[+] fix ja3 fingerprint for chrome (#60)

* [+] fix ja3 fingerprint for chrome

* chore: Updated coverage badge.

---------

Co-authored-by: GitHub Action <[email protected]>

README.md

@@ -1,6 +1,6 @@
 # AzureTLS Client 
 [![GoDoc](https://godoc.org/github.com/Noooste/azuretls-client?status.svg)](https://godoc.org/github.com/Noooste/azuretls-client)
-![Coverage](https://img.shields.io/badge/Coverage-79.4%25-brightgreen)
+![Coverage](https://img.shields.io/badge/Coverage-79.6%25-brightgreen)
 [![build](https://github.com/Noooste/azuretls-client/actions/workflows/push.yml/badge.svg)](https://github.com/Noooste/azuretls-client/actions/workflows/push.yml)
 [![Go Report Card](https://goreportcard.com/badge/Noooste/azuretls-client)](https://goreportcard.com/report/Noooste/azuretls-client)
 [![License](https://img.shields.io/badge/License-MIT-blue.svg)](https://github.com/Noooste/azuretls-client/blob/master/LICENSE)

ja3.go

@@ -26,6 +26,8 @@ func DefaultTlsSpecifications(navigator string) *TlsSpecifications {
 	var signatureAlg []tls.SignatureScheme
 	var recordSizeLimit uint16
 
+	var supportedVersions []uint16
+
 	switch navigator {
 	case Firefox:
 		signatureAlg = []tls.SignatureScheme{
@@ -41,6 +43,11 @@ func DefaultTlsSpecifications(navigator string) *TlsSpecifications {
 			tls.ECDSAWithSHA1,
 			tls.PKCS1WithSHA1,
 		}
+		supportedVersions = []uint16{
+			tls.VersionTLS13,
+			tls.VersionTLS12,
+		}
+
 		recordSizeLimit = 0x4001
 	default:
 		signatureAlg = []tls.SignatureScheme{
@@ -53,15 +60,18 @@ func DefaultTlsSpecifications(navigator string) *TlsSpecifications {
 			tls.PSSWithSHA512,
 			tls.PKCS1WithSHA512,
 		}
-	}
 
-	return &TlsSpecifications{
-		AlpnProtocols:       []string{"h2", "http/1.1"},
-		SignatureAlgorithms: signatureAlg,
-		SupportedVersions: []uint16{
+		supportedVersions = []uint16{
+			tls.GREASE_PLACEHOLDER,
 			tls.VersionTLS13,
 			tls.VersionTLS12,
-		},
+		}
+	}
+
+	return &TlsSpecifications{
+		AlpnProtocols:        []string{"h2", "http/1.1"},
+		SignatureAlgorithms:  signatureAlg,
+		SupportedVersions:    supportedVersions,
 		CertCompressionAlgos: []tls.CertCompressionAlgo{tls.CertCompressionBrotli},
 		DelegatedCredentialsAlgorithmSignatures: []tls.SignatureScheme{ // only for firefox
 			tls.ECDSAWithP256AndSHA256,
@@ -173,6 +183,18 @@ func stringToSpec(ja3 string, specifications *TlsSpecifications, navigator strin
 	//extensions
 	if information[2] != "" {
 		extensions, _, maxVers, err = getExtensions(rawExtensions, specifications, pointFormats, curves, navigator)
+
+		if err != nil {
+			return nil, err
+		}
+
+		if navigator == Chrome {
+			lastIndex := len(extensions) - 1
+			last := extensions[lastIndex]
+			extensions[lastIndex] = &tls.UtlsGREASEExtension{}
+			extensions = append(extensions, last)
+		}
+
 	} else {
 		extensions, _, maxVers, err = []tls.TLSExtension{}, 0, tls.VersionTLS13, nil
 		if information[3] != "" {

presets.go

@@ -45,15 +45,15 @@ func defaultHeaderSettings(navigator string) (map[http2.SettingID]uint32, []http
 
