mirror of
https://github.com/drwetter/testssl.sh.git
synced 2024-12-28 20:39:45 +01:00
Merge pull request #2169 from drwetter/update_clients1
Update client simulations
This commit is contained in:
Dirk Wetter
GitHub
commit
8438f99856
@ -38,3 +38,7 @@ If you want to check trust against e.g. a company internal CA you need to use ``
|
||||
* ``client-simulation.txt`` / ``client-simulation.wiresharked.txt`` are as the names indicate data for the client simulation.
|
||||
The first one is derived from ``~/utils/update_client_sim_data.pl``, and manually edited to sort and label those we don't want.
|
||||
The second file provides more client data retrieved from wireshark captures and some instructions how to do that yourself.
|
||||
|
||||
* SSLSocketClient.java as the name indicates is a simple socket client in Java to generate a TLS/SSL handshake. It's taken from
|
||||
https://docs.oracle.com/javase/10/security/sample-code-illustrating-secure-socket-connection-client-and-server.htm . It's not
|
||||
ours and it's not GPLv2. There wasn't any license mentioned, it's only added for your convenience.
|
||||
|
||||
91
etc/SSLSocketClient.java
Normal file
91
etc/SSLSocketClient.java
Normal file
@ -0,0 +1,91 @@
|
||||
import java.net.*;
|
||||
import java.io.*;
|
||||
import javax.net.ssl.*;
|
||||
|
||||
/* java SSLSocketClient taken from
|
||||
* https://docs.oracle.com/javase/10/security/sample-code-illustrating-secure-socket-connection-client-and-server.htm
|
||||
* License: Unknown, not GPLv2
|
||||
*/
|
||||
|
||||
/*
|
||||
* This example demonstrates how to use a SSLSocket as client to
|
||||
* send a HTTP request and get response from an HTTPS server.
|
||||
* It assumes that the client is not behind a firewall.
|
||||
* The handshake doesn't include any ALPN protocols. See
|
||||
* https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/alpn.html
|
||||
* for more documentation.
|
||||
*/
|
||||
|
||||
public class SSLSocketClient {
|
||||
|
||||
public static void main(String[] args) throws Exception {
|
||||
String host=args[0];
|
||||
|
||||
if ( args == null || args.length == 0 || host.trim().isEmpty() ) {
|
||||
System.out.println("You need to supply a valid hostname");
|
||||
} else {
|
||||
try {
|
||||
SSLSocketFactory factory =
|
||||
(SSLSocketFactory)SSLSocketFactory.getDefault();
|
||||
SSLSocket socket =
|
||||
(SSLSocket)factory.createSocket(host, 443);
|
||||
|
||||
/*
|
||||
* send http request
|
||||
*
|
||||
* Before any application data is sent or received, the
|
||||
* SSL socket will do SSL handshaking first to set up
|
||||
* the security attributes.
|
||||
*
|
||||
* SSL handshaking can be initiated by either flushing data
|
||||
* down the pipe, or by starting the handshaking by hand.
|
||||
*
|
||||
* Handshaking is started manually in this example because
|
||||
* PrintWriter catches all IOExceptions (including
|
||||
* SSLExceptions), sets an internal error flag, and then
|
||||
* returns without rethrowing the exception.
|
||||
*
|
||||
* Unfortunately, this means any error messages are lost,
|
||||
* which caused lots of confusion for others using this
|
||||
* code. The only way to tell there was an error is to call
|
||||
* PrintWriter.checkError().
|
||||
*/
|
||||
socket.startHandshake();
|
||||
|
||||
PrintWriter out = new PrintWriter(
|
||||
new BufferedWriter(
|
||||
new OutputStreamWriter(
|
||||
socket.getOutputStream())));
|
||||
|
||||
out.println("GET / HTTP/1.1");
|
||||
out.println("Host: " + host);
|
||||
out.println("Connection: close");
|
||||
out.println();
|
||||
out.flush();
|
||||
|
||||
/*
|
||||
* Make sure there were no surprises
|
||||
*/
|
||||
if (out.checkError())
|
||||
System.out.println(
|
||||
"SSLSocketClient: java.io.PrintWriter error");
|
||||
|
||||
/* read response */
|
||||
BufferedReader in = new BufferedReader(
|
||||
new InputStreamReader(
|
||||
socket.getInputStream()));
|
||||
|
||||
String inputLine;
|
||||
while ((inputLine = in.readLine()) != null)
|
||||
System.out.println(inputLine);
|
||||
|
||||
in.close();
|
||||
out.close();
|
||||
socket.close();
|
||||
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -130,7 +130,7 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("secp521r1:secp384r1:prime256v1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Android 5.0.0")
|
||||
short+=("android_500")
|
||||
@ -151,7 +151,7 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("secp521r1:secp384r1:prime256v1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Android 6.0")
|
||||
short+=("android_60")
|
||||
@ -220,7 +220,7 @@
|
||||
|
||||
names+=("Android 9.0 (native)")
|
||||
short+=("android_90")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -242,7 +242,7 @@
|
||||
|
||||
names+=("Android 10.0 (native)")
|
||||
short+=("android_X")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -262,6 +262,50 @@
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 11 (native)")
|
||||
