Documentation
¶
Index ¶
- Variables
- func GetJarmClientHello(config JarmSettings) *tls.ClientHelloPreset
- func GetRandomClientHello(allValues bool) tls.ClientHelloPreset
- func GetRandomClientHellos(n int, seed int64, tmpDir string) []tls.ClientHelloPreset
- func GetRandomSubsetPermutation(input interface{}, min int) interface{}
- func LocalDownload(filepath string, url string)
- type ClientHelloParameterOrder
- type JarmSettings
Constants ¶
This section is empty.
Variables ¶
View Source
var Chrome70 = tls.ClientHelloPreset{ Version: tls.VersionTLS12, Ciphers: []uint16{ greaseValue, tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_CHACHA20_POLY1305_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, tls.TLS_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_RSA_WITH_AES_128_CBC_SHA, tls.TLS_RSA_WITH_AES_256_CBC_SHA, tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, }, CompressionMethods: []byte{compressionNone}, RenegotiationInfo: true, Renegotiation: tls.RenegotiateOnceAsClient, SignatureAlgorithms: []tls.SignatureScheme{ tls.ECDSAWithP256AndSHA256, tls.PSSWithSHA256, tls.PKCS1WithSHA256, tls.ECDSAWithP384AndSHA384, tls.PSSWithSHA384, tls.PKCS1WithSHA384, tls.PSSWithSHA512, tls.PKCS1WithSHA512, tls.PKCS1WithSHA1, }, StatusRequest: true, Sct: true, SessionTicket: true, Alpn: []string{"h2", "http/1.1"}, EcPointFormats: []uint8{0}, PskKeyExchangeModes: []uint8{ 1, }, SupportedVersions: []uint16{ tls.VersionTLS13, tls.VersionTLS12, tls.VersionTLS11, tls.VersionTLS10, }, SupportedGroups: []tls.CurveID{tls.X25519, tls.CurveP256, tls.CurveP384, tls.CurveP521}, KeyShares: 1, }
View Source
var Chrome83 = tls.ClientHelloPreset{ Ciphers: []uint16{ tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_CHACHA20_POLY1305_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, tls.TLS_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_RSA_WITH_AES_128_CBC_SHA, tls.TLS_RSA_WITH_AES_256_CBC_SHA, }, CompressionMethods: []byte{compressionNone}, RenegotiationInfo: true, Renegotiation: tls.RenegotiateOnceAsClient, SignatureAlgorithms: []tls.SignatureScheme{ tls.ECDSAWithP256AndSHA256, tls.PSSWithSHA256, tls.PKCS1WithSHA256, tls.ECDSAWithP384AndSHA384, tls.PSSWithSHA384, tls.PKCS1WithSHA384, tls.PSSWithSHA512, tls.PKCS1WithSHA512, }, StatusRequest: true, Sct: true, SessionTicket: true, Alpn: []string{"h2", "http/1.1"}, EcPointFormats: []uint8{0}, PskKeyExchangeModes: []uint8{ 1, }, SupportedVersions: []uint16{ tls.VersionTLS13, tls.VersionTLS12, tls.VersionTLS11, tls.VersionTLS10, }, SupportedGroups: []tls.CurveID{ tls.X25519, tls.CurveP256, tls.CurveP384, }, Version: tls.VersionTLS12, KeyShares: 1, }
View Source
