExtensionOfType(uint16_t type) const;
550 
555 
559  template <class TExtension> TExtension* getExtensionOfType() const;
560 
571 
572  // implement abstract methods
573 
574  std::string toString() const override;
575 
576  private:
577  PointerVector<SSLExtension> m_ExtensionList;
578  };
579 
587  {
588  public:
594  SSLCertificateMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container);
595 
596  ~SSLCertificateMessage() override = default;
597 
603  int getNumOfCertificates() const;
604 
610 
611  // implement abstract methods
612 
613  std::string toString() const override;
614 
615  private:
616  PointerVector<SSLx509Certificate> m_CertificateList;
617  };
618 
623  {
624  public:
630  SSLHelloRequestMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container)
631  : SSLHandshakeMessage(data, dataLen, container)
632  {}
633 
634  ~SSLHelloRequestMessage() override = default;
635 
636  // implement abstract methods
637 
638  std::string toString() const override;
639  };
640 
646  {
647  public:
653  SSLServerKeyExchangeMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container)
654  : SSLHandshakeMessage(data, dataLen, container)
655  {}
656 
657  ~SSLServerKeyExchangeMessage() override = default;
658 
662  uint8_t* getServerKeyExchangeParams() const;
663 
669 
670  // implement abstract methods
671 
672  std::string toString() const override;
673  };
674 
680  {
681  public:
687  SSLClientKeyExchangeMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container)
688  : SSLHandshakeMessage(data, dataLen, container)
689  {}
690 
691  ~SSLClientKeyExchangeMessage() override = default;
692 
696  uint8_t* getClientKeyExchangeParams() const;
697 
703 
704  // implement abstract methods
705 
706  std::string toString() const override;
707  };
708 
713  {
714  public:
720  SSLCertificateRequestMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container);
721 
722  ~SSLCertificateRequestMessage() override = default;
723 
725  std::vector<SSLClientCertificateType>& getCertificateTypes();
726 
730  uint8_t* getCertificateAuthorityData() const;
731 
737 
738  // implement abstract methods
739 
740  std::string toString() const override;
741 
742  private:
743  std::vector<SSLClientCertificateType> m_ClientCertificateTypes;
744  };
745 
750  {
751  public:
757  SSLServerHelloDoneMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container)
758  : SSLHandshakeMessage(data, dataLen, container)
759  {}
760 
761  ~SSLServerHelloDoneMessage() override = default;
762 
763  // implement abstract methods
764 
765  std::string toString() const override;
766  };
767 
773  {
774  public:
780  SSLCertificateVerifyMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container)
781  : SSLHandshakeMessage(data, dataLen, container)
782  {}
783 
784  ~SSLCertificateVerifyMessage() override = default;
785 
789  uint8_t* getSignedHash() const;
790 
795  size_t getSignedHashLength() const;
796 
797  // implement abstract methods
798 
799  std::string toString() const override;
800  };
801 
807  {
808  public:
814  SSLFinishedMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container)
815  : SSLHandshakeMessage(data, dataLen, container)
816  {}
817 
818  ~SSLFinishedMessage() override = default;
819 
823  uint8_t* getSignedHash() const;
824 
829  size_t getSignedHashLength() const;
830 
831  // implement abstract methods
832 
833  std::string toString() const override;
834  };
835 
840  {
841  public:
847  SSLNewSessionTicketMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container)
848  : SSLHandshakeMessage(data, dataLen, container)
849  {}
850 
851  ~SSLNewSessionTicketMessage() override = default;
852 
856  uint8_t* getSessionTicketData() const;
857 
863 
864  // implement abstract methods
865 
866  std::string toString() const override;
867  };
868 
874  {
875  public:
881  SSLUnknownMessage(uint8_t* data, size_t dataLen, SSLHandshakeLayer* container)
882  : SSLHandshakeMessage(data, dataLen, container)
883  {}
884 
885  ~SSLUnknownMessage() override = default;
886 
887  // implement virtual and abstract methods
888 
891 
895  size_t getMessageLength() const override;
896 
897  std::string toString() const override;
898  };
899 
900  template <class TExtension> TExtension* SSLClientHelloMessage::getExtensionOfType() const
