mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-04 12:37:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge ced6027d39 into e430876b1d

Browse source
This commit is contained in:
BRUHItsABunny 2025-04-01 12:41:06 -05:00 committed by GitHub
commit bebe5d7322
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 157 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
u_common.go
View file

@ -609,7 +609,7 @@ var (
HelloFirefox_105 = ClientHelloID{helloFirefox, "105", nil, nil} HelloFirefox_105 = ClientHelloID{helloFirefox, "105", nil, nil}
HelloFirefox_120 = ClientHelloID{helloFirefox, "120", nil, nil} HelloFirefox_120 = ClientHelloID{helloFirefox, "120", nil, nil}
HelloChrome_Auto = HelloChrome_131 HelloChrome_Auto = HelloChrome_133
HelloChrome_58 = ClientHelloID{helloChrome, "58", nil, nil} HelloChrome_58 = ClientHelloID{helloChrome, "58", nil, nil}
HelloChrome_62 = ClientHelloID{helloChrome, "62", nil, nil} HelloChrome_62 = ClientHelloID{helloChrome, "62", nil, nil}
HelloChrome_70 = ClientHelloID{helloChrome, "70", nil, nil} HelloChrome_70 = ClientHelloID{helloChrome, "70", nil, nil}
@ -639,6 +639,8 @@ var (
HelloChrome_120_PQ = ClientHelloID{helloChrome, "120_PQ", nil, nil} HelloChrome_120_PQ = ClientHelloID{helloChrome, "120_PQ", nil, nil}
// Chrome w/ ML-KEM curve // Chrome w/ ML-KEM curve
HelloChrome_131 = ClientHelloID{helloChrome, "131", nil, nil} HelloChrome_131 = ClientHelloID{helloChrome, "131", nil, nil}
// Chrome w/ New ALPS codepoint
HelloChrome_133 = ClientHelloID{helloChrome, "133", nil, nil}
HelloIOS_Auto = HelloIOS_14 HelloIOS_Auto = HelloIOS_14
HelloIOS_11_1 = ClientHelloID{helloIOS, "111", nil, nil} // legacy "111" means 11.1 HelloIOS_11_1 = ClientHelloID{helloIOS, "111", nil, nil} // legacy "111" means 11.1

74
u_parrots.go
View file

@ -880,6 +880,80 @@ func utlsIdToSpec(id ClientHelloID) (ClientHelloSpec, error) {
&UtlsGREASEExtension{}, &UtlsGREASEExtension{},
}), }),
}, nil }, nil
case HelloChrome_133:
return ClientHelloSpec{
CipherSuites: []uint16{
GREASE_PLACEHOLDER,
TLS_AES_128_GCM_SHA256,
TLS_AES_256_GCM_SHA384,
TLS_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_GCM_SHA256,
TLS_RSA_WITH_AES_256_GCM_SHA384,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA,
},
CompressionMethods: []byte{
0x00, // compressionNone
},
Extensions: ShuffleChromeTLSExtensions([]TLSExtension{
&UtlsGREASEExtension{},
&SNIExtension{},
&ExtendedMasterSecretExtension{},
&RenegotiationInfoExtension{Renegotiation: RenegotiateOnceAsClient},
&SupportedCurvesExtension{[]CurveID{
GREASE_PLACEHOLDER,
X25519MLKEM768,
X25519,
CurveP256,
CurveP384,
}},
&SupportedPointsExtension{SupportedPoints: []byte{
0x00, // pointFormatUncompressed
}},
&SessionTicketExtension{},
&ALPNExtension{AlpnProtocols: []string{"h2", "http/1.1"}},
&StatusRequestExtension{},
&SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []SignatureScheme{
ECDSAWithP256AndSHA256,
PSSWithSHA256,
PKCS1WithSHA256,
ECDSAWithP384AndSHA384,
PSSWithSHA384,
PKCS1WithSHA384,
PSSWithSHA512,
PKCS1WithSHA512,
}},
&SCTExtension{},
&KeyShareExtension{[]KeyShare{
{Group: CurveID(GREASE_PLACEHOLDER), Data: []byte{0}},
{Group: X25519MLKEM768},
{Group: X25519},
}},
&PSKKeyExchangeModesExtension{[]uint8{
PskModeDHE,
}},
&SupportedVersionsExtension{[]uint16{
GREASE_PLACEHOLDER,
VersionTLS13,
VersionTLS12,
}},
&UtlsCompressCertExtension{[]CertCompressionAlgo{
CertCompressionBrotli,
}},
&ApplicationSettingsExtensionNew{&ApplicationSettingsExtension{SupportedProtocols: []string{"h2"}}},
// &ApplicationSettingsExtension{SupportedProtocols: []string{"h2"}},
BoringGREASEECH(),
&UtlsGREASEExtension{},
}),
}, nil
case HelloFirefox_55, HelloFirefox_56: case HelloFirefox_55, HelloFirefox_56:
return ClientHelloSpec{ return ClientHelloSpec{
TLSVersMax: VersionTLS12, TLSVersMax: VersionTLS12,