var Custom = tls.ClientHelloPreset{ Version: tls.VersionTLS12, Ciphers: []uint16{ tls.TLS_RSA_WITH_AES_256_CBC_SHA, tls.TLS_RSA_WITH_AES_128_CBC_SHA, tls.TLS_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_CHACHA20_POLY1305_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_AES_128_GCM_SHA256, }, CompressionMethods: []uint8{0}, RenegotiationInfo: true, Renegotiation: tls.RenegotiateOnceAsClient, SignatureAlgorithms: []tls.SignatureScheme{ tls.ECDSAWithP256AndSHA256, tls.PSSWithSHA256, tls.PKCS1WithSHA256, tls.ECDSAWithP384AndSHA384, tls.PSSWithSHA384, tls.PKCS1WithSHA384, tls.PSSWithSHA512, tls.PKCS1WithSHA512, }, StatusRequest: true, Sct: true, SessionTicket: true, Alpn: []string{"h2", "http/1.1"}, EcPointFormats: []uint8{0}, PskKeyExchangeModes: []uint8{1}, SupportedVersions: []uint16{ tls.VersionTLS13, tls.VersionTLS12, tls.VersionTLS11, tls.VersionTLS10, }, SupportedGroups: []tls.CurveID{tls.CurveP256, tls.X25519, tls.CurveP384, tls.CurveP521}, KeyShares: 1, }
View Source
var CustomAllKeys tls.ClientHelloPreset
View Source
var CustomNoKeys tls.ClientHelloPreset
View Source
var Firefox65 = tls.ClientHelloPreset{ Version: tls.VersionTLS12, Ciphers: []uint16{ tls.TLS_AES_128_GCM_SHA256, tls.TLS_CHACHA20_POLY1305_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, uint16(0x0033), uint16(0x0039), tls.TLS_RSA_WITH_AES_128_CBC_SHA, tls.TLS_RSA_WITH_AES_256_CBC_SHA, tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, }, CompressionMethods: []byte{compressionNone}, RenegotiationInfo: true, Renegotiation: tls.RenegotiateOnceAsClient, SignatureAlgorithms: []tls.SignatureScheme{ tls.ECDSAWithP256AndSHA256, tls.ECDSAWithP384AndSHA384, tls.ECDSAWithP521AndSHA512, tls.PSSWithSHA256, tls.PSSWithSHA384, tls.PSSWithSHA512, tls.PKCS1WithSHA256, tls.PKCS1WithSHA384, tls.PKCS1WithSHA512, tls.ECDSAWithSHA1, tls.PKCS1WithSHA1, }, StatusRequest: true, Sct: true, SessionTicket: true, Alpn: []string{"h2", "http/1.1"}, EcPointFormats: []uint8{}, PskKeyExchangeModes: []uint8{ 1, }, SupportedVersions: []uint16{ tls.VersionTLS13, tls.VersionTLS12, tls.VersionTLS11, tls.VersionTLS10, }, SupportedGroups: []tls.CurveID{ tls.X25519, tls.CurveP256, tls.CurveP384, tls.CurveP521, tls.CurveID(uint16(0x0100)), tls.CurveID(uint16(0x0101)), }, RecordSizeLimit: 0x4001, KeyShares: 1, }
View Source
var Grease = tls.ClientHelloPreset{ Ciphers: []uint16{ tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_CHACHA20_POLY1305_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, tls.TLS_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_RSA_WITH_AES_128_CBC_SHA, tls.TLS_RSA_WITH_AES_256_CBC_SHA, greaseValue, }, CompressionMethods: []byte{compressionNone}, RenegotiationInfo: true, Renegotiation: tls.RenegotiateOnceAsClient, SignatureAlgorithms: []tls.SignatureScheme{ tls.ECDSAWithP256AndSHA256, tls.PSSWithSHA256, tls.PKCS1WithSHA256, tls.ECDSAWithP384AndSHA384, tls.PSSWithSHA384, tls.PKCS1WithSHA384, tls.PSSWithSHA512, tls.PKCS1WithSHA512, tls.SignatureScheme(greaseValue), }, StatusRequest: true, Sct: true, SessionTicket: true, Alpn: []string{"h2", "http/1.1"}, EcPointFormats: []uint8{0}, PskKeyExchangeModes: []uint8{ 1, }, SupportedVersions: []uint16{ tls.VersionTLS13, tls.VersionTLS12, tls.VersionTLS11, tls.VersionTLS10, greaseValue, }, SupportedGroups: []tls.CurveID{ tls.CurveID(greaseValue), tls.X25519, tls.CurveP256, tls.CurveP384, }, Version: tls.VersionTLS12, GreaseExtension: greaseValue, ReversedExtensionOrder: false, KeyShares: 2, }