901  {
902  size_t vecSize = m_ExtensionList.size();
903  for (size_t i = 0; i < vecSize; i++)
904  {
905  SSLExtension* curElem = const_cast<SSLExtension*>(m_ExtensionList.at(i));
906  if (dynamic_cast<TExtension*>(curElem) != nullptr)
907  return static_cast<TExtension*>(curElem);
908  }
909 
910  return nullptr;
911  }
912 
913  template <class TExtension> TExtension* SSLServerHelloMessage::getExtensionOfType() const
914  {
915  size_t vecSize = m_ExtensionList.size();
916  for (size_t i = 0; i < vecSize; i++)
917  {
918  SSLExtension* curElem = const_cast<SSLExtension*>(m_ExtensionList.at(i));
919  if (dynamic_cast<TExtension*>(curElem) != nullptr)
920  return static_cast<TExtension*>(curElem);
921  }
922 
923  return nullptr;
924  }
925 } // namespace pcpp
Definition: Asn1Codec.h:319
Definition: PointerVector.h:50
Definition: SSLHandshake.h:587
std::string toString() const override
SSLCertificateMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
SSLx509Certificate * getCertificate(int index) const
Definition: SSLHandshake.h:713
size_t getCertificateAuthorityLength() const
std::vector< SSLClientCertificateType > & getCertificateTypes()
uint8_t * getCertificateAuthorityData() const
std::string toString() const override
SSLCertificateRequestMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:773
SSLCertificateVerifyMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:780
std::string toString() const override
Definition: SSLHandshake.h:23
SSLAuthenticationAlgorithm getAuthAlg() const
Definition: SSLHandshake.h:56
SSLHashingAlgorithm getMACAlg() const
Definition: SSLHandshake.h:68
uint16_t getID() const
Definition: SSLHandshake.h:38
SSLCipherSuite(uint16_t id, SSLKeyExchangeAlgorithm keyExAlg, SSLAuthenticationAlgorithm authAlg, SSLSymetricEncryptionAlgorithm symKeyAlg, SSLHashingAlgorithm MACAlg, const char *name)
Definition: SSLHandshake.h:32
SSLSymetricEncryptionAlgorithm getSymKeyAlg() const
Definition: SSLHandshake.h:62
SSLKeyExchangeAlgorithm getKeyExchangeAlg() const
Definition: SSLHandshake.h:50
static SSLCipherSuite * getCipherSuiteByName(std::string name)
std::string asString() const
Definition: SSLHandshake.h:44
static SSLCipherSuite * getCipherSuiteByID(uint16_t id)
Definition: SSLHandshake.h:305
uint16_t getCipherSuiteID(int index, bool &isValid) const
uint16_t getExtensionsLength() const
SSLExtension * getExtensionOfType(uint16_t type) const
SSLExtension * getExtensionOfType(SSLExtensionType type) const
SSLClientHelloMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
std::string toString() const override
TExtension * getExtensionOfType() const
Definition: SSLHandshake.h:900
uint8_t getSessionIDLength() const
SSLCipherSuite * getCipherSuite(int index) const
ssl_tls_client_server_hello * getClientHelloHeader() const
Definition: SSLHandshake.h:356
uint8_t * getSessionID() const
uint8_t getCompressionMethodsValue() const
SSLExtension * getExtension(int index) const
ClientHelloTLSFingerprint generateTLSFingerprint() const
SSLVersion getHandshakeVersion() const
Definition: SSLHandshake.h:680
SSLClientKeyExchangeMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:687
std::string toString() const override
uint8_t * getClientKeyExchangeParams() const
size_t getClientKeyExchangeParamsLength() const
Definition: SSLHandshake.h:97
uint16_t getLength() const
SSLExtension(uint8_t *data)
uint16_t getTotalLength() const
uint16_t getTypeAsInt() const
SSLExtensionType getType() const
uint8_t * getData() const
Definition: SSLHandshake.h:807
uint8_t * getSignedHash() const
std::string toString() const override
SSLFinishedMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:814
size_t getSignedHashLength() const
Definition: SSLLayer.h:303
Definition: SSLHandshake.h:259
static SSLHandshakeMessage * createHandshakeMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
virtual size_t getMessageLength() const
virtual SSLHandshakeType getHandshakeType() const
virtual std::string toString() const =0
SSLHandshakeLayer * getContainingLayer() const
Definition: SSLHandshake.h:285
virtual bool isMessageComplete() const
Definition: SSLHandshake.h:623
SSLHelloRequestMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:630
std::string toString() const override
Definition: SSLHandshake.h:840
size_t getSessionTicketDataLength() const
SSLNewSessionTicketMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:847
std::string toString() const override
uint8_t * getSessionTicketData() const
Definition: SSLHandshake.h:750
std::string toString() const override
SSLServerHelloDoneMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:757
Definition: SSLHandshake.h:450
uint8_t getSessionIDLength() const
SSLExtension * getExtensionOfType(uint16_t type) const
uint16_t getExtensionsLength() const
SSLServerHelloMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
SSLExtension * getExtensionOfType(SSLExtensionType type) const
std::string toString() const override
ssl_tls_client_server_hello * getServerHelloHeader() const
Definition: SSLHandshake.h:492
SSLVersion getHandshakeVersion() const
uint16_t getCipherSuiteID(bool &isValid) const
uint8_t getCompressionMethodsValue() const
SSLExtension * getExtension(int index) const
SSLCipherSuite * getCipherSuite() const
TExtension * getExtensionOfType() const
Definition: SSLHandshake.h:913
ServerHelloTLSFingerprint generateTLSFingerprint() const
uint8_t * getSessionID() const
Definition: SSLHandshake.h:646
SSLServerKeyExchangeMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:653
std::string toString() const override
uint8_t * getServerKeyExchangeParams() const
size_t getServerKeyExchangeParamsLength() const
Definition: SSLHandshake.h:145
SSLServerNameIndicationExtension(uint8_t *data)
Definition: SSLHandshake.h:149
Definition: SSLHandshake.h:160
std::vector< SSLVersion > getSupportedVersions() const
SSLSupportedVersionsExtension(uint8_t *data)
Definition: SSLHandshake.h:164
Definition: SSLHandshake.h:874
SSLHandshakeType getHandshakeType() const override
std::string toString() const override
SSLUnknownMessage(uint8_t *data, size_t dataLen, SSLHandshakeLayer *container)
Definition: SSLHandshake.h:881
size_t getMessageLength() const override
Definition: SSLCommon.h:98
Definition: SSLHandshake.h:207
SSLx509Certificate(uint8_t *data, size_t dataLen, bool allDataExists)
Definition: SSLHandshake.h:215
Asn1SequenceRecord * getRootAsn1Record()
size_t getDataLength() const
Definition: SSLHandshake.h:226
bool allDataExists() const
Definition: SSLHandshake.h:238
uint8_t * getData() const
Definition: SSLHandshake.h:220
Definition: SSLHandshake.h:190
TLSECPointFormatExtension(uint8_t *data)
Definition: SSLHandshake.h:194
std::vector< uint8_t > getECPointFormatList() const
Definition: SSLHandshake.h:175
std::vector< uint16_t > getSupportedGroups() const
TLSSupportedGroupsExtension(uint8_t *data)
Definition: SSLHandshake.h:179
The main namespace for the PcapPlusPlus lib.
SSLKeyExchangeAlgorithm
SSL/TLS key exchange algorithms.
Definition: SSLCommon.h:291
SSLExtensionType
SSL/TLS extension types.
Definition: SSLCommon.h:459
SSLSymetricEncryptionAlgorithm
SSL/TLS symmetric encryption algorithms.
Definition: SSLCommon.h:353
SSLAuthenticationAlgorithm
SSL/TLS authentication algorithms.
Definition: SSLCommon.h:322
SSLHandshakeType
SSL/TLS handshake message types.
Definition: SSLCommon.h:188
SSLHashingAlgorithm
SSL/TLS hashing algorithms.
Definition: SSLCommon.h:434
std::vector< uint8_t > ecPointFormats
A list of EC point formats taken from the "EC point formats" TLS extension (if exist in the message)
Definition: SSLHandshake.h:324
std::pair< std::string, std::string > toStringAndMD5()
std::vector< uint16_t > extensions
A list of extension IDs.
Definition: SSLHandshake.h:320
std::vector< uint16_t > cipherSuites
A list of Cipher Suite IDs.
Definition: SSLHandshake.h:318
std::vector< uint16_t > supportedGroups
A list of Suppotred Groups taken from the "supported groups" TLS extension (if exist in the message)
Definition: SSLHandshake.h:322
uint16_t tlsVersion
TLS version.
Definition: SSLHandshake.h:316
Definition: SSLHandshake.h:124
uint8_t extensionData[]
Extension data as raw (byte array)
Definition: SSLHandshake.h:130
uint16_t extensionType
Extension type.
Definition: SSLHandshake.h:126
uint16_t extensionDataLength
Extension length.
Definition: SSLHandshake.h:128
uint16_t tlsVersion
TLS version.
Definition: SSLHandshake.h:460
uint16_t cipherSuite
Cipher Suite ID.
Definition: SSLHandshake.h:462
std::vector< uint16_t > extensions
A list of extension IDs.
Definition: SSLHandshake.h:464
std::pair< std::string, std::string > toStringAndMD5()
Definition: SSLCommon.h:47