short+=("android_11")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc03030cd23f97801d202c5827875ff92bbcdcaba7bab8063f6a8203f260e12e3dffe920d864f831a405b2eeff3d9bfb107d8600518c0fb6a45492b134fbf7f828b08a860022130113021303c02bc02ccca9c02fc030cca8c009c00ac013c014009c009d002f00350100019100000010000e00000b662d64726f69642e6f726700170000ff01000100000a00080006001d00170018000b00020100002300000010000b000908687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201003300260024001d002047a6c973047a94414d8db841fd3128a5915046c2b6ae19b69043eb0fd9cee156002d00020101002b0009080304030303020301001500ed000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 12 (native)")
|
||||
short+=("android_12")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc0303ef9015ea56c63737ffffc0accb09384a436f080a39f77fe113356ae5bfd1254a20163dc9147addf7e7fdb45852fbfe8e3fb2b79ec6f725bfda838d429eba22e6670022130113021303c02bc02ccca9c02fc030cca8c009c00ac013c014009c009d002f00350100019100000010000e00000b662d64726f69642e6f726700170000ff01000100000a00080006001d00170018000b00020100002300000010000b000908687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201003300260024001d0020f209906d70ae4ba88ac3c89810eb7092be23e377f98d8c96696dec9296358c3e002d00020101002b0009080304030303020301001500ed000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Chrome 27 Win 7")
|
||||
short+=("chrome_27_win7")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-DSS-RC4-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
@ -789,7 +833,7 @@
|
||||
|
||||
names+=("Chrome 73 (Win 10)")
|
||||
short+=("chrome_73_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -811,7 +855,7 @@
|
||||
|
||||
names+=("Chrome 74 (Win 10)")
|
||||
short+=("chrome_74_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -829,11 +873,11 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Chrome 78 (Win 10)")
|
||||
short+=("chrome_78_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -855,7 +899,7 @@
|
||||
|
||||
names+=("Chrome 79 (Win 10)")
|
||||
short+=("chrome_79_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -875,6 +919,28 @@
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Chrome 101 (Win 10)")
|
||||
short+=("chrome_101_win10")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc030387502355f7a317c3c0ff03e7ff6841b941dd76ba48071f621d19c7a43786167b20d2a6df6c9967eaf101fbb914d49535bfdfefc61a6c147ad8eb7865671dd4280500201a1a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035010001932a2a00000000000f000d00000a7465737473736c2e736800170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00205daf6d36d377a66de529cf4ab9a428842a46c9671f818d8d816b13cc4c49704b002d00020101002b000706aaaa03040303001b00030200024469000500030268324a4a000100001500cd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("Firefox 10.0.12 ESR Win 7")
|
||||
short+=("firefox_10012_esr_win7")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
@ -1486,7 +1552,7 @@
|
||||
|
||||
names+=("Firefox 66 (Win 8.1/10)")
|
||||
short+=("firefox_66_win81")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -1508,7 +1574,7 @@
|
||||
|
||||
names+=("Firefox 71 (Win 10)")
|
||||
short+=("firefox_71_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -1526,6 +1592,28 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072")
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Firefox 100 (Win 10)")
|
||||
short+=("firefox_100_win10")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc03033586b7a64a26c288145531ee4d59285a375f267e66e5feb12ece8decdbaabeee208f15cc72bce2a42c4095c6b4015a82dc137298167c615f103e0c9985600ac8b60022130113031302c02bc02fcca9cca8c02cc030c00ac009c013c014009c009d002f0035010001910000000f000d00000a7465737473736c2e736800170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000010000e000c02683208687474702f312e310005000501000000000022000a000804030503060302030033006b0069001d00209dcc2f0c8fe0baf461c114288632a90723f2cab45573b70fd8a07e2f743f63340017004104907687ae8e8da3f272b887ce11b2a40d5c8bf5e135a58c7575ea8f421d923e6a6883f8dae7fb1db8502f983005bd26e3a444b08c6debf5226d355bc64c189832002b00050403040303000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015008c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP")
|
||||
minDhBits+=(1023)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 6 XP")
|
||||
@ -1905,6 +1993,28 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Edge 101 Win 10 21H2")
|
||||
short+=("edge_101_win10_21h2")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc030360a807485e4eb933f7a4f3266e30eca613800f1d226e9604f68a10f3c92ed3bb2080fa39190e2a30e50dca37242c336e382fb27b0ce0373bbf56d97c959886bf0d00204a4a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035010001933a3a00000000000f000d00000a7465737473736c2e736800170000ff01000100000a000a0008caca001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b0029caca000100001d0020ad8d8b31297a70087d0535f9dd2555b9d04747b409cd5958fccde237f8893d3c002d00020101002b000706aaaa03040303001b0003020002446900050003026832caca000100001500cd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(16384)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("Opera 12.15 Win 7")
|
||||
@ -2015,7 +2125,7 @@
|
||||
|
||||
names+=("Opera 65 (Win 10)")
|
||||
short+=("opera_65_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -2037,7 +2147,7 @@
|
||||
|
||||
names+=("Opera 66 (Win 10)")
|
||||
