#include <SSLLayer.h>

Inheritance diagram for pcpp::SSLHandshakeLayer:

Public Member Functions
	SSLHandshakeLayer (uint8_t data, size_t dataLen, Layer prevLayer, Packet *packet)

size_t	getHandshakeMessagesCount () const

SSLHandshakeMessage *	getHandshakeMessageAt (int index) const

template<class THandshakeMessage >
THandshakeMessage *	getHandshakeMessageOfType () const

template<class THandshakeMessage >
THandshakeMessage *	getNextHandshakeMessageOfType (SSLHandshakeMessage *after) const

std::string	toString () const

void	computeCalculateFields ()

Public Member Functions inherited from pcpp::SSLLayer
ssl_tls_record_layer *	getRecordLayer () const

SSLVersion	getRecordVersion () const

SSLRecordType	getRecordType () const

size_t	getHeaderLen () const

void	parseNextLayer ()

OsiModelLayer	getOsiModelLayer () const

Public Member Functions inherited from pcpp::Layer
virtual	~Layer ()

Layer *	getNextLayer () const

Layer *	getPrevLayer () const

ProtocolType	getProtocol () const

uint8_t *	getData () const

size_t	getDataLen () const

uint8_t *	getLayerPayload () const

size_t	getLayerPayloadSize () const

bool	isAllocatedToPacket () const

void	copyData (uint8_t *toArr) const

uint8_t *	getDataPtr (size_t offset=0) const

Additional Inherited Members
Static Public Member Functions inherited from pcpp::SSLLayer
static bool	isSSLPort (uint16_t port)

static bool	IsSSLMessage (uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen, bool ignorePorts=false)

static SSLLayer *	createSSLMessage (uint8_t data, size_t dataLen, Layer prevLayer, Packet *packet)

Detailed Description

Represents SSL/TLS handshake layer. This layer may contain one or more handshake messages (all of them inherit from the base class SSLHandshakeMessage) which are the SSL/TLS handshake message sent between a client and a server until they establish a secure connection (e.g client-hello, server-hello, certificate, client-key-exchange, server-key-exchange, etc.). Usually this layer will contain just one message (as the first example below demonstrates). But there are cases a layer may contain more than 1 message. To better explain this layer structure we'll use 2 examples. The first will be client-hello message. The layer structure will look like this:

      |------------------- SSLHandshakeLayer ----------------------|
      +----------------------+-------------------------------------+
      | ssl_tls_record_layer |       SSLClientHelloMessage         |
      |        struct        |                                     |
      +----------------------+-------------------------------------+
       /     |       \               |          \         \      \
      /    version    \      |   handshake       \         \      \
     /     TLS1_0      \            type          \         \     rest of
    type                  \    | SSL_CLIENT_HELLO    \         \    message fields...
SSL_HANDSHAKE           length                   handshake      \
    (22)                 xxx   |                  version      message
                                                 TLS1_2      length
                             |                                yyy

Second example is a multiple-message handshake layer comprises of server-hello, certificate and server-key-exchange messages:

      |---------------------------------------------- SSLHandshakeLayer -----------------------------------------------------|
      +----------------------+-------------------------------------+---------------------------+-----------------------------+
      | ssl_tls_record_layer |       SSLServerHelloMessage         |   SSLCertificateMessage   | SSLServerKeyExchangeMessage |
      |        struct        |                                     |                           |                             |
      +----------------------+-------------------------------------+---------------------------+-----------------------------+
       /     |       \               |          \         \               |           \               |            \
      /    version    \      |   handshake       \        rest of  |      |          rest      |      |            rest
     /     TLS1_0      \            type          \       message      handshake   of fields...   handshake    of fields...
    type                  \    | SSL_SERVER_HELLO    \      fields...|     type                  |     type
SSL_HANDSHAKE           length                   handshake             SSL_CERTIFICATE             SSL_SERVER_KEY_EXCHANGE
    (22)                 xxx   |               version,length        |                           |

                             |                                     |                           |

Constructor & Destructor Documentation

◆ SSLHandshakeLayer()

pcpp::SSLHandshakeLayer::SSLHandshakeLayer	(	uint8_t *	data,
		size_t	dataLen,
		Layer *	prevLayer,
		Packet *	packet
	)

C'tor for this class that creates the layer from an existing packet raw data

Parameters

[in]	data	A pointer to the raw data
[in]	dataLen	Size of the data in bytes
[in]	prevLayer	A pointer to the previous layer
[in]	packet	A pointer to the Packet instance where layer will be stored in

Member Function Documentation

◆ computeCalculateFields()

void pcpp::SSLHandshakeLayer::computeCalculateFields ( )

inlinevirtual

There are no calculated fields for this layer

Implements pcpp::Layer.

◆ getHandshakeMessageAt()

SSLHandshakeMessage* pcpp::SSLHandshakeLayer::getHandshakeMessageAt ( int index ) const

Get a pointer to an handshake message by index. The message are numbered according to their order of appearance in the layer. If index is out of bounds (less than 0 or larger than total amount of message) NULL will be returned

Parameters

[in] index The index of the message to return

Returns: The pointer to the message object or NULL if index is out of bounds

◆ getHandshakeMessageOfType()

template<class THandshakeMessage >

THandshakeMessage * pcpp::SSLHandshakeLayer::getHandshakeMessageOfType ( ) const

A templated method to get a message of a certain type. If no message of such type is found, NULL is returned

Returns: A pointer to the message of the requested type, NULL if not found

◆ getHandshakeMessagesCount()

size_t pcpp::SSLHandshakeLayer::getHandshakeMessagesCount ( ) const

inline

Returns: The number of messages in this layer instance

◆ getNextHandshakeMessageOfType()

template<class THandshakeMessage >

THandshakeMessage * pcpp::SSLHandshakeLayer::getNextHandshakeMessageOfType ( SSLHandshakeMessage * after ) const

A templated method to get the first message of a certain type, starting to search from a certain message. For example: if the layer looks like: HelloRequest(1) -> HelloRequest(2) and the user put HelloRequest(1) as a parameter and wishes to search for an HelloRequest message, the HelloRequest(2) will be returned.
If no layer of such type is found, NULL is returned

Parameters

[in] after A pointer to the message to start search from

Returns: A pointer to the message of the requested type, NULL if not found

◆ toString()

std::string pcpp::SSLHandshakeLayer::toString ( ) const

virtual

Returns: A string representation of the layer most important data (should look like the layer description in Wireshark)

Implements pcpp::Layer.

Public Member Functions

Additional Inherited Members

Detailed Description

Constructor & Destructor Documentation

◆ SSLHandshakeLayer()

Member Function Documentation

◆ computeCalculateFields()

◆ getHandshakeMessageAt()

◆ getHandshakeMessageOfType()

◆ getHandshakeMessagesCount()

◆ getNextHandshakeMessageOfType()

◆ toString()