api-docs/next/_s_s_l_layer_8h_source.html

 #pragma once


 #include "PointerVector.h"

 #include "Layer.h"

 #include "SSLCommon.h"

 #include "SSLHandshake.h"


 #ifdef __GNUC__

 #   pragma GCC diagnostic push

 #   pragma GCC diagnostic ignored "-Wcomment"

 #endif

 #ifdef __GNUC__

 #   pragma GCC diagnostic pop

 #endif


 namespace pcpp

 {


     class SSLLayer : public Layer

     {

     public:

         static inline bool isSSLPort(uint16_t port);


         static bool IsSSLMessage(uint16_t srcPort, uint16_t dstPort, uint8_t* data, size_t dataLen,

                                  bool ignorePorts = false);


         static SSLLayer* createSSLMessage(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet);


         ssl_tls_record_layer* getRecordLayer() const

         {

             return reinterpret_cast<ssl_tls_record_layer*>(m_Data);

         }


         SSLVersion getRecordVersion() const;


         SSLRecordType getRecordType() const;


         // implement abstract methods


         size_t getHeaderLen() const override;


         void parseNextLayer() override;


         OsiModelLayer getOsiModelLayer() const override

         {

             return OsiModelPresentationLayer;

         }


     protected:

         SSLLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)

             : Layer(data, dataLen, prevLayer, packet, SSL)

         {}


     };  // class SSLLayer


     // The graph below will break the code formatting, so it's disabled.

     // clang-format off

     // clang-format on

     class SSLHandshakeLayer : public SSLLayer

     {

     public:

         SSLHandshakeLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet);


         size_t getHandshakeMessagesCount() const

         {

             return m_MessageList.size();

         }


         SSLHandshakeMessage* getHandshakeMessageAt(int index) const;


         template <class THandshakeMessage> THandshakeMessage* getHandshakeMessageOfType() const;


         template <class THandshakeMessage>

         THandshakeMessage* getNextHandshakeMessageOfType(const SSLHandshakeMessage* after) const;


         // implement abstract methods


         std::string toString() const override;


         void computeCalculateFields() override

         {}


     private:

         PointerVector<SSLHandshakeMessage> m_MessageList;

     };  // class SSLHandshakeLayer


     class SSLChangeCipherSpecLayer : public SSLLayer

     {

     public:

         SSLChangeCipherSpecLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)

             : SSLLayer(data, dataLen, prevLayer, packet)

         {}


         ~SSLChangeCipherSpecLayer() override = default;


         // implement abstract methods


         std::string toString() const override;


         void computeCalculateFields() override

         {}

     };  // class SSLChangeCipherSpecLayer


     class SSLAlertLayer : public SSLLayer

     {

     public:

         SSLAlertLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)

             : SSLLayer(data, dataLen, prevLayer, packet)

         {}


         ~SSLAlertLayer() override = default;


         SSLAlertLevel getAlertLevel() const;


         SSLAlertDescription getAlertDescription();


         // implement abstract methods


         std::string toString() const override;


         void computeCalculateFields() override

         {}

     };  // class SSLAlertLayer


     class SSLApplicationDataLayer : public SSLLayer

     {

     public:

         SSLApplicationDataLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)

             : SSLLayer(data, dataLen, prevLayer, packet)

         {}


         ~SSLApplicationDataLayer() override = default;


         uint8_t* getEncryptedData() const;


         size_t getEncryptedDataLen() const;


         // implement abstract methods


         std::string toString() const override;


         void computeCalculateFields() override

         {}

     };  // class SSLApplicationDataLayer


     template <class THandshakeMessage> THandshakeMessage* SSLHandshakeLayer::getHandshakeMessageOfType() const

     {

         size_t vecSize = m_MessageList.size();

         for (size_t i = 0; i < vecSize; i++)

         {

             SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(i));

             if (dynamic_cast<THandshakeMessage*>(curElem) != nullptr)

                 return (THandshakeMessage*)curElem;

         }


         // element not found

         return nullptr;

     }  // getHandshakeMessageOfType


     template <class THandshakeMessage>

     THandshakeMessage* SSLHandshakeLayer::getNextHandshakeMessageOfType(const SSLHandshakeMessage* after) const

     {

         size_t vecSize = m_MessageList.size();

         size_t afterIndex;


         // find the index of "after"

         for (afterIndex = 0; afterIndex < vecSize; afterIndex++)

         {

             SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(afterIndex));

             if (curElem == after)

                 break;

         }


         // "after" not found

         if (afterIndex == vecSize)

             return nullptr;


         for (size_t i = afterIndex + 1; i < vecSize; i++)

         {

             SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(i));

             if (dynamic_cast<THandshakeMessage*>(curElem) != nullptr)

                 return (THandshakeMessage*)curElem;

         }


         // element not found

         return nullptr;

     }  // getNextHandshakeMessageOfType


     // implementation of inline methods


     bool SSLLayer::isSSLPort(uint16_t port)

     {

         if (port == 443)  // HTTPS, this is likely case

             return true;


         switch (port)

         {

         case 261:  // NSIIOPS

         case 448:  // DDM-SSL

         case 465:  // SMTPS

         case 563:  // NNTPS

         case 614:  // SSHELL

         case 636:  // LDAPS

         case 989:  // FTPS - data

         case 990:  // FTPS - control

         case 992:  // Telnet over TLS/SSL

         case 993:  // IMAPS

         case 994:  // IRCS

         case 995:  // POP3S

             return true;

         default:

             return false;

