PcapPlusPlus  19.12
pcpp::SSLLayer Class Reference

#include <SSLLayer.h>

Inheritance diagram for pcpp::SSLLayer:
pcpp::Layer pcpp::IDataContainer pcpp::SSLAlertLayer pcpp::SSLApplicationDataLayer pcpp::SSLChangeCipherSpecLayer pcpp::SSLHandshakeLayer

Public Member Functions

ssl_tls_record_layergetRecordLayer () const
 
SSLVersion getRecordVersion () const
 
SSLRecordType getRecordType () const
 
size_t getHeaderLen () const
 
void parseNextLayer ()
 
OsiModelLayer getOsiModelLayer () const
 
- Public Member Functions inherited from pcpp::Layer
virtual ~Layer ()
 
LayergetNextLayer () const
 
LayergetPrevLayer () const
 
ProtocolType getProtocol () const
 
uint8_t * getData () const
 
size_t getDataLen () const
 
uint8_t * getLayerPayload () const
 
size_t getLayerPayloadSize () const
 
bool isAllocatedToPacket () const
 
void copyData (uint8_t *toArr) const
 
uint8_t * getDataPtr (size_t offset=0) const
 
virtual void computeCalculateFields ()=0
 
virtual std::string toString () const =0
 

Static Public Member Functions

static bool isSSLPort (uint16_t port)
 
static bool IsSSLMessage (uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen)
 
static SSLLayercreateSSLMessage (uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet)
 
static std::string sslVersionToString (SSLVersion ver)
 

Detailed Description

The base class for the 4 record type classes. Each record type is represented as a layer. See SSLLayer.h for detailed explanation of the TLS/SSL protocol support in PcapPlusPlus. This class provides the common functionality used by all record types and also contains static methods for identifying an creating SSL/TLS record type layers

Member Function Documentation

◆ createSSLMessage()

static SSLLayer* pcpp::SSLLayer::createSSLMessage ( uint8_t *  data,
size_t  dataLen,
Layer prevLayer,
Packet packet 
)
static

A static method that creates SSL/TLS layers by raw data. This method parses the raw data, finds if and which SSL/TLS record it is and creates the corresponding record layer. It's the responsibility of the user to free the created object when done using it

Parameters
[in]dataA pointer to the raw data
[in]dataLenSize of the data in bytes
[in]prevLayerA pointer to the previous layer
[in]packetA pointer to the Packet instance where layer will be stored in
Returns
A pointer to the newly created record layer. If no SSL/TLS record could be identified from the raw data NULL is returned

◆ getHeaderLen()

size_t pcpp::SSLLayer::getHeaderLen ( ) const
virtual
Returns
The record size as extracted from the record data (in ssl_tls_record_layer::length)

Implements pcpp::Layer.

◆ getOsiModelLayer()

OsiModelLayer pcpp::SSLLayer::getOsiModelLayer ( ) const
inlinevirtual
Returns
The OSI Model layer this protocol belongs to

Implements pcpp::Layer.

◆ getRecordLayer()

ssl_tls_record_layer* pcpp::SSLLayer::getRecordLayer ( ) const
inline

Get a pointer to the record header. Notice this points directly to the data, so every change will change the actual packet data

Returns
A pointer to the ssl_tls_record_layer

◆ getRecordType()

SSLRecordType pcpp::SSLLayer::getRecordType ( ) const
Returns
The SSL/TLS record type as parsed from the record

◆ getRecordVersion()

SSLVersion pcpp::SSLLayer::getRecordVersion ( ) const
Returns
The SSL/TLS version used in this record (parsed from the record)

◆ IsSSLMessage()

static bool pcpp::SSLLayer::IsSSLMessage ( uint16_t  srcPort,
uint16_t  dstPort,
uint8_t *  data,
size_t  dataLen 
)
static

A static methods that gets raw data of a layer and checks whether this data is a SSL/TLS record or not. This check is done using the source/dest port and matching of a legal record type in the raw data. The list of ports identified as SSL/TLS is hard-coded and includes the following ports:

  • Port 443 [HTTPS]
  • Port 465 [LDAPS]
  • Port 636 [FTPS]
  • Port 989 [FTPS - data]
  • Port 990 [FTPS - control]
  • Port 992 [Telnet over TLS/SSL[
  • Port 993 [IMAPS]
  • Port 995 [POP3S]
    Parameters
    [in]srcPortThe source port of the packet that contains the raw data. Source port (or dest port) are a criteria to identify SSL/TLS packets
    [in]dstPortThe dest port of the packet that contains the raw data. Dest port (or source port) are a criteria to identify SSL/TLS packets
    [in]dataThe data to check
    [in]dataLenLength (in bytes) of the data

◆ isSSLPort()

static bool pcpp::SSLLayer::isSSLPort ( uint16_t  port)
static

A static method that checks whether the port is considered as SSL/TLS

Parameters
[in]portThe port number to be checked

◆ parseNextLayer()

void pcpp::SSLLayer::parseNextLayer ( )
virtual

Several SSL/TLS records can reside in a single packets. So this method checks the remaining data and if it's identified as SSL/TLS it creates another SSL/TLS record layer as the next layer

Implements pcpp::Layer.

◆ sslVersionToString()

static std::string pcpp::SSLLayer::sslVersionToString ( SSLVersion  ver)
static

A static method that converts SSLVersion enum value to string

Parameters
[in]verThe enum value
Returns
The string representation of the enum value