80
u_tls_extensions.go
View file

@ -766,6 +766,86 @@ func (e *ApplicationSettingsExtension) Write(b []byte) (int, error) {
return fullLen, nil return fullLen, nil
} }
// ApplicationSettingsExtensionNew represents the TLS ALPS codepoint extension introduced by Chrome 133.
// More information can be found here: https://chromestatus.com/feature/5149147365900288
// TODO: This probably should be implemented differently
type ApplicationSettingsExtensionNew struct {
*ApplicationSettingsExtension
}
func (e *ApplicationSettingsExtensionNew) Len() int {
bLen := 2 + 2 + 2 // Type + Length + ALPS Extension length
for _, s := range e.SupportedProtocols {
bLen += 1 + len(s) // Supported ALPN Length + actual length of protocol
}
return bLen
}
func (e *ApplicationSettingsExtensionNew) Read(b []byte) (int, error) {
if len(b) < e.Len() {
return 0, io.ErrShortBuffer
}
// Read Type.
b[0] = byte(17613 >> 8) // hex: 44 dec: 68
b[1] = byte(17613 & 0xff) // hex: 69 dec: 105
lengths := b[2:] // get the remaining buffer without Type
b = b[6:] // set the buffer to the buffer without Type, Length and ALPS Extension Length (so only the Supported ALPN list remains)
stringsLength := 0
for _, s := range e.SupportedProtocols {
l := len(s) // Supported ALPN Length
b[0] = byte(l) // Supported ALPN Length in bytes hex: 02 dec: 2
copy(b[1:], s) // copy the Supported ALPN as bytes to the buffer
b = b[1+l:] // set the buffer to the buffer without the Supported ALPN Length and Supported ALPN (so we can continue to the next protocol in this loop)
stringsLength += 1 + l // Supported ALPN Length (the field itself) + Supported ALPN Length (the value)
}
lengths[2] = byte(stringsLength >> 8) // ALPS Extension Length hex: 00 dec: 0
lengths[3] = byte(stringsLength) // ALPS Extension Length hex: 03 dec: 3
stringsLength += 2 // plus ALPS Extension Length field length
lengths[0] = byte(stringsLength >> 8) // Length hex:00 dec: 0
lengths[1] = byte(stringsLength) // Length hex: 05 dec: 5
return e.Len(), io.EOF
}
func (e *ApplicationSettingsExtensionNew) UnmarshalJSON(b []byte) error {
var applicationSettingsSupport struct {
SupportedProtocols []string `json:"supported_protocols_new"`
}
if err := json.Unmarshal(b, &applicationSettingsSupport); err != nil {
return err
}
e.SupportedProtocols = applicationSettingsSupport.SupportedProtocols
return nil
}
// Write implementation copied from ALPNExtension.Write
func (e *ApplicationSettingsExtensionNew) Write(b []byte) (int, error) {
fullLen := len(b)
extData := cryptobyte.String(b)
// https://datatracker.ietf.org/doc/html/draft-vvv-tls-alps-01
var protoList cryptobyte.String
if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
return 0, errors.New("unable to read ALPN extension data")
}
alpnProtocols := []string{}
for !protoList.Empty() {
var proto cryptobyte.String
if !protoList.ReadUint8LengthPrefixed(&proto) || proto.Empty() {
return 0, errors.New("unable to read ALPN extension data")
}
alpnProtocols = append(alpnProtocols, string(proto))
}
e.SupportedProtocols = alpnProtocols
return fullLen, nil
}
// SCTExtension implements signed_certificate_timestamp (18) // SCTExtension implements signed_certificate_timestamp (18)
type SCTExtension struct { type SCTExtension struct {
} }