|
static bool | isSSLPort (uint16_t port) |
|
static bool | IsSSLMessage (uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen, bool ignorePorts=false) |
|
static SSLLayer * | createSSLMessage (uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet) |
|
template<typename T , typename... Args> |
Layer * | constructNextLayer (uint8_t *data, size_t dataLen, Packet *packet, Args &&... extraArgs) |
|
template<typename T , typename TFallback , typename... Args> |
Layer * | tryConstructNextLayerWithFallback (uint8_t *data, size_t dataLen, Packet *packet, Args &&... extraArgs) |
|
template<typename T > |
static bool | canReinterpretAs (const uint8_t *data, size_t dataLen) |
| Check if the data is large enough to reinterpret as a type. More...
|
|
Represents SSL/TLS handshake layer. This layer may contain one or more handshake messages (all of them inherit from the base class SSLHandshakeMessage) which are the SSL/TLS handshake message sent between a client and a server until they establish a secure connection (e.g client-hello, server-hello, certificate, client-key-exchange, server-key-exchange, etc.). Usually this layer will contain just one message (as the first example below demonstrates). But there are cases a layer may contain more than 1 message. To better explain this layer structure. We'll use 2 examples. The first will be client-hello message. The layer structure will look like this:
|----------------------------- SSLHandshakeLayer ----------------------------------------|
+--------------------------------+-------------------------------------------------------+
| ssl_tls_record_layer | SSLClientHelloMessage |
| struct | |
+--------------------------------+-------------------------------------------------------+
| / | \ | \ \ \ |
| / version \ | handshake \ \ \ |
| / TLS1_0 \ type \ \ rest of |
| type \ | SSL_CLIENT_HELLO \ \ message fields... |
| SSL_HANDSHAKE length handshake \ |
| (22) xxx | version message |
| TLS1_2 length |
| | yyy |
Second example is a multiple-message handshake layer comprises of server-hello, certificate and server-key-exchange messages:
|------------------------------------------------------- SSLHandshakeLayer ------------------------------------------------------|
+--------------------------------+-------------------------------------+---------------------------+-----------------------------+
| ssl_tls_record_layer | SSLServerHelloMessage | SSLCertificateMessage | SSLServerKeyExchangeMessage |
| struct | | | |
+--------------------------------+-------------------------------------+---------------------------+-----------------------------+
| / | \ | \ \ | \ | \ |
| / version \ | handshake \ rest of | | rest | | rest |
| / TLS1_0 \ type \ message handshake of fields... handshake of fields... |
| type \ | SSL_SERVER_HELLO \ fields...| type | type |
| SSL_HANDSHAKE length handshake SSL_CERTIFICATE SSL_SERVER_KEY_EXCHANGE |
| (22) xxx | version,length | | |