pcpp::SSLLayer Class Reference

#include <SSLLayer.h>

Inheritance diagram for pcpp::SSLLayer:
pcpp::Layer pcpp::IDataContainer pcpp::SSLAlertLayer pcpp::SSLApplicationDataLayer pcpp::SSLChangeCipherSpecLayer pcpp::SSLHandshakeLayer

Public Member Functions

ssl_tls_record_layergetRecordLayer ()
SSLVersion getRecordVersion ()
SSLRecordType getRecordType ()
size_t getHeaderLen ()
void parseNextLayer ()
OsiModelLayer getOsiModelLayer ()
- Public Member Functions inherited from pcpp::Layer
virtual ~Layer ()
LayergetNextLayer ()
LayergetPrevLayer ()
ProtocolType getProtocol ()
uint8_t * getData ()
size_t getDataLen ()
uint8_t * getLayerPayload ()
size_t getLayerPayloadSize ()
bool isAllocatedToPacket ()
void copyData (uint8_t *toArr)
uint8_t * getDataPtr (size_t offset=0)
virtual void computeCalculateFields ()=0
virtual std::string toString ()=0

Static Public Member Functions

static bool IsSSLMessage (uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen)
static SSLLayercreateSSLMessage (uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
static std::string sslVersionToString (SSLVersion ver)
static const std::map< uint16_t, bool > * getSSLPortMap ()

Detailed Description

The base class for the 4 record type classes. Each record type is represented as a layer. See SSLLayer.h for detailed explanation of the TLS/SSL protocol support in PcapPlusPlus. This class provides the common functionality used by all record types and also contains static methods for identifying an creating SSL/TLS record type layers

Member Function Documentation

◆ createSSLMessage()

static SSLLayer* pcpp::SSLLayer::createSSLMessage ( uint8_t *  data,
size_t  dataLen,
Layer prevLayer,
Packet packet 

A static method that creates SSL/TLS layers by raw data. This method parses the raw data, finds if and which SSL/TLS record it is and creates the corresponding record layer. It's the responsibility of the user to free the created object when done using it

[in]dataA pointer to the raw data
[in]dataLenSize of the data in bytes
[in]prevLayerA pointer to the previous layer
[in]packetA pointer to the Packet instance where layer will be stored in
A pointer to the newly created record layer. If no SSL/TLS record could be identified from the raw data NULL is returned

◆ getHeaderLen()

size_t pcpp::SSLLayer::getHeaderLen ( )
The record size as extracted from the record data (in ssl_tls_record_layer::length)

Implements pcpp::Layer.

◆ getOsiModelLayer()

OsiModelLayer pcpp::SSLLayer::getOsiModelLayer ( )
The OSI Model layer this protocol belongs to

Implements pcpp::Layer.

◆ getRecordLayer()

ssl_tls_record_layer* pcpp::SSLLayer::getRecordLayer ( )

Get a pointer to the record header. Notice this points directly to the data, so every change will change the actual packet data

A pointer to the ssl_tls_record_layer

◆ getRecordType()

SSLRecordType pcpp::SSLLayer::getRecordType ( )
The SSL/TLS record type as parsed from the record

◆ getRecordVersion()

SSLVersion pcpp::SSLLayer::getRecordVersion ( )
The SSL/TLS version used in this record (parsed from the record)

◆ getSSLPortMap()

static const std::map<uint16_t, bool>* pcpp::SSLLayer::getSSLPortMap ( )
A pointer to a map containing all TCP ports recognize as SSL/TLS

◆ IsSSLMessage()

static bool pcpp::SSLLayer::IsSSLMessage ( uint16_t  srcPort,
uint16_t  dstPort,
uint8_t *  data,
size_t  dataLen 

A static methods that gets raw data of a layer and checks whether this data is a SSL/TLS record or not. This check is done using the source/dest port and matching of a legal record type in the raw data. The list of ports identified as SSL/TLS is hard-coded and includes the following ports:

  • Port 443 [HTTPS]
  • Port 465 [LDAPS]
  • Port 636 [FTPS]
  • Port 989 [FTPS - data]
  • Port 990 [FTPS - control]
  • Port 992 [Telnet over TLS/SSL[
  • Port 993 [IMAPS]
  • Port 995 [POP3S]
    [in]srcPortThe source port of the packet that contains the raw data. Source port (or dest port) are a criteria to identify SSL/TLS packets
    [in]dstPortThe dest port of the packet that contains the raw data. Dest port (or source port) are a criteria to identify SSL/TLS packets
    [in]dataThe data to check
    [in]dataLenLength (in bytes) of the data

◆ parseNextLayer()

void pcpp::SSLLayer::parseNextLayer ( )

Several SSL/TLS records can reside in a single packets. So this method checks the remaining data and if it's identified as SSL/TLS it creates another SSL/TLS record layer as the next layer

Implements pcpp::Layer.

◆ sslVersionToString()

static std::string pcpp::SSLLayer::sslVersionToString ( SSLVersion  ver)

A static method that converts SSLVersion enum value to string

[in]verThe enum value
The string representation of the enum value