PcapPlusPlus
21.05
|
#include <SSLLayer.h>
Public Member Functions | |
SSLHandshakeLayer (uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet) | |
size_t | getHandshakeMessagesCount () const |
SSLHandshakeMessage * | getHandshakeMessageAt (int index) const |
template<class THandshakeMessage > | |
THandshakeMessage * | getHandshakeMessageOfType () const |
template<class THandshakeMessage > | |
THandshakeMessage * | getNextHandshakeMessageOfType (SSLHandshakeMessage *after) const |
std::string | toString () const |
void | computeCalculateFields () |
Public Member Functions inherited from pcpp::SSLLayer | |
ssl_tls_record_layer * | getRecordLayer () const |
SSLVersion | getRecordVersion () const |
SSLRecordType | getRecordType () const |
size_t | getHeaderLen () const |
void | parseNextLayer () |
OsiModelLayer | getOsiModelLayer () const |
Public Member Functions inherited from pcpp::Layer | |
virtual | ~Layer () |
Layer * | getNextLayer () const |
Layer * | getPrevLayer () const |
ProtocolType | getProtocol () const |
uint8_t * | getData () const |
size_t | getDataLen () const |
uint8_t * | getLayerPayload () const |
size_t | getLayerPayloadSize () const |
bool | isAllocatedToPacket () const |
void | copyData (uint8_t *toArr) const |
uint8_t * | getDataPtr (size_t offset=0) const |
Additional Inherited Members | |
Static Public Member Functions inherited from pcpp::SSLLayer | |
static bool | isSSLPort (uint16_t port) |
static bool | IsSSLMessage (uint16_t srcPort, uint16_t dstPort, uint8_t *data, size_t dataLen, bool ignorePorts=false) |
static SSLLayer * | createSSLMessage (uint8_t *data, size_t dataLen, Layer *prevLayer, Packet *packet) |
Represents SSL/TLS handshake layer. This layer may contain one or more handshake messages (all of them inherit from the base class SSLHandshakeMessage) which are the SSL/TLS handshake message sent between a client and a server until they establish a secure connection (e.g client-hello, server-hello, certificate, client-key-exchange, server-key-exchange, etc.). Usually this layer will contain just one message (as the first example below demonstrates). But there are cases a layer may contain more than 1 message. To better explain this layer structure we'll use 2 examples. The first will be client-hello message. The layer structure will look like this:
|------------------- SSLHandshakeLayer ----------------------| +----------------------+-------------------------------------+ | ssl_tls_record_layer | SSLClientHelloMessage | | struct | | +----------------------+-------------------------------------+ / | \ | \ \ \ / version \ | handshake \ \ \ / TLS1_0 \ type \ \ rest of type \ | SSL_CLIENT_HELLO \ \ message fields... SSL_HANDSHAKE length handshake \ (22) xxx | version message TLS1_2 length | yyy
Second example is a multiple-message handshake layer comprises of server-hello, certificate and server-key-exchange messages:
|---------------------------------------------- SSLHandshakeLayer -----------------------------------------------------| +----------------------+-------------------------------------+---------------------------+-----------------------------+ | ssl_tls_record_layer | SSLServerHelloMessage | SSLCertificateMessage | SSLServerKeyExchangeMessage | | struct | | | | +----------------------+-------------------------------------+---------------------------+-----------------------------+ / | \ | \ \ | \ | \ / version \ | handshake \ rest of | | rest | | rest / TLS1_0 \ type \ message handshake of fields... handshake of fields... type \ | SSL_SERVER_HELLO \ fields...| type | type SSL_HANDSHAKE length handshake SSL_CERTIFICATE SSL_SERVER_KEY_EXCHANGE (22) xxx | version,length | | | | |
pcpp::SSLHandshakeLayer::SSLHandshakeLayer | ( | uint8_t * | data, |
size_t | dataLen, | ||
Layer * | prevLayer, | ||
Packet * | packet | ||
) |
C'tor for this class that creates the layer from an existing packet raw data
[in] | data | A pointer to the raw data |
[in] | dataLen | Size of the data in bytes |
[in] | prevLayer | A pointer to the previous layer |
[in] | packet | A pointer to the Packet instance where layer will be stored in |
|
inlinevirtual |
There are no calculated fields for this layer
Implements pcpp::Layer.
SSLHandshakeMessage* pcpp::SSLHandshakeLayer::getHandshakeMessageAt | ( | int | index | ) | const |
Get a pointer to an handshake message by index. The message are numbered according to their order of appearance in the layer. If index is out of bounds (less than 0 or larger than total amount of message) NULL will be returned
[in] | index | The index of the message to return |
THandshakeMessage * pcpp::SSLHandshakeLayer::getHandshakeMessageOfType | ( | ) | const |
A templated method to get a message of a certain type. If no message of such type is found, NULL is returned
|
inline |
THandshakeMessage * pcpp::SSLHandshakeLayer::getNextHandshakeMessageOfType | ( | SSLHandshakeMessage * | after | ) | const |
A templated method to get the first message of a certain type, starting to search from a certain message. For example: if the layer looks like: HelloRequest(1) -> HelloRequest(2) and the user put HelloRequest(1) as a parameter and wishes to search for an HelloRequest message, the HelloRequest(2) will be returned.
If no layer of such type is found, NULL is returned
[in] | after | A pointer to the message to start search from |
|
virtual |
Implements pcpp::Layer.