From ca8054184b7d1f8fd07340854f9bdfb3d9773a67 Mon Sep 17 00:00:00 2001
From: Dirk Wetter <dirk@testssl.sh>
Date: Wed, 22 Jan 2020 10:52:07 +0100
Subject: [PATCH 1/4] remove also leading colon in helper script bc of GREASE

---
 utils/hexstream2cipher.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/utils/hexstream2cipher.sh b/utils/hexstream2cipher.sh
index 1f67180..527f20c 100755
--- a/utils/hexstream2cipher.sh
+++ b/utils/hexstream2cipher.sh
@@ -31,4 +31,6 @@ for ((i=0; i<len ; i+=4)); do
 done
 
 echo
-echo ${ciphers%:}
+# remove leading : because of GREASE, and trailing because of TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+ciphers="${ciphers%:}"
+echo ${ciphers#:}

From a50a660d6c8ccf0de0c631d6bae7c706d40747da Mon Sep 17 00:00:00 2001
From: Dirk Wetter <dirk@testssl.sh>
Date: Wed, 22 Jan 2020 10:54:50 +0100
Subject: [PATCH 2/4] Add Android 10 client simulation

---
 etc/client-simulation.txt             | 22 ++++++++++++++++++++++
 etc/client-simulation.wiresharked.txt | 22 ++++++++++++++++++++++
 2 files changed, 44 insertions(+)

diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt
index 4785990..33de424 100644
--- a/etc/client-simulation.txt
+++ b/etc/client-simulation.txt
@@ -239,6 +239,28 @@
      requiresSha2+=(true)
      current+=(true)
 
+     names+=("Android 10.0 (native)")
+     short+=("android_X")
+     ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
+     ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
+     sni+=("$SNI")
+     warning+=("")
+     handshakebytes+=("1603010200010001fc0303b0e379bbe0d7058b2d0b548d7f240da621716032e8a1577d3f3a34c2cc6794c420c44a8b4cae0a1a53970f394f078373ad2cc8962a87fad719ff8a637633792a9a00223a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001919a9a00000000002500230000206b6964736d616e6167656d656e742d70612e676f6f676c65617069732e636f6d00170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d002068d49fc35d239c0ebf95fecdc700b5a4e3f99a7c3411f90c2dd51cb9431d3330002d00020101002b000b0a2a2a0304030303020301001b0003020002caca000100001500b800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
+     protos+=("-no_ssl3 -no_ssl2")
+     tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
+     lowest_protocol+=("0x0301")
+     highest_protocol+=("0x0304")
+     alpn+=("h2,http/1.1")
+     service+=("ANY")
+     minDhBits+=(-1)
+     maxDhBits+=(-1)
+     minRsaBits+=(-1)
+     maxRsaBits+=(-1)
+     minEcdsaBits+=(-1)
+     curves+=("X25519:secp256r1:secp384r1")
+     requiresSha2+=(false)
+     current+=(true)
+
      names+=("Chrome 27 Win 7")
      short+=("chrome_27_win7")
      ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-DSS-RC4-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA")
diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt
index 81eef17..1da3d6f 100644
--- a/etc/client-simulation.wiresharked.txt
+++ b/etc/client-simulation.wiresharked.txt
@@ -49,6 +49,28 @@
      requiresSha2+=(true)
      current+=(true)
 
+     names+=("Android 10.0 (native)")
+     short+=("android_X")
+     ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
+     ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
+     sni+=("$SNI")
+     warning+=("")
+     handshakebytes+=("1603010200010001fc0303b0e379bbe0d7058b2d0b548d7f240da621716032e8a1577d3f3a34c2cc6794c420c44a8b4cae0a1a53970f394f078373ad2cc8962a87fad719ff8a637633792a9a00223a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001919a9a00000000002500230000206b6964736d616e6167656d656e742d70612e676f6f676c65617069732e636f6d00170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d002068d49fc35d239c0ebf95fecdc700b5a4e3f99a7c3411f90c2dd51cb9431d3330002d00020101002b000b0a2a2a0304030303020301001b0003020002caca000100001500b800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
+     protos+=("-no_ssl3 -no_ssl2")
+     tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
+     lowest_protocol+=("0x0301")
+     highest_protocol+=("0x0304")
+     alpn+=("h2,http/1.1")
+     service+=("ANY")
+     minDhBits+=(-1)
+     maxDhBits+=(-1)
+     minRsaBits+=(-1)
+     maxRsaBits+=(-1)
+     minEcdsaBits+=(-1)
+     curves+=("X25519:secp256r1:secp384r1")
+     requiresSha2+=(false)
+     current+=(true)
+
      names+=("Edge 17 Win 10")
      short+=("edge_17_win10")
      ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")