         }

     }  // isSSLPort

 }  // namespace pcpp

Layer.h

PointerVector.h

SSLCommon.h

SSLHandshake.h

pcpp::Layer
Definition: Layer.h:62

pcpp::Packet
Definition: Packet.h:22

pcpp::PointerVector
Definition: PointerVector.h:50

pcpp::SSLAlertLayer
Definition: SSLLayer.h:382

pcpp::SSLAlertLayer::computeCalculateFields
void computeCalculateFields() override
There are no calculated fields for this layer.
Definition: SSLLayer.h:406

pcpp::SSLAlertLayer::getAlertLevel
SSLAlertLevel getAlertLevel() const

pcpp::SSLAlertLayer::toString
std::string toString() const override

pcpp::SSLAlertLayer::getAlertDescription
SSLAlertDescription getAlertDescription()

pcpp::SSLAlertLayer::SSLAlertLayer
SSLAlertLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:389

pcpp::SSLApplicationDataLayer
Definition: SSLLayer.h:414

pcpp::SSLApplicationDataLayer::getEncryptedData
uint8_t * getEncryptedData() const

pcpp::SSLApplicationDataLayer::toString
std::string toString() const override

pcpp::SSLApplicationDataLayer::computeCalculateFields
void computeCalculateFields() override
There are no calculated fields for this layer.
Definition: SSLLayer.h:439

pcpp::SSLApplicationDataLayer::getEncryptedDataLen
size_t getEncryptedDataLen() const

pcpp::SSLApplicationDataLayer::SSLApplicationDataLayer
SSLApplicationDataLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:421

pcpp::SSLChangeCipherSpecLayer
Definition: SSLLayer.h:356

pcpp::SSLChangeCipherSpecLayer::SSLChangeCipherSpecLayer
SSLChangeCipherSpecLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
Definition: SSLLayer.h:363

pcpp::SSLChangeCipherSpecLayer::toString
std::string toString() const override

pcpp::SSLChangeCipherSpecLayer::computeCalculateFields
void computeCalculateFields() override
There are no calculated fields for this layer.
Definition: SSLLayer.h:374

pcpp::SSLHandshakeLayer
Definition: SSLLayer.h:303

pcpp::SSLHandshakeLayer::SSLHandshakeLayer
SSLHandshakeLayer(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)

pcpp::SSLHandshakeLayer::toString
std::string toString() const override

pcpp::SSLHandshakeLayer::getHandshakeMessagesCount
size_t getHandshakeMessagesCount() const
Definition: SSLLayer.h:313

pcpp::SSLHandshakeLayer::getHandshakeMessageOfType
THandshakeMessage * getHandshakeMessageOfType() const
Definition: SSLLayer.h:443

pcpp::SSLHandshakeLayer::computeCalculateFields
void computeCalculateFields() override
There are no calculated fields for this layer.
Definition: SSLLayer.h:345

pcpp::SSLHandshakeLayer::getNextHandshakeMessageOfType
THandshakeMessage * getNextHandshakeMessageOfType(const SSLHandshakeMessage *after) const
Definition: SSLLayer.h:458

pcpp::SSLHandshakeLayer::getHandshakeMessageAt
SSLHandshakeMessage * getHandshakeMessageAt(int index) const

pcpp::SSLHandshakeMessage
Definition: SSLHandshake.h:259

pcpp::SSLLayer
Definition: SSLLayer.h:178

pcpp::SSLLayer::getRecordVersion
SSLVersion getRecordVersion() const

pcpp::SSLLayer::getHeaderLen
size_t getHeaderLen() const override

pcpp::SSLLayer::parseNextLayer
void parseNextLayer() override

pcpp::SSLLayer::getOsiModelLayer
OsiModelLayer getOsiModelLayer() const override
Definition: SSLLayer.h:246

pcpp::SSLLayer::isSSLPort
static bool isSSLPort(uint16_t port)
Definition: SSLLayer.h:488

pcpp::SSLLayer::IsSSLMessage
static bool IsSSLMessage(uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen, bool ignorePorts=false)

pcpp::SSLLayer::createSSLMessage
static SSLLayer * createSSLMessage(uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)

pcpp::SSLLayer::getRecordLayer
ssl_tls_record_layer * getRecordLayer() const
Definition: SSLLayer.h:226

pcpp::SSLLayer::getRecordType
SSLRecordType getRecordType() const

pcpp::SSLVersion
Definition: SSLCommon.h:98

pcpp
The main namespace for the PcapPlusPlus lib.

pcpp::SSLAlertDescription
SSLAlertDescription
SSL/TLS alert description types.
Definition: SSLCommon.h:234

pcpp::OsiModelLayer
OsiModelLayer
An enum representing OSI model layers.
Definition: ProtocolType.h:225

pcpp::OsiModelPresentationLayer
@ OsiModelPresentationLayer
Presentation layer (layer 6)
Definition: ProtocolType.h:237

pcpp::SSL
const ProtocolType SSL
SSL/TLS protocol.
Definition: ProtocolType.h:86

pcpp::SSLRecordType
SSLRecordType
SSL/TLS message types.
Definition: SSLCommon.h:82

pcpp::SSLAlertLevel
SSLAlertLevel
SSL/TLS alert levels.
Definition: SSLCommon.h:223

pcpp::ssl_tls_record_layer
Definition: SSLCommon.h:17