View Source
var GreaseReversed = tls.ClientHelloPreset{ Ciphers: []uint16{ tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_CHACHA20_POLY1305_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, tls.TLS_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_RSA_WITH_AES_128_CBC_SHA, tls.TLS_RSA_WITH_AES_256_CBC_SHA, greaseValue, }, CompressionMethods: []byte{compressionNone}, RenegotiationInfo: true, Renegotiation: tls.RenegotiateOnceAsClient, SignatureAlgorithms: []tls.SignatureScheme{ tls.ECDSAWithP256AndSHA256, tls.PSSWithSHA256, tls.PKCS1WithSHA256, tls.ECDSAWithP384AndSHA384, tls.PSSWithSHA384, tls.PKCS1WithSHA384, tls.PSSWithSHA512, tls.PKCS1WithSHA512, tls.SignatureScheme(greaseValue), }, StatusRequest: true, Sct: true, SessionTicket: true, Alpn: []string{"h2", "http/1.1"}, EcPointFormats: []uint8{0}, PskKeyExchangeModes: []uint8{ 1, }, SupportedVersions: []uint16{ tls.VersionTLS13, tls.VersionTLS12, tls.VersionTLS11, tls.VersionTLS10, greaseValue, }, SupportedGroups: []tls.CurveID{ tls.CurveID(greaseValue), tls.X25519, tls.CurveP256, tls.CurveP384, }, Version: tls.VersionTLS12, GreaseExtension: greaseValue, ReversedExtensionOrder: true, KeyShares: 2, }
View Source
var JarmAllClientHellos = []JarmSettings{ { Name: "tls1_2_forward", Version: tls.VersionTLS12, Ciphers: "ALL", CipherOrder: FORWARD, Grease: 0x0a0a, RareALPN: false, VersionSupport: "1.2_SUPPORT", ExtensionValueOrder: REVERSE, }, { Name: "tls1_2_reverse", Version: tls.VersionTLS12, Ciphers: "ALL", CipherOrder: REVERSE, Grease: 0x0a0a, RareALPN: false, VersionSupport: "1.2_SUPPORT", ExtensionValueOrder: FORWARD, }, { Name: "tls1_2_top_half", Version: tls.VersionTLS12, Ciphers: "ALL", CipherOrder: TOP_HALF, Grease: 0x0a0a, RareALPN: false, VersionSupport: "NO_SUPPORT", ExtensionValueOrder: FORWARD, }, { Name: "tls1_2_bottom_half", Version: tls.VersionTLS12, Ciphers: "ALL", CipherOrder: BOTTOM_HALF, Grease: 0x0a0a, RareALPN: true, VersionSupport: "NO_SUPPORT", ExtensionValueOrder: FORWARD, ExtendedMasterSecret: true, }, { Name: "tls1_2_middle_out", Version: tls.VersionTLS12, Ciphers: "ALL", CipherOrder: MIDDLE_OUT, Grease: 0x0a0a, RareALPN: true, VersionSupport: "NO_SUPPORT", ExtensionValueOrder: REVERSE, }, { Name: "tls1_1_forward", Version: tls.VersionTLS11, Ciphers: "ALL", CipherOrder: FORWARD, Grease: 0x0a0a, RareALPN: false, VersionSupport: "NO_SUPPORT", ExtensionValueOrder: FORWARD, }, { Name: "tls1_3_forward", Version: tls.VersionTLS13, Ciphers: "ALL", CipherOrder: FORWARD, Grease: 0x0a0a, RareALPN: false, VersionSupport: "1.3_SUPPORT", ExtensionValueOrder: REVERSE, }, { Name: "tls1_3_reverse", Version: tls.VersionTLS13, Ciphers: "ALL", CipherOrder: REVERSE, Grease: 