short+=("opera_66_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -2055,7 +2165,7 @@ names+=("Opera 66 (Win 10)")
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Safari 5.1.9 OS X 10.6.8")
|
||||
short+=("safari_519_osx1068")
|
||||
@ -2265,7 +2375,7 @@ names+=("Opera 66 (Win 10)")
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("prime256v1:secp384r1:secp521r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Safari 9 OS X 10.11")
|
||||
short+=("safari_9_osx1011")
|
||||
@ -2286,7 +2396,7 @@ names+=("Opera 66 (Win 10)")
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("prime256v1:secp384r1:secp521r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Safari 10 iOS 10")
|
||||
short+=("safari_10_ios10")
|
||||
@ -2328,7 +2438,7 @@ names+=("Opera 66 (Win 10)")
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("prime256v1:secp384r1:secp521r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Safari 12.1 (iOS 12.2)")
|
||||
short+=("safari_121_ios_122")
|
||||
@ -2395,6 +2505,28 @@ names+=("Opera 66 (Win 10)")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 15.4 (macOS 12.3.1)")
|
||||
short+=("safari_154_osx_1231")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc030345ecc5bc82ce47ee1a3491d46343fc5f36d43856d141c9896c323600b3bf2009203dfd825c6b7164a52872e5041ded637d67094f385b32086eb97d375a5ec6e362002ababa130113021303c02cc02bcca9c030c02fcca8c00ac009c014c013009d009c0035002fc008c012000a01000189dada00000000000f000d00000a7465737473736c2e736800170000ff01000100000a000c000a4a4a001d001700180019000b000201000010000e000c02683208687474702f312e31000500050100000000000d0018001604030804040105030203080508050501080606010201001200000033002b00294a4a000100001d00201911629f64c7dbfaa854871ab7f55545c784c1ef5ea5211c30dee96aaf64b53d002d00020101002b000b0a9a9a0304030303020301001b0003020001caca000100001500c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP")
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Apple ATS 9 iOS 9")
|
||||
short+=("apple_ats_9_ios9")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA")
|
||||
@ -2414,7 +2546,7 @@ names+=("Opera 66 (Win 10)")
|
||||
minEcdsaBits+=(256)
|
||||
curves+=("prime256v1:secp384r1:secp521r1")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Tor 17.0.9 Win 7")
|
||||
short+=("tor_1709_win7")
|
||||
@ -2456,7 +2588,7 @@ names+=("Opera 66 (Win 10)")
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Java 7u25")
|
||||
short+=("java_7u25")
|
||||
@ -2586,7 +2718,7 @@ names+=("Opera 66 (Win 10)")
|
||||
|
||||
names+=("Java 11.0.2 (OpenJDK)")
|
||||
short+=("java1102")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -2607,7 +2739,7 @@ names+=("Opera 66 (Win 10)")
|
||||
|
||||
names+=("Java 12.0.1 (OpenJDK)")
|
||||
short+=("java1201")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -2624,6 +2756,71 @@ names+=("Opera 66 (Win 10)")
|
||||
minEcdsaBits+=(224)
|
||||
curves+=("secp256r1:secp384r1:secp521r1:sect283k1:sect283r1:sect409k1:sect409r1:sect571k1:sect571r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192")
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Java 17.0.3 (OpenJDK)")
|
||||
short+=("java1703")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030301a6010001a203031c34c4ac5ef5ba1ade5e678607fbe6d28d9e23421d185b24a30ffab293706cbd20d70d8ee01cfe86e031a4aa86264b7740ce072f6fe346bb9f405d79183c037b6a003e130213011303c02cc02bcca9c030cca8c02f009fccaa009ec024c028c023c027006b0067c00ac014c009c01300390033009d009c003d003c0035002f00ff0100011b0000000f000d00000a7465737473736c2e7368000500050100000000000a00160014001d001700180019001e01000101010201030104000b00020100001100090007020004000000000017000000230000000d00220020040305030603080708080804080508060809080a080b04010501060103030301002b00050403040303002d00020101003200220020040305030603080708080804080508060809080a080b040105010601030303010033006b0069001d00205c36e17a8c09191c270fda0dce029fe19ce8cd677509b3bc875454e7904b6a6700170041047e12aff13aeee1b8690e5be53549c26f5a3b94e32462d18bb076e095471ac05be1dbce117b77b322969b32a0fe68fd0ea955e8bbfdda8c4b413cb0fecc305782")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
service+=("ANY")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(224)
|
||||
curves+=("x25519:secp256r1:secp384r1:secp521r1:x448:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192")
|
||||
requireseha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("go 1.17.8")
|
||||
short+=("go_1178")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030101130100010f03031029d230a9b311180dec08b33ed809c3516adcf841cd3ec640a6d1b0ad6470e8204a279851f3e8a94a156e37b13d79f30c2ddbdc6907f30f663df9f43c9dd82b8e0026c02bc02fc02cc030cca9cca8c009c013c00ac014009c009d002f0035c012000a130113021303010000a00000000f000d00000a7465737473736c2e7368000500050100000000000a000a0008001d001700180019000b00020100000d001a0018080404030807080508060401050106010503060302010203ff010001000010000e000c02683208687474702f312e3100120000002b0009080304030303020301003300260024001d0020a3704893c7f1fb37d84dda6c10a6b1b7315d8f05e2a7946c239aaa13a33efa28")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(224)
|
||||
curves+=("x25519:secp256r1:secp384r1:secp521r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("LibreSSL 2.8.3 (Apple)")
|
||||
