Incremental TLS/SSL Handshake parser. More...

#include <Handshake.h>

Collaboration diagram for Security::HandshakeParser:

Public Types

enum  ParserState {
  atHelloNone = 0,
  atHelloStarted,
  atHelloReceived,
  atCertificatesReceived,
  atHelloDoneReceived,
  atNstReceived,
  atCcsReceived,
  atFinishReceived
}
 The parsing states. More...
 

Public Member Functions

 HandshakeParser ()
 
bool parseHello (const SBuf &data)
 

Public Attributes

TlsDetails::Pointer details
 TLS handshake meta info or nil. More...
 
Security::CertList serverCertificates
 parsed certificates chain More...
 
ParserState state
 current parsing state. More...
 
bool resumingSession
 True if this is a resuming session. More...
 

Private Member Functions

bool isSslv2Record (const SBuf &raw) const
 
void parseRecord ()
 
void parseModernRecord ()
 parses a single TLS Record Layer frame More...
 
void parseVersion2Record ()
 
void parseMessages ()
 parses one or more "higher-level protocol" frames of currentContentType More...
 
void parseChangeCipherCpecMessage ()
 
void parseAlertMessage ()
 
void parseHandshakeMessage ()
 
void parseApplicationDataMessage ()
 
void skipMessage (const char *msgType)
 
bool parseRecordVersion2Try ()
 
void parseVersion2HandshakeMessage (const SBuf &raw)
 
void parseClientHelloHandshakeMessage (const SBuf &raw)
 
void parseServerHelloHandshakeMessage (const SBuf &raw)
 RFC 5246 Section 7.4.1.3. Server Hello. More...
 
bool parseCompressionMethods (const SBuf &raw)
 
void parseExtensions (const SBuf &raw)
 
SBuf parseSniExtension (const SBuf &extensionData) const
 
void parseCiphers (const SBuf &raw)
 
void parseV23Ciphers (const SBuf &raw)
 
void parseServerCertificates (const SBuf &raw)
 

Static Private Member Functions

static CertPointer ParseCertificate (const SBuf &raw)
 

Private Attributes

unsigned int currentContentType
 The current TLS/SSL record content type. More...
 
const char * done
 not nil if we got what we were looking for More...
 
SBuf fragments
 concatenated TLSPlaintext.fragments of TLSPlaintext.type More...
 
Parser::BinaryTokenizer tkRecords
 TLS record layer (parsing uninterpreted data) More...
 
Parser::BinaryTokenizer tkMessages
 TLS message layer (parsing fragments) More...
 
YesNoNone expectingModernRecords
 Whether to use TLS parser or a V2 compatible parser. More...
 

Detailed Description

Definition at line 56 of file Handshake.h.

Member Enumeration Documentation

Enumerator
atHelloNone 
atHelloStarted 
atHelloReceived 
atCertificatesReceived 
atHelloDoneReceived 
atNstReceived 
atCcsReceived 
atFinishReceived 

Definition at line 60 of file Handshake.h.

Constructor & Destructor Documentation

Security::HandshakeParser::HandshakeParser ( )

Definition at line 190 of file Handshake.cc.

Member Function Documentation

bool Security::HandshakeParser::isSslv2Record ( const SBuf raw) const
private

RFC 5246. Appendix E.2. Compatibility with SSL 2.0 And draft-hickman-netscape-ssl-00. Section 4.1. SSL Record Header Format

Definition at line 214 of file Handshake.cc.

References head, type, Parser::BinaryTokenizer::uint16(), and Parser::BinaryTokenizer::uint8().

void Security::HandshakeParser::parseAlertMessage ( )
private
void Security::HandshakeParser::parseApplicationDataMessage ( )
private

Definition at line 344 of file Handshake.cc.

References Security::ctApplicationData, and Must.

Security::CertPointer Security::HandshakeParser::ParseCertificate ( const SBuf raw)
staticprivate

Creates and returns a certificate by parsing a DER-encoded X509 structure. Throws on failures.

Definition at line 541 of file Handshake.cc.

References assert, SBuf::length(), Must, and SBuf::rawContent().

void Security::HandshakeParser::parseChangeCipherCpecMessage ( )
private

Definition at line 283 of file Handshake.cc.

References Security::ctChangeCipherSpec, and Must.

void Security::HandshakeParser::parseCiphers ( const SBuf raw)
private
bool Security::HandshakeParser::parseCompressionMethods ( const SBuf raw)
private
void Security::HandshakeParser::parseExtensions ( const SBuf raw)
private
bool Security::HandshakeParser::parseHello ( const SBuf data)

Parses the initial sequence of raw bytes sent by the TLS/SSL agent. Returns true upon successful completion (e.g., got HelloDone). Returns false if more data is needed. Throws on errors.

Definition at line 516 of file Handshake.cc.

References debugs.

Referenced by ConnStateData::parseTlsHandshake().

void Security::HandshakeParser::parseMessages ( )
private
void Security::HandshakeParser::parseModernRecord ( )
private
void Security::HandshakeParser::parseRecord ( )
private

Definition at line 224 of file Handshake.cc.

bool Security::HandshakeParser::parseRecordVersion2Try ( )
private
void Security::HandshakeParser::parseServerCertificates ( const SBuf raw)
private
SBuf Security::HandshakeParser::parseSniExtension ( const SBuf extensionData) const
private
void Security::HandshakeParser::parseV23Ciphers ( const SBuf raw)
private
void Security::HandshakeParser::parseVersion2Record ( )
private
void Security::HandshakeParser::skipMessage ( const char *  msgType)
private

Definition at line 507 of file Handshake.cc.

Member Data Documentation

unsigned int Security::HandshakeParser::currentContentType
private

Definition at line 106 of file Handshake.h.

TlsDetails::Pointer Security::HandshakeParser::details
const char* Security::HandshakeParser::done
private

Definition at line 108 of file Handshake.h.

YesNoNone Security::HandshakeParser::expectingModernRecords
private

Definition at line 120 of file Handshake.h.

SBuf Security::HandshakeParser::fragments
private

Definition at line 111 of file Handshake.h.

bool Security::HandshakeParser::resumingSession

Definition at line 76 of file Handshake.h.

Security::CertList Security::HandshakeParser::serverCertificates

Definition at line 72 of file Handshake.h.

Referenced by Ssl::ServerBio::serverCertificatesIfAny().

ParserState Security::HandshakeParser::state

Definition at line 74 of file Handshake.h.

Parser::BinaryTokenizer Security::HandshakeParser::tkMessages
private

Definition at line 117 of file Handshake.h.

Parser::BinaryTokenizer Security::HandshakeParser::tkRecords
private

Definition at line 114 of file Handshake.h.


The documentation for this class was generated from the following files:

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors