SSLLayer.h

Go to the documentation of this file.

#ifndef PACKETPP_SSL_LAYER
#define PACKETPP_SSL_LAYER
 
#include "PointerVector.h"
#include "Layer.h"
#include "SSLCommon.h"
#include "SSLHandshake.h"
 
namespace pcpp
{
 
    class SSLLayer : public Layer
    {
    public:
 
        static inline bool isSSLPort(uint16_t port);
 
        static bool IsSSLMessage(uint16_t srcPort, uint16_t dstPort, uint8_t* data, size_t dataLen, bool ignorePorts = false);
 
        static SSLLayer* createSSLMessage(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet);
 
        static std::string sslVersionToString(SSLVersion ver);
 
        ssl_tls_record_layer* getRecordLayer() const { return (ssl_tls_record_layer*)m_Data; }
 
        SSLVersion getRecordVersion() const;
 
        SSLRecordType getRecordType() const;
 
        // implement abstract methods
 
        size_t getHeaderLen() const;
 
        void parseNextLayer();
 
        OsiModelLayer getOsiModelLayer() const { return OsiModelPresentationLayer; }
 
    protected:
        SSLLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet) : Layer(data, dataLen, prevLayer, packet) { m_Protocol = SSL; }
 
    }; // class SSLLayer
 
 
    class SSLHandshakeLayer: public SSLLayer
    {
    public:
 
        SSLHandshakeLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet);
 
        size_t getHandshakeMessagesCount() const { return m_MessageList.size(); }
 
        SSLHandshakeMessage* getHandshakeMessageAt(int index) const;
 
        template<class THandshakeMessage>
        THandshakeMessage* getHandshakeMessageOfType() const;
 
        template<class THandshakeMessage>
        THandshakeMessage* getNextHandshakeMessageOfType(SSLHandshakeMessage* after) const;
 
        // implement abstract methods
 
        std::string toString() const;
 
        void computeCalculateFields() {}
 
    private:
        PointerVector<SSLHandshakeMessage> m_MessageList;
    }; // class SSLHandshakeLayer
 
 
    class SSLChangeCipherSpecLayer : public SSLLayer
    {
    public:
 
        SSLChangeCipherSpecLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
            : SSLLayer(data, dataLen, prevLayer, packet) {}
 
        ~SSLChangeCipherSpecLayer() {}
 
        // implement abstract methods
 
        std::string toString() const;
 
        void computeCalculateFields() {}
    }; // class SSLChangeCipherSpecLayer
 
 
    class SSLAlertLayer : public SSLLayer
    {
    public:
 
        SSLAlertLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
            : SSLLayer(data, dataLen, prevLayer, packet) {}
 
        ~SSLAlertLayer() {}
 
        SSLAlertLevel getAlertLevel() const;
 
        SSLAlertDescription getAlertDescription();
 
        // implement abstract methods
 
        std::string toString() const;
 
        void computeCalculateFields() {}
    }; // class SSLAlertLayer
 
 
    class SSLApplicationDataLayer : public SSLLayer
    {
    public:
 
        SSLApplicationDataLayer(uint8_t* data, size_t dataLen, Layer* prevLayer, Packet* packet)
            : SSLLayer(data, dataLen, prevLayer, packet) {}
 
        ~SSLApplicationDataLayer() {}
 
        uint8_t* getEncrpytedData() const;
 
        size_t getEncrpytedDataLen() const;
 
        // implement abstract methods
 
        std::string toString() const;
 
        void computeCalculateFields() {}
    }; // class SSLApplicationDataLayer
 
 
    template<class THandshakeMessage>
    THandshakeMessage* SSLHandshakeLayer::getHandshakeMessageOfType() const
    {
        size_t vecSize = m_MessageList.size();
        for (size_t i = 0; i < vecSize; i++)
        {
            SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(i));
             if (dynamic_cast<THandshakeMessage*>(curElem) != NULL)
                 return (THandshakeMessage*)curElem;
        }
 
        // element not found
        return NULL;
    } // getHandshakeMessageOfType
 
 
    template<class THandshakeMessage>
    THandshakeMessage* SSLHandshakeLayer::getNextHandshakeMessageOfType(SSLHandshakeMessage* after) const
    {
        size_t vecSize = m_MessageList.size();
        size_t afterIndex;
 
        // find the index of "after"
        for (afterIndex = 0; afterIndex < vecSize; afterIndex++)
        {
            SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(afterIndex));
            if (curElem == after)
                break;
        }
 
        // "after" not found
        if (afterIndex == vecSize)
            return NULL;
 
        for (size_t i = afterIndex+1; i < vecSize; i++)
        {
            SSLHandshakeMessage* curElem = const_cast<SSLHandshakeMessage*>(m_MessageList.at(i));
             if (dynamic_cast<THandshakeMessage*>(curElem) != NULL)
                 return (THandshakeMessage*)curElem;
        }
 
        // element not found
        return NULL;
    } // getNextHandshakeMessageOfType
 
 
    // implementation of inline methods
 
    bool SSLLayer::isSSLPort(uint16_t port)
    {
        if (port == 443) // HTTPS, this is likely case
            return true;
 
        switch (port)
        {
        case 261: // NSIIOPS
        case 448: // DDM-SSL
        case 465: // SMTPS
        case 563: // NNTPS
        case 614: // SSHELL
        case 636: // LDAPS
        case 989: // FTPS - data
        case 990: // FTPS - control
        case 992: // Telnet over TLS/SSL
        case 993: // IMAPS
        case 994: // IRCS
        case 995: // POP3S
            return true;
        default:
            return false;
        }
    } // isSSLPort
 
} // namespace pcpp
 
#endif /* PACKETPP_SSL_LAYER */