short+=("libressl_283")
|
||||
ch_ciphers+=("ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:GOST2012256-GOST89-GOST89:DHE-RSA-CAMELLIA256-SHA256:DHE-RSA-CAMELLIA256-SHA:GOST2001-GOST89-GOST89:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA256:CAMELLIA128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100d2010000ce0303b92919aa3a64d5be518c116c52fc2fd6aab43535432e0702668527957473b6b400005ccca9cca8ccaac030c02cc028c024c014c00a009f006b0039ff8500c400880081009d003d003500c00084c02fc02bc027c023c013c009009e0067003300be0045009c003c002f00ba0041c011c00700050004c012c0080016000a00ff010000490000000f000d00000a7465737473736c2e7368000b00020100000a00080006001d0017001800230000000d001c001a06010603efef0501050304010403eeeeeded0301030302010203")
|
||||
protos+=("-no_ssl2 -no_ssl3")
|
||||
tlsvers+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("OpenSSL 0.9.8y")
|
||||
@ -2756,7 +2953,7 @@ names+=("Opera 66 (Win 10)")
|
||||
|
||||
names+=("OpenSSL 1.1.1b (Debian)")
|
||||
short+=("openssl_111b")
|
||||
ch_ciphers+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -2778,7 +2975,7 @@ names+=("Opera 66 (Win 10)")
|
||||
|
||||
names+=("OpenSSL 1.1.1d (Debian)")
|
||||
short+=("openssl_111d")
|
||||
ch_ciphers+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -2798,9 +2995,53 @@ names+=("Opera 66 (Win 10)")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("OpenSSL 3.0.3 (git)")
|
||||
short+=("openssl_303")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030101370100013303031bd0fe6e109e027d3c6368ac3629f9ecdb499a4a284df7fea7084bcbc8975900206db4bfae530aef2092a0faa3668bc23924b4a333f31eb48c0a55e4e420e9a417003e130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff010000ac0000000f000d00000a7465737473736c2e7368000b000403000102000a00160014001d0017001e0019001801000101010201030104002300000016000000170000000d002a0028040305030603080708080809080a080b080408050806040105010601030303010302040205020602002b0009080304030303020301002d00020101003300260024001d00207112b9de757a3a6a8afac74621c945419bbadd8e74f35a5958b2969328b73d4e")
|
||||
protos+=("-no_ssl2 -no_ssl3")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:x448:secp521r1:secp384r1")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("Apple Mail (16.0)")
|
||||
short+=("apple_mail_16_0")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100a9010000a50303629610e27d8327bb7869cb85b066cd04b5c5caa9bfb14740edc358ac9dcd843b00002c00ffc02cc02bc024c023c00ac009c008c030c02fc028c027c014c013c012009d009c003d003c0035002f000a0100005000000013001100000e696d61702e676d61696c2e636f6d000a00080006001700180019000b00020100000d00120010040102010501060104030203050306030005000501000000000012000000170000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_2 -tls1_1 -tls1_0")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP,SMTP,POP,IMAP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("secp256r1:secp384r1:secp521r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Thunderbird (60.6)")
|
||||
short+=("thunderbird_60_6_1")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -2822,7 +3063,7 @@ names+=("Opera 66 (Win 10)")
|
||||
|
||||
names+=("Thunderbird (68.3)")
|
||||
short+=("thunderbird_68_3_1")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -2840,6 +3081,28 @@ names+=("Opera 66 (Win 10)")
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072")
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Thunderbird (91.9)")
|
||||
short+=("thunderbird_91_9")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc030398fea60c514a1aa7931c86651b3486f0f9caca127093a7b213b8ea135f0a89ad20f2f096a2f33d57fe91ad3398b3e76d5d5620eafc6cffa6586b230d207f8912bf0024130113031302c02bc02fcca9cca8c02cc030c00ac009c013c014009c009d002f0035000a0100018f00000011000f00000c696d61702e676d782e6e657400170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000005000501000000000022000a000804030503060302030033006b0069001d00208a798abebb2289f6cd1d87d0e79b101714dd6d21832c95cc0900c246a74189470017004104e84182d790cbb409acc446aa7b2da35b9d91e5c3ab9a1306f3a737092c06616f9f0373483fa3f41dbbbcfb1c51ecb6994c796787ce2f516fe860905f35dd48db002b00050403040303000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015009a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP,SMTP,POP,IMAP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Baidu Jan 2015")
|
||||
|
||||
@ -1,24 +1,26 @@
|
||||
This file contains client handshake data manually created from Wireshark.
|
||||
The content needs to be added to client-simulation.txt which other part
|
||||
comes from the SSLlabs client API via ``update_client_sim_data.pl``
|
||||
The whole process is done manually.
|
||||
The file `client-simulation.wiresharked.txt` contains client handshake data manually harvested from a network capture and displayed best with Wireshark.
|
||||
The content needs to be added to `client-simulation.txt` which other part comes from the SSLlabs client API via `update_client_sim_data.pl`
|
||||
The whole process is manual but not too difficult.
|
||||
|
||||
## Instructions how to add a client simulation:
|
||||
|
||||
* Start wireshark at a client or router. Best is during capture to filter for the target of your choice.