From 7c66ed47c016141951b8e12e35261498ac7cd2f2 Mon Sep 17 00:00:00 2001
From: Dirk Wetter <dirk@testssl.sh>
Date: Wed, 22 Jan 2020 10:58:00 +0100
Subject: [PATCH 3/4] All self retrieved Android handshakes modified to service
 ANY

---
 etc/client-simulation.txt             | 4 ++--
 etc/client-simulation.wiresharked.txt | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt
index 33de424..1d3710e 100644
--- a/etc/client-simulation.txt
+++ b/etc/client-simulation.txt
@@ -207,7 +207,7 @@
      lowest_protocol+=("0x0301")
      highest_protocol+=("0x0303")
      alpn+=("h2,http/1.1")
-     service+=("HTTP,FTP,SMTP,POP,IMAP")
+     service+=("ANY")
      minDhBits+=(-1)
      maxDhBits+=(-1)
      minRsaBits+=(-1)
@@ -229,7 +229,7 @@
      lowest_protocol+=("0x0301")
      highest_protocol+=("0x0304")
      alpn+=("h2,http/1.1")
-     service+=("HTTP,FTP,SMTP,POP,IMAP")
+     service+=("ANY")
      minDhBits+=(-1)
      maxDhBits+=(-1)
      minRsaBits+=(-1)
diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt
index 1da3d6f..7515a97 100644
--- a/etc/client-simulation.wiresharked.txt
+++ b/etc/client-simulation.wiresharked.txt
@@ -17,7 +17,7 @@
      lowest_protocol+=("0x0301")
      highest_protocol+=("0x0303")
      alpn+=("h2,http/1.1")
-     service+=("HTTP,FTP,SMTP,POP,IMAP")
+     service+=("ANY")
      minDhBits+=(-1)
      maxDhBits+=(-1)
      minRsaBits+=(-1)
@@ -39,7 +39,7 @@
      lowest_protocol+=("0x0301")
      highest_protocol+=("0x0304")
      alpn+=("h2,http/1.1")
-     service+=("HTTP,FTP,SMTP,POP,IMAP")
+     service+=("ANY")
      minDhBits+=(-1)
      maxDhBits+=(-1)
      minRsaBits+=(-1)

From eeb1acd74985a0c846a4d1f02263b771495105cb Mon Sep 17 00:00:00 2001
From: Dirk Wetter <dirk@testssl.sh>
Date: Wed, 22 Jan 2020 11:41:42 +0100
Subject: [PATCH 4/4] Android 9 still has 2 signature hash algos: x0201 + x0203

---
 etc/client-simulation.txt             | 2 +-
 etc/client-simulation.wiresharked.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt
index 1d3710e..cc845b2 100644
--- a/etc/client-simulation.txt
+++ b/etc/client-simulation.txt
@@ -236,7 +236,7 @@
      maxRsaBits+=(-1)
      minEcdsaBits+=(-1)
      curves+=("X25519:secp256r1:secp384r1")
-     requiresSha2+=(true)
+     requiresSha2+=(false)
      current+=(true)
 
      names+=("Android 10.0 (native)")
diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt
index 7515a97..7ce2b4f 100644
--- a/etc/client-simulation.wiresharked.txt
+++ b/etc/client-simulation.wiresharked.txt
@@ -46,7 +46,7 @@
      maxRsaBits+=(-1)
      minEcdsaBits+=(-1)
      curves+=("X25519:secp256r1:secp384r1")
-     requiresSha2+=(true)
+     requiresSha2+=(false)
      current+=(true)
 
      names+=("Android 10.0 (native)")