 	default: //chrome
 		return map[http2.SettingID]uint32{
-				http2.SettingMaxConcurrentStreams: 1000,
-				http2.SettingMaxFrameSize:         16384,
-				http2.SettingInitialWindowSize:    6291456,
-				http2.SettingHeaderTableSize:      65536,
+				http2.SettingHeaderTableSize:   65536,
+				http2.SettingEnablePush:        0,
+				http2.SettingInitialWindowSize: 6291456,
+				http2.SettingMaxHeaderListSize: 262144,
 			}, []http2.SettingID{
-				http2.SettingMaxConcurrentStreams,
-				http2.SettingMaxFrameSize,
-				http2.SettingInitialWindowSize,
 				http2.SettingHeaderTableSize,
+				http2.SettingEnablePush,
+				http2.SettingInitialWindowSize,
+				http2.SettingMaxHeaderListSize,
 			}
 	}
 }

test/ja3_test.go

@@ -26,7 +26,8 @@ func TestDefaultConfig(t *testing.T) {
 func TestChrome(t *testing.T) {
 	session := azuretls.NewSession()
 
-	if err := session.ApplyJa3("771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17513-21,29-23-24,0", azuretls.Chrome); err != nil {
+	var ja3 = "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,65281-27-0-51-65037-23-5-35-11-13-10-16-18-43-45-17513,29-23-24,0"
+	if err := session.ApplyJa3(ja3, azuretls.Chrome); err != nil {
 		t.Fatal(err)
 	}
 
@@ -36,6 +37,8 @@ func TestChrome(t *testing.T) {
 		t.Fatal(err)
 	}
 
+	fmt.Println(string(response.Body))
+
 	if response.StatusCode != 200 {
 		t.Fatal("Expected 200")
 		return
@@ -45,43 +48,37 @@ func TestChrome(t *testing.T) {
 
 	response.MustJSON(&loaded)
 
-	ja3 := loaded["tls"].(map[string]any)["ja3"].(string)
-	split := strings.Split(ja3, ",")
+	ref := strings.Split(ja3, ",")
 
-	if len(split) != 5 {
-		t.Fatal("Expected 4 parts, got ", len(split))
+	actual := strings.Split(loaded["tls"].(map[string]any)["ja3"].(string), ",")
+
+	if len(actual) != 5 {
+		t.Fatal("Expected 4 parts, got ", len(actual))
 		return
 	}
 
-	version := "771"
-	if split[0] != version {
-		t.Fatal("Expected "+version+", got ", split[0])
+	if actual[0] != ref[0] {
+		t.Fatal("Expected "+ref[0]+", got ", actual[0])
 		return
 	}
 
-	ciphers := "4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53"
-	if split[1] != ciphers {
-		t.Fatal("Expected "+ciphers+", got ", split[1])
+	if actual[1] != ref[1] {
+		t.Fatal("Expected "+ref[1]+", got ", actual[1])
 		return
 	}
 
-	//since chrome shuffle extension = not relevant to check the order
-	extensions := "45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17513-21"
-	nbExtensions := strings.Count(extensions, "-") + 1
-
-	if nbExtensions != strings.Count(split[2], "-")+1 {
-		t.Fatal("Expected "+extensions+", got ", split[2])
+	if actual[2] != ref[2] && strings.TrimSuffix(ref[2], "-21") != strings.TrimSuffix(ref[2], "-21") {
+		t.Fatal("Expected "+ref[2]+", got ", actual[2])
 		return
 	}
 
-	ellipticCurves := "29-23-24"
-	if split[3] != ellipticCurves {
-		t.Fatal("Expected"+ellipticCurves+", got ", split[3])
+	if actual[3] != ref[3] {
+		t.Fatal("Expected "+ref[3]+", got ", actual[3])
 		return
 	}
 
-	if split[4] != "0" {
-		t.Fatal("Expected 0, got ", split[4])
+	if actual[4] != ref[4] {
+		t.Fatal("Expected "+ref[4]+", got ", actual[4])
 		return
 	}
 }