|
||||
* Start wireshark / tcpdump at a client or router. If it's too noisy better filter for the target of your choice.
|
||||
* Make sure you create a bit of encrypted traffic to your target. Attention, privacy: if you want to contribute, be aware that the ClientHello contains the target hostname (SNI).
|
||||
* Make sure the client traffic is specific: For just "Android" do not use a browser! Be also careful with Google Apps, especially on older devices as they might come with an own/updated TLS stack
|
||||
* Make sure the client traffic is specific: For just "Android" do not use an Android browser! Be also careful with factory installed Google Apps, especially on older devices as they might come with a different TLS stack.
|
||||
* Stop recording.
|
||||
* If needed sort for ClientHello.
|
||||
* Look for the ClientHello which matches the source IP + destination you had in mind. Check the destination hostname in the SNI extension so that you can be sure, it's the right traffic.
|
||||
* Retrieve "handshakebytes" by marking the Record Layer --> Copy --> As a hex stream.
|
||||
* Figure out "protos" and "tlsvers" by looking at the supported_versions TLS extension (43=0x002b). May work only on modern clients. Be careful as some do not list all TLS versions here (OpenSSL 1.1.1 lists only TLS 1.2/1.3 here)
|
||||
* Adjust "lowest_protocol" and "highest_protocol" accordingly.
|
||||
* For "curves" mark the supported groups TLS extension --> Copy --> As a hex stream, remove any leading GREASE ciphers (?a?a) and supply it to `~/utils/hexstream2curves.sh`
|
||||
* Retrieve "alpn" by looking at the alpn TLS extension 16 (=0x0010).
|
||||
* Review TLS extension 13 (=0x000d) whether any SHA1 signature algorithm is listed. If not "requiresSha2" is true
|
||||
* Leave "maxDhBits"/"minDhBits" and "minRsaBits"/"maxRsaBits" at -1, unless you know for sure what the client can handle
|
||||
* For "ciphers" mark the cipher suites --> Copy --> As a hex stream, remove any leading GREASE ciphers (?a?a) and supply it to `~/utils/hexstream2cipher.sh`
|
||||
* "ciphersuites" are TLS 1.3 ciphersuites. You can identify them as they currently are like 0x130?. Retrieve them from above see ``~/utils/hexstream2cipher.sh``
|
||||
* Figure out the services by applying a good piece of human logic
|
||||
* Before submitting a PR: test it yourself! You can also watch it again via wireshark
|
||||
* Edit `client-simulation.wiresharked.txt` and insert a new section, preferably by copying a previous version of the client from it.
|
||||
* Edit the *names* accordingly and *short*. The latter must not contain blanks.
|
||||
* Retrieve *handshakebytes* by marking the "TLS 1.x Record Layer" --> Copy --> As a hex stream.
|
||||
* For *ch_ciphers* mark "Cipher Suites" --> Copy --> As a hex stream, remove any leading GREASE ciphers (?a?a) and supply it to `~/utils/hexstream2cipher.sh`. For consistency reasons it is preferred you remove the TLS 1.3 ciphers before which start with TLS\*.
|
||||
* *ciphersuites* are TLS 1.3 ciphersuites. You can identify them as they currently are like 0x130?. Retrieve them from above see `~/utils/hexstream2cipher.sh`. They start with TLS\*.
|
||||
* Figure out *protos* and *tlsvers* by looking at the *supported_versions* TLS extension (43=0x002b). May work only with recent clients. Be careful as some do not list all TLS versions here (OpenSSL 1.1.1 listed only TLS 1.2/1.3).
|
||||
* Adjust *lowest_protocol* and *highest_protocol* accordingly.
|
||||
* For *curves* mark the "supported groups" TLS extension --> Copy --> As a hex stream, remove any leading GREASE ciphers (?a?a) and supply it to `~/utils/hexstream2curves.sh`.
|
||||
* Retrieve *alpn* by looking at the "alpn" TLS extension 16 (=0x0010).
|
||||
* Review TLS extension 13 (=0x000d) "signature_algorithm" whether any SHA1 signature algorithm is listed. If not *requiresSha2* is true.
|
||||
* Leave *maxDhBits*/*minDhBits* and *minRsaBits*/*maxRsaBit* at -1, unless you know for sure what the client can handle.
|
||||
* Figure out the *services* by applying a good piece of human logic. A (modern) browser is probably "HTTP", OpenSSL or Java "ANY" whereas Thunderbird supports a variety of protocols.
|
||||
* When you're done copy your inserted section from `client-simulation.wiresharked.txt` into `client-simulation.txt`.
|
||||
* Before submitting a PR: test it yourself! You can also watch it again via wireshark.
