#include <SSLLayer.h>

Inheritance diagram for pcpp::SSLHandshakeLayer:

Public Member Functions
	SSLHandshakeLayer (uint8_t data, size_t dataLen, Layer prevLayer, Packet *packet)

size_t	getHandshakeMessagesCount () const

SSLHandshakeMessage *	getHandshakeMessageAt (int index) const

template<class THandshakeMessage >
THandshakeMessage *	getHandshakeMessageOfType () const

template<class THandshakeMessage >
THandshakeMessage *	getNextHandshakeMessageOfType (const SSLHandshakeMessage *after) const

std::string	toString () const override

void	computeCalculateFields () override
	There are no calculated fields for this layer.

Public Member Functions inherited from pcpp::SSLLayer
ssl_tls_record_layer *	getRecordLayer () const

SSLVersion	getRecordVersion () const

SSLRecordType	getRecordType () const

size_t	getHeaderLen () const override

void	parseNextLayer () override

OsiModelLayer	getOsiModelLayer () const override

Public Member Functions inherited from pcpp::Layer
	~Layer () override

Layer *	getNextLayer () const

Layer *	getPrevLayer () const

ProtocolType	getProtocol () const

bool	isMemberOfProtocolFamily (ProtocolTypeFamily protocolTypeFamily) const

uint8_t *	getData () const

size_t	getDataLen () const

uint8_t *	getLayerPayload () const

size_t	getLayerPayloadSize () const

bool	isAllocatedToPacket () const

void	copyData (uint8_t *toArr) const

uint8_t *	getDataPtr (size_t offset=0) const override

Additional Inherited Members
Static Public Member Functions inherited from pcpp::SSLLayer
static bool	isSSLPort (uint16_t port)

static bool	IsSSLMessage (uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen, bool ignorePorts=false)

static SSLLayer *	createSSLMessage (uint8_t data, size_t dataLen, Layer prevLayer, Packet *packet)

Detailed Description

Represents SSL/TLS handshake layer. This layer may contain one or more handshake messages (all of them inherit from the base class SSLHandshakeMessage) which are the SSL/TLS handshake message sent between a client and a server until they establish a secure connection (e.g client-hello, server-hello, certificate, client-key-exchange, server-key-exchange, etc.). Usually this layer will contain just one message (as the first example below demonstrates). But there are cases a layer may contain more than 1 message. To better explain this layer structure. We'll use 2 examples. The first will be client-hello message. The layer structure will look like this:

|----------------------------- SSLHandshakeLayer ----------------------------------------|
+--------------------------------+-------------------------------------------------------+
|      ssl_tls_record_layer      |       SSLClientHelloMessage                           |
|             struct             |                                                       |
+--------------------------------+-------------------------------------------------------+
|          /     |       \               |          \         \      \                   |
|         /    version    \      |   handshake       \         \      \                  |
|        /     TLS1_0      \            type          \         \     rest of            |
|     type                  \    | SSL_CLIENT_HELLO    \         \    message fields...  |
| SSL_HANDSHAKE           length                   handshake      \                      |
|     (22)                 xxx   |                  version      message                 |
|                                                   TLS1_2      length                   |
|                                |                                yyy                    |

Second example is a multiple-message handshake layer comprises of server-hello, certificate and server-key-exchange messages:

|------------------------------------------------------- SSLHandshakeLayer ------------------------------------------------------|
+--------------------------------+-------------------------------------+---------------------------+-----------------------------+
|      ssl_tls_record_layer      |       SSLServerHelloMessage         |   SSLCertificateMessage   | SSLServerKeyExchangeMessage |
|             struct             |                                     |                           |                             |
+--------------------------------+-------------------------------------+---------------------------+-----------------------------+
|          /     |       \               |          \         \               |           \               |            \         |
|         /    version    \      |   handshake       \        rest of  |      |          rest      |      |            rest      |
|        /     TLS1_0      \            type          \       message      handshake   of fields...   handshake    of fields...  |
|     type                  \    | SSL_SERVER_HELLO    \      fields...|     type                  |     type                    |
| SSL_HANDSHAKE           length                   handshake             SSL_CERTIFICATE             SSL_SERVER_KEY_EXCHANGE     |
|     (22)                 xxx   |               version,length        |                           |                             |

Constructor & Destructor Documentation

◆ SSLHandshakeLayer()

pcpp::SSLHandshakeLayer::SSLHandshakeLayer	(	uint8_t *	data,
		size_t	dataLen,
		Layer *	prevLayer,
		Packet *	packet
	)

C'tor for this class that creates the layer from an existing packet raw data

Parameters

[in]	data	A pointer to the raw data
[in]	dataLen	Size of the data in bytes
[in]	prevLayer	A pointer to the previous layer
[in]	packet	A pointer to the Packet instance where layer will be stored in

Member Function Documentation

◆ getHandshakeMessageAt()

SSLHandshakeMessage* pcpp::SSLHandshakeLayer::getHandshakeMessageAt ( int index ) const

Get a pointer to an handshake message by index. The message are numbered according to their order of appearance in the layer. If index is out of bounds (less than 0 or larger than total amount of message) nullptr will be returned

Parameters

[in] index The index of the message to return

Returns: The pointer to the message object or nullptr if index is out of bounds

◆ getHandshakeMessageOfType()

template<class THandshakeMessage >

THandshakeMessage * pcpp::SSLHandshakeLayer::getHandshakeMessageOfType

A templated method to get a message of a certain type. If no message of such type is found, nullptr is returned

Returns: A pointer to the message of the requested type, nullptr if not found

◆ getHandshakeMessagesCount()

size_t pcpp::SSLHandshakeLayer::getHandshakeMessagesCount ( ) const

inline

Returns: The number of messages in this layer instance

◆ getNextHandshakeMessageOfType()

template<class THandshakeMessage >

THandshakeMessage * pcpp::SSLHandshakeLayer::getNextHandshakeMessageOfType ( const SSLHandshakeMessage * after ) const

A templated method to get the first message of a certain type, starting to search from a certain message. For example: if the layer looks like: HelloRequest(1) -> HelloRequest(2) and the user put HelloRequest(1) as a parameter and wishes to search for an HelloRequest message, the HelloRequest(2) will be returned.
If no layer of such type is found, nullptr is returned

Parameters

[in] after A pointer to the message to start search from

Returns: A pointer to the message of the requested type, nullptr if not found

◆ toString()

std::string pcpp::SSLHandshakeLayer::toString ( ) const

overridevirtual

Returns: A string representation of the layer most important data (should look like the layer description in Wireshark)

Implements pcpp::Layer.

Public Member Functions

Additional Inherited Members

Detailed Description

Constructor & Destructor Documentation

◆ SSLHandshakeLayer()

Member Function Documentation

◆ getHandshakeMessageAt()

◆ getHandshakeMessageOfType()

◆ getHandshakeMessagesCount()

◆ getNextHandshakeMessageOfType()

◆ toString()