#include <SSLLayer.h>

Inheritance diagram for pcpp::SSLHandshakeLayer:

Public Member Functions
	SSLHandshakeLayer (uint8_t data, size_t dataLen, Layer prevLayer, Packet *packet)

size_t	getHandshakeMessagesCount ()

SSLHandshakeMessage *	getHandshakeMessageAt (int index)

template<class THandshakeMessage >
THandshakeMessage *	getHandshakeMessageOfType ()

template<class THandshakeMessage >
THandshakeMessage *	getNextHandshakeMessageOfType (SSLHandshakeMessage *after)

std::string	toString ()

void	computeCalculateFields ()

Public Member Functions inherited from pcpp::SSLLayer
ssl_tls_record_layer *	getRecordLayer ()

SSLVersion	getRecordVersion ()

SSLRecordType	getRecordType ()

size_t	getHeaderLen ()

void	parseNextLayer ()

OsiModelLayer	getOsiModelLayer ()

Public Member Functions inherited from pcpp::Layer
virtual	~Layer ()

Layer *	getNextLayer ()

Layer *	getPrevLayer ()

ProtocolType	getProtocol ()

uint8_t *	getData ()

size_t	getDataLen ()

uint8_t *	getLayerPayload ()

size_t	getLayerPayloadSize ()

bool	isAllocatedToPacket ()

void	copyData (uint8_t *toArr)

uint8_t *	getDataPtr (size_t offset=0)

Additional Inherited Members
Static Public Member Functions inherited from pcpp::SSLLayer
static bool	IsSSLMessage (uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen)

static SSLLayer *	createSSLMessage (uint8_t data, size_t dataLen, Layer prevLayer, Packet *packet)

static std::string	sslVersionToString (SSLVersion ver)

static const std::map< uint16_t, bool > *	getSSLPortMap ()

Detailed Description

Represents SSL/TLS handshake layer. This layer may contain one or more handshake messages (all of them inherit from the base class SSLHandshakeMessage) which are the SSL/TLS handshake message sent between a client and a server until they establish a secure connection (e.g client-hello, server-hello, certificate, client-key-exchange, server-key-exchange, etc.). Usually this layer will contain just one message (as the first example below demonstrates). But there are cases a layer may contain more than 1 message. To better explain this layer structure we'll use 2 examples. The first will be client-hello message. The layer structure will look like this:

      |------------------- SSLHandshakeLayer ----------------------|
      +----------------------+-------------------------------------+
      | ssl_tls_record_layer |       SSLClientHelloMessage         |
      |        struct        |                                     |
      +----------------------+-------------------------------------+
       /     |       \               |          \         \      \
      /    version    \      |   handshake       \         \      \
     /     TLS1_0      \            type          \         \     rest of
    type                  \    | SSL_CLIENT_HELLO    \         \    message fields...
SSL_HANDSHAKE           length                   handshake      \
    (22)                 xxx   |                  version      message
                                                 TLS1_2      length
                             |                                yyy

Second example is a multiple-message handshake layer comprises of server-hello, certificate and server-key-exchange messages:

      |---------------------------------------------- SSLHandshakeLayer -----------------------------------------------------|
      +----------------------+-------------------------------------+---------------------------+-----------------------------+
      | ssl_tls_record_layer |       SSLServerHelloMessage         |   SSLCertificateMessage   | SSLServerKeyExchangeMessage |
      |        struct        |                                     |                           |                             |
      +----------------------+-------------------------------------+---------------------------+-----------------------------+
       /     |       \               |          \         \               |           \               |            \
      /    version    \      |   handshake       \        rest of  |      |          rest      |      |            rest
     /     TLS1_0      \            type          \       message      handshake   of fields...   handshake    of fields...
    type                  \    | SSL_SERVER_HELLO    \      fields...|     type                  |     type
SSL_HANDSHAKE           length                   handshake             SSL_CERTIFICATE             SSL_SERVER_KEY_EXCHANGE
    (22)                 xxx   |               version,length        |                           |

                             |                                     |                           |

Constructor & Destructor Documentation

◆ SSLHandshakeLayer()

pcpp::SSLHandshakeLayer::SSLHandshakeLayer	(	uint8_t *	data,
		size_t	dataLen,
		Layer *	prevLayer,
		Packet *	packet
	)

C'tor for this class that creates the layer from an existing packet raw data

Parameters

[in]	data	A pointer to the raw data
[in]	dataLen	Size of the data in bytes
[in]	prevLayer	A pointer to the previous layer
[in]	packet	A pointer to the Packet instance where layer will be stored in

Member Function Documentation

◆ computeCalculateFields()

void pcpp::SSLHandshakeLayer::computeCalculateFields ( )

inlinevirtual

There are no calculated fields for this layer

Implements pcpp::Layer.

◆ getHandshakeMessageAt()

SSLHandshakeMessage* pcpp::SSLHandshakeLayer::getHandshakeMessageAt ( int index )

Get a pointer to an handshake message by index. The message are numbered according to their order of appearance in the layer. If index is out of bounds (less than 0 or larger than total amount of message) NULL will be returned

Parameters

[in] index The index of the message to return

Returns: The pointer to the message object or NULL if index is out of bounds

◆ getHandshakeMessageOfType()

template<class THandshakeMessage >

THandshakeMessage * pcpp::SSLHandshakeLayer::getHandshakeMessageOfType ( )

A templated method to get a message of a certain type. If no message of such type is found, NULL is returned

Returns: A pointer to the message of the requested type, NULL if not found

◆ getHandshakeMessagesCount()

size_t pcpp::SSLHandshakeLayer::getHandshakeMessagesCount ( )

Returns: The number of messages in this layer instance

◆ getNextHandshakeMessageOfType()

template<class THandshakeMessage >

THandshakeMessage * pcpp::SSLHandshakeLayer::getNextHandshakeMessageOfType ( SSLHandshakeMessage * after )

A templated method to get the first message of a certain type, starting to search from a certain message. For example: if the layer looks like: HelloRequest(1) -> HelloRequest(2) and the user put HelloRequest(1) as a parameter and wishes to search for an HelloRequest message, the HelloRequest(2) will be returned.
If no layer of such type is found, NULL is returned

Parameters

[in] after A pointer to the message to start search from

Returns: A pointer to the message of the requested type, NULL if not found

◆ toString()

std::string pcpp::SSLHandshakeLayer::toString ( )

virtual

Returns: A string representation of the layer most important data (should look like the layer description in Wireshark)

Implements pcpp::Layer.

Public Member Functions

Additional Inherited Members

Detailed Description

Constructor & Destructor Documentation

◆ SSLHandshakeLayer()

Member Function Documentation

◆ computeCalculateFields()

◆ getHandshakeMessageAt()

◆ getHandshakeMessageOfType()

◆ getHandshakeMessagesCount()

◆ getNextHandshakeMessageOfType()

◆ toString()