|
||||
|
||||
@ -51,7 +51,7 @@
|
||||
|
||||
names+=("Android 9.0 (native)")
|
||||
short+=("android_90")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -73,7 +73,7 @@
|
||||
|
||||
names+=("Android 10.0 (native)")
|
||||
short+=("android_X")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -93,6 +93,50 @@
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 11 (native)")
|
||||
short+=("android_11")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc03030cd23f97801d202c5827875ff92bbcdcaba7bab8063f6a8203f260e12e3dffe920d864f831a405b2eeff3d9bfb107d8600518c0fb6a45492b134fbf7f828b08a860022130113021303c02bc02ccca9c02fc030cca8c009c00ac013c014009c009d002f00350100019100000010000e00000b662d64726f69642e6f726700170000ff01000100000a00080006001d00170018000b00020100002300000010000b000908687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201003300260024001d002047a6c973047a94414d8db841fd3128a5915046c2b6ae19b69043eb0fd9cee156002d00020101002b0009080304030303020301001500ed000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 12 (native)")
|
||||
short+=("android_12")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc0303ef9015ea56c63737ffffc0accb09384a436f080a39f77fe113356ae5bfd1254a20163dc9147addf7e7fdb45852fbfe8e3fb2b79ec6f725bfda838d429eba22e6670022130113021303c02bc02ccca9c02fc030cca8c009c00ac013c014009c009d002f00350100019100000010000e00000b662d64726f69642e6f726700170000ff01000100000a00080006001d00170018000b00020100002300000010000b000908687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201003300260024001d0020f209906d70ae4ba88ac3c89810eb7092be23e377f98d8c96696dec9296358c3e002d00020101002b0009080304030303020301001500ed000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Edge 17 Win 10")
|
||||
short+=("edge_17_win10")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")
|
||||
@ -113,11 +157,33 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Edge 101 Win 10 21H2")
|
||||
short+=("edge_101_win10_21h2")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc030360a807485e4eb933f7a4f3266e30eca613800f1d226e9604f68a10f3c92ed3bb2080fa39190e2a30e50dca37242c336e382fb27b0ce0373bbf56d97c959886bf0d00204a4a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035010001933a3a00000000000f000d00000a7465737473736c2e736800170000ff01000100000a000a0008caca001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b0029caca000100001d0020ad8d8b31297a70087d0535f9dd2555b9d04747b409cd5958fccde237f8893d3c002d00020101002b000706aaaa03040303001b0003020002446900050003026832caca000100001500cd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(16384)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("Chrome 73 (Win 10)")
|
||||
short+=("chrome_73_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -139,7 +205,7 @@
|
||||
|
||||
names+=("Chrome 74 (Win 10)")
|
||||
short+=("chrome_74_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -157,11 +223,11 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Chrome 78 (Win 10)")
|
||||
short+=("chrome_78_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -183,7 +249,7 @@
|
||||
|
||||
names+=("Chrome 79 (Win 10)")
|
||||
short+=("chrome_79_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -203,9 +269,31 @@
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Chrome 101 (Win 10)")
|
||||
short+=("chrome_101_win10")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc030387502355f7a317c3c0ff03e7ff6841b941dd76ba48071f621d19c7a43786167b20d2a6df6c9967eaf101fbb914d49535bfdfefc61a6c147ad8eb7865671dd4280500201a1a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035010001932a2a00000000000f000d00000a7465737473736c2e736800170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00205daf6d36d377a66de529cf4ab9a428842a46c9671f818d8d816b13cc4c49704b002d00020101002b000706aaaa03040303001b00030200024469000500030268324a4a000100001500cd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("Firefox 66 (Win 8.1/10)")
|
||||
short+=("firefox_66_win")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -227,7 +315,7 @@
|
||||
|
||||
names+=("Firefox 71 (Win 10)")
|
||||
short+=("firefox_71_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -245,11 +333,33 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072")
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Firefox 100 (Win 10)")
|
||||
short+=("firefox_100_win10")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc03033586b7a64a26c288145531ee4d59285a375f267e66e5feb12ece8decdbaabeee208f15cc72bce2a42c4095c6b4015a82dc137298167c615f103e0c9985600ac8b60022130113031302c02bc02fcca9cca8c02cc030c00ac009c013c014009c009d002f0035010001910000000f000d00000a7465737473736c2e736800170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000010000e000c02683208687474702f312e310005000501000000000022000a000804030503060302030033006b0069001d00209dcc2f0c8fe0baf461c114288632a90723f2cab45573b70fd8a07e2f743f63340017004104907687ae8e8da3f272b887ce11b2a40d5c8bf5e135a58c7575ea8f421d923e6a6883f8dae7fb1db8502f983005bd26e3a444b08c6debf5226d355bc64c189832002b00050403040303000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015008c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP")
|
||||
minDhBits+=(1023)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Java 11.0.2 (OpenJDK)")
|
||||
