From 45be26db7ca445bdd7fd1c5ed6c39daecd9362f9 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Mon, 7 Apr 2025 19:36:34 +0200
Subject: [PATCH] Add Java 8u442 handshake

Also the ja3 and ja4 values were added as retrieved from wireshark.

See also #2430 .
---
 etc/client-simulation.txt             | 23 +++++++++++++++++++++++
 etc/client-simulation.wiresharked.txt | 23 +++++++++++++++++++++++
 2 files changed, 46 insertions(+)

diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt
index 53f03e6..8cb862d 100644
--- a/etc/client-simulation.txt
+++ b/etc/client-simulation.txt
@@ -2672,6 +2672,29 @@ names+=("Opera 66 (Win 10)")
      minEcdsaBits+=(-1)
      curves+=("prime256v1:secp384r1:secp521r1:sect283k1:sect283r1:sect409k1:sect409r1:sect571k1:sect571r1:secp256k1")
      requiresSha2+=(false)
+     current+=(false)
+
+     names+=("Java 8u442 (OpenJDK)")
+     short+=("java80442")
+     ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
+     ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256")
+     ch_sni+=("$SNI")
+     warning+=("")
+     handshakebytes+=("16030301a6010001a2030374d4c01ca363612e1b39dc3c31378291205ad678e0b05546c2e99cefbc1039482001be25d1468ebbe036e971467705df1181608bb965d7651d2eef4539e510c557003e130213011303c02cc02bcca9c030cca8c02f009fccaa009ec024c028c023c027006b0067c00ac014c009c01300390033009d009c003d003c0035002f00ff0100011b0000000f000d00000a7465737473736c2e7368000500050100000000000a00160014001d001700180019001e01000101010201030104000b00020100001100090007020004000000000017000000230000000d00220020040305030603080708080804080508060809080a080b04010501060103030301002b00050403040303002d00020101003200220020040305030603080708080804080508060809080a080b040105010601030303010033006b0069001d0020c0398cbcaacf48f9d7b2fa72d763e6b553ed2b5cd62bbc6d5ca776e7a3e75f7b001700410405dc76951174b4136b565f531bfb748c7cd13b4e8254f4db86b2e936dbc604831d63b0cbad1ff9cda6fe7ff6295d24c6996d4f01431dc66c23ebf9ce58e7e2fe")
+     protos+=("-no_ssl3 -no_ssl2")
+     tlsvers+=("-tls1_3 -tls1_2")
+     lowest_protocol+=("0x0303")
+     highest_protocol+=("0x0304")
+     service+=("ANY")
+     minDhBits+=(1024)
+     maxDhBits+=(-1)
+     minRsaBits+=(-1)
+     maxRsaBits+=(-1)
+     minEcdsaBits+=(224)
+     curves+=("x25519:secp256r1:secp384r1:secp521r1:x448:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192")
+     requiresSha2+=(true)
+     ja3+=("60f3e2285bc991c380f822c6ac51f947")
+     ja4+=("t13d311200_e8f1e7e78f70_6077d120928a")
      current+=(true)
 
      names+=("Java 8u31")
diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt
index 12dc1b7..ca78f23 100644
--- a/etc/client-simulation.wiresharked.txt
+++ b/etc/client-simulation.wiresharked.txt
@@ -357,6 +357,29 @@
      requiresSha2+=(false)
      current+=(true)
 
+     names+=("Java 8u442 (OpenJDK)")
+     short+=("java80442")
+     ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
+     ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256")
+     ch_sni+=("$SNI")
+     warning+=("")
+     handshakebytes+=("16030301a6010001a2030374d4c01ca363612e1b39dc3c31378291205ad678e0b05546c2e99cefbc1039482001be25d1468ebbe036e971467705df1181608bb965d7651d2eef4539e510c557003e130213011303c02cc02bcca9c030cca8c02f009fccaa009ec024c028c023c027006b0067c00ac014c009c01300390033009d009c003d003c0035002f00ff0100011b0000000f000d00000a7465737473736c2e7368000500050100000000000a00160014001d001700180019001e01000101010201030104000b00020100001100090007020004000000000017000000230000000d00220020040305030603080708080804080508060809080a080b04010501060103030301002b00050403040303002d00020101003200220020040305030603080708080804080508060809080a080b040105010601030303010033006b0069001d0020c0398cbcaacf48f9d7b2fa72d763e6b553ed2b5cd62bbc6d5ca776e7a3e75f7b001700410405dc76951174b4136b565f531bfb748c7cd13b4e8254f4db86b2e936dbc604831d63b0cbad1ff9cda6fe7ff6295d24c6996d4f01431dc66c23ebf9ce58e7e2fe")
+     protos+=("-no_ssl3 -no_ssl2")
+     tlsvers+=("-tls1_3 -tls1_2")
+     lowest_protocol+=("0x0303")
+     highest_protocol+=("0x0304")
+     service+=("ANY")
+     minDhBits+=(1024)
+     maxDhBits+=(-1)
+     minRsaBits+=(-1)
+     maxRsaBits+=(-1)
+     minEcdsaBits+=(224)
+     curves+=("x25519:secp256r1:secp384r1:secp521r1:x448:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192")
+     requiresSha2+=(true)
+     ja3+=("60f3e2285bc991c380f822c6ac51f947")
+     ja4+=("t13d311200_e8f1e7e78f70_6077d120928a")
+     current+=(true)
+
      names+=("Java 11.0.2 (OpenJDK)")
      short+=("java1102")
      ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")