0x0a0a, RareALPN: false, VersionSupport: "1.3_SUPPORT", ExtensionValueOrder: FORWARD, }, { Name: "tls1_3_invalid", Version: tls.VersionTLS13, Ciphers: "NO1.3", CipherOrder: FORWARD, Grease: 0x0a0a, RareALPN: false, VersionSupport: "1.3_SUPPORT", ExtensionValueOrder: FORWARD, }, { Name: "tls1_3_middle_out", Version: tls.VersionTLS13, Ciphers: "ALL", CipherOrder: MIDDLE_OUT, Grease: 0x0a0a, RareALPN: false, VersionSupport: "1.3_SUPPORT", ExtensionValueOrder: REVERSE, }, }
View Source
var Safari14 = tls.ClientHelloPreset{ Version: tls.VersionTLS12, Ciphers: []uint16{ greaseValue4, tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_CHACHA20_POLY1305_SHA256, uint16(0xc02c), uint16(0xc02b), uint16(0xcca9), uint16(0xc030), uint16(0xc02f), uint16(0xcca8), uint16(0xc024), uint16(0xc023), uint16(0xc00a), uint16(0xc009), uint16(0xc028), uint16(0xc027), uint16(0xc014), uint16(0xc013), uint16(0x009d), uint16(0x009c), uint16(0x003d), uint16(0x003c), uint16(0x0035), uint16(0x002f), uint16(0xc008), uint16(0xc012), uint16(0x000a), }, CompressionMethods: []byte{compressionNone}, GreaseExtension: greaseValueF, RenegotiationInfo: true, SupportedGroups: []tls.CurveID{ tls.CurveID(greaseValueF), tls.X25519, tls.CurveP256, tls.CurveP384, tls.CurveP521, }, Renegotiation: tls.RenegotiateOnceAsClient, SignatureAlgorithms: []tls.SignatureScheme{ tls.ECDSAWithP256AndSHA256, tls.PSSWithSHA256, tls.SignatureScheme(0x0401), tls.ECDSAWithP384AndSHA384, tls.SignatureScheme(0x0203), tls.PSSWithSHA384, tls.PSSWithSHA384, tls.PKCS1WithSHA384, tls.PSSWithSHA512, tls.PKCS1WithSHA512, tls.PKCS1WithSHA1, }, EcPointFormats: []uint8{0}, Alpn: []string{"h2", "http/1.1"}, StatusRequest: true, SessionTicket: true, Sct: true, PskKeyExchangeModes: []uint8{ 1, }, SupportedVersions: []uint16{ greaseValueF, tls.VersionTLS13, tls.VersionTLS12, tls.VersionTLS11, tls.VersionTLS10, }, KeyShares: 1, }
Functions ¶
func GetJarmClientHello ¶
func GetJarmClientHello(config JarmSettings) *tls.ClientHelloPreset
func GetRandomClientHello ¶
func GetRandomClientHello(allValues bool) tls.ClientHelloPreset
func GetRandomClientHellos ¶
func GetRandomClientHellos(n int, seed int64, tmpDir string) []tls.ClientHelloPreset
func GetRandomSubsetPermutation ¶
func GetRandomSubsetPermutation(input interface{}, min int) interface{}
func LocalDownload ¶
Types ¶
type ClientHelloParameterOrder ¶
type ClientHelloParameterOrder uint
var BOTTOM_HALF ClientHelloParameterOrder = 3
var FORWARD ClientHelloParameterOrder = 0
var MIDDLE_OUT ClientHelloParameterOrder = 4
var REVERSE ClientHelloParameterOrder = 1
var TOP_HALF ClientHelloParameterOrder = 2
type JarmSettings ¶
type JarmSettings struct {
Name string
Version uint16
Ciphers string
CipherOrder ClientHelloParameterOrder
Grease uint16
RareALPN bool
VersionSupport string
ExtensionValueOrder ClientHelloParameterOrder
ExtendedMasterSecret bool
}
Source Files
Click to show internal directories.
Click to hide internal directories.