short+=("java1102")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -270,7 +380,7 @@
|
||||
|
||||
names+=("Java 12.0.1 (OpenJDK)")
|
||||
short+=("java1201")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:AES256-SHA256:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -287,11 +397,54 @@
|
||||
minEcdsaBits+=(224)
|
||||
curves+=("secp256r1:secp384r1:secp521r1:sect283k1:sect283r1:sect409k1:sect409r1:sect571k1:sect571r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192")
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Java 17.0.3 (OpenJDK)")
|
||||
short+=("java1703")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030301a6010001a203031c34c4ac5ef5ba1ade5e678607fbe6d28d9e23421d185b24a30ffab293706cbd20d70d8ee01cfe86e031a4aa86264b7740ce072f6fe346bb9f405d79183c037b6a003e130213011303c02cc02bcca9c030cca8c02f009fccaa009ec024c028c023c027006b0067c00ac014c009c01300390033009d009c003d003c0035002f00ff0100011b0000000f000d00000a7465737473736c2e7368000500050100000000000a00160014001d001700180019001e01000101010201030104000b00020100001100090007020004000000000017000000230000000d00220020040305030603080708080804080508060809080a080b04010501060103030301002b00050403040303002d00020101003200220020040305030603080708080804080508060809080a080b040105010601030303010033006b0069001d00205c36e17a8c09191c270fda0dce029fe19ce8cd677509b3bc875454e7904b6a6700170041047e12aff13aeee1b8690e5be53549c26f5a3b94e32462d18bb076e095471ac05be1dbce117b77b322969b32a0fe68fd0ea955e8bbfdda8c4b413cb0fecc305782")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
service+=("ANY")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(224)
|
||||
curves+=("x25519:secp256r1:secp384r1:secp521r1:x448:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("go 1.17.8")
|
||||
short+=("go_1178")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030101130100010f03031029d230a9b311180dec08b33ed809c3516adcf841cd3ec640a6d1b0ad6470e8204a279851f3e8a94a156e37b13d79f30c2ddbdc6907f30f663df9f43c9dd82b8e0026c02bc02fc02cc030cca9cca8c009c013c00ac014009c009d002f0035c012000a130113021303010000a00000000f000d00000a7465737473736c2e7368000500050100000000000a000a0008001d001700180019000b00020100000d001a0018080404030807080508060401050106010503060302010203ff010001000010000e000c02683208687474702f312e3100120000002b0009080304030303020301003300260024001d0020a3704893c7f1fb37d84dda6c10a6b1b7315d8f05e2a7946c239aaa13a33efa28")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(224)
|
||||
curves+=("x25519:secp256r1:secp384r1:secp521r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Opera 60 (Win 10)")
|
||||
short+=("opera_60_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -313,7 +466,7 @@
|
||||
|
||||
names+=("Opera 65 (Win 10)")
|
||||
short+=("opera_65_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -335,7 +488,7 @@
|
||||
|
||||
names+=("Opera 66 (Win 10)")
|
||||
short+=("opera_66_win10")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -355,6 +508,28 @@
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("LibreSSL 2.8.3 (Apple)")
|
||||
short+=("libressl_283")
|
||||
ch_ciphers+=("ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:GOST2012256-GOST89-GOST89:DHE-RSA-CAMELLIA256-SHA256:DHE-RSA-CAMELLIA256-SHA:GOST2001-GOST89-GOST89:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA256:CAMELLIA128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100d2010000ce0303b92919aa3a64d5be518c116c52fc2fd6aab43535432e0702668527957473b6b400005ccca9cca8ccaac030c02cc028c024c014c00a009f006b0039ff8500c400880081009d003d003500c00084c02fc02bc027c023c013c009009e0067003300be0045009c003c002f00ba0041c011c00700050004c012c0080016000a00ff010000490000000f000d00000a7465737473736c2e7368000b00020100000a00080006001d0017001800230000000d001c001a06010603efef0501050304010403eeeeeded0301030302010203")
|
||||
protos+=("-no_ssl2 -no_ssl3")
|
||||
tlsvers+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("OpenSSL 1.1.0j (Debian)")
|
||||
short+=("openssl_110j")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
@ -401,7 +576,7 @@
|
||||
|
||||
names+=("OpenSSL 1.1.1b (Debian)")
|
||||
short+=("openssl_111b")
|
||||
ch_ciphers+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -423,12 +598,12 @@
|
||||
|
||||
names+=("OpenSSL 1.1.1d (Debian)")
|
||||
short+=("openssl_111d")
|
||||
ch_ciphers+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030101290100012503036f18cf85cf24e3676f0e79a3503aa9feefc961e3baed7b00fd876a2c6d2395b3205f4fb8769aa1e5279b848b3f35bec3d7aa9966595d22ebcd35e72f79b9d9fcc9003e130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff0100009e0000000f000d00000a7465737473736c2e7368000b000403000102000a000c000a001d0017001e00190018002300000016000000170000000d002a0028040305030603080708080809080a080b080408050806040105010601030303010302040205020602002b00050403040303002d00020101003300260024001d0020a12c2f7e04adcb76ce5eb8b05cf631e7cdf46f5e28cbe86a676d704098507b40")
|
||||
protos+=("-no_ssl2 -no_ssl3 -tls1_1 -tls1")
|
||||
protos+=("-no_ssl2 -no_ssl3")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
@ -443,9 +618,53 @@
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("OpenSSL 3.0.3 (git)")
|
||||
short+=("openssl_303")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA")
|
||||
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030101370100013303031bd0fe6e109e027d3c6368ac3629f9ecdb499a4a284df7fea7084bcbc8975900206db4bfae530aef2092a0faa3668bc23924b4a333f31eb48c0a55e4e420e9a417003e130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff010000ac0000000f000d00000a7465737473736c2e7368000b000403000102000a00160014001d0017001e0019001801000101010201030104002300000016000000170000000d002a0028040305030603080708080809080a080b080408050806040105010601030303010302040205020602002b0009080304030303020301002d00020101003300260024001d00207112b9de757a3a6a8afac74621c945419bbadd8e74f35a5958b2969328b73d4e")
|
||||
protos+=("-no_ssl2 -no_ssl3")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:x448:secp521r1:secp384r1")
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("Apple Mail (16.0)")
|
||||
short+=("apple_mail_16_0")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100a9010000a50303629610e27d8327bb7869cb85b066cd04b5c5caa9bfb14740edc358ac9dcd843b00002c00ffc02cc02bc024c023c00ac009c008c030c02fc028c027c014c013c012009d009c003d003c0035002f000a0100005000000013001100000e696d61702e676d61696c2e636f6d000a00080006001700180019000b00020100000d00120010040102010501060104030203050306030005000501000000000012000000170000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_2 -tls1_1 -tls1_0")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP,SMTP,POP,IMAP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("secp256r1:secp384r1:secp521r1")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Thunderbird (60.6)")
|
||||
short+=("thunderbird_60_6_1")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -467,7 +686,7 @@
|
||||
|
||||
names+=("Thunderbird (68.3)")
|
||||
short+=("thunderbird_68_3_1")
|
||||
ch_ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
@ -485,6 +704,28 @@
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072")
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Thunderbird (91.9)")
|
||||
short+=("thunderbird_91_9")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc030398fea60c514a1aa7931c86651b3486f0f9caca127093a7b213b8ea135f0a89ad20f2f096a2f33d57fe91ad3398b3e76d5d5620eafc6cffa6586b230d207f8912bf0024130113031302c02bc02fcca9cca8c02cc030c00ac009c013c014009c009d002f0035000a0100018f00000011000f00000c696d61702e676d782e6e657400170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000005000501000000000022000a000804030503060302030033006b0069001d00208a798abebb2289f6cd1d87d0e79b101714dd6d21832c95cc0900c246a74189470017004104e84182d790cbb409acc446aa7b2da35b9d91e5c3ab9a1306f3a737092c06616f9f0373483fa3f41dbbbcfb1c51ecb6994c796787ce2f516fe860905f35dd48db002b00050403040303000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015009a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP,SMTP,POP,IMAP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072")
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 12.1 (iOS 12.2)")
|
||||
@ -528,7 +769,7 @@
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
current+=(false)
|
||||
|
||||
names+=("Safari 13.0 (macOS 10.14.6)")
|
||||
short+=("safari_130_osx_10146")
|
||||
@ -551,3 +792,25 @@
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 15.4 (macOS 12.3.1)")
|
||||
short+=("safari_154_osx_1231")
|
||||
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
|
||||
ch_sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010200010001fc030345ecc5bc82ce47ee1a3491d46343fc5f36d43856d141c9896c323600b3bf2009203dfd825c6b7164a52872e5041ded637d67094f385b32086eb97d375a5ec6e362002ababa130113021303c02cc02bcca9c030c02fcca8c00ac009c014c013009d009c0035002fc008c012000a01000189dada00000000000f000d00000a7465737473736c2e736800170000ff01000100000a000c000a4a4a001d001700180019000b000201000010000e000c02683208687474702f312e31000500050100000000000d0018001604030804040105030203080508050501080606010201001200000033002b00294a4a000100001d00201911629f64c7dbfaa854871ab7f55545c784c1ef5ea5211c30dee96aaf64b53d002d00020101002b000b0a9a9a0304030303020301001b0003020001caca000100001500c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
|
||||
protos+=("-no_ssl3 -no_ssl2")
|
||||
tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0304")
|
||||
alpn+=("h2,http/1.1")
|
||||
service+=("HTTP")
|
||||
curves+=("X25519:secp256r1:secp384r1:secp521r1")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
@ -1,47 +1,47 @@
|
||||
0x00,0x00 - NULL TPM_ECC_NONE
|
||||
0x00,0x01 - sect163k1 sect163k1
|
||||
0x00,0x02 - sect163r1 sect163r1
|
||||
0x00,0x03 - sect163r2 sect163r2
|
||||
0x00,0x04 - sect193r1 sect193r1
|
||||
0x00,0x05 - sect193r2 sect193r2
|
||||
0x00,0x06 - sect233k1 sect233k1
|
||||
0x00,0x07 - sect233r1 sect233r1
|
||||
0x00,0x08 - sect239k1 sect239k1
|
||||
0x00,0x09 - sect283k1 sect283k1
|
||||
0x00,0x0a - sect283r1 sect283r1
|
||||
0x00,0x0b - sect409k1 sect409k1
|
||||
0x00,0x0c - sect409r1 sect409r1
|
||||
0x00,0x0d - sect571k1 sect571k1
|
||||
0x00,0x0e - sect571r1 sect571r1
|
||||
0x00,0x0f - secp160k1 secp160k1
|
||||
0x00,0x10 - secp160r1 secp160r1
|
||||
0x00,0x11 - secp160r2 secp160r2
|
||||
0x00,0x12 - secp192k1 secp192k1
|
||||
0x00,0x13 - secp192r1 secp192r1
|
||||
0x00,0x14 - secp224k1 secp224k1
|
||||
0x00,0x15 - secp224r1 secp224r1
|
||||
0x00,0x16 - secp256k1 secp256k1
|
||||
0x00,0x17 - secp256r1 secp256r1
|
||||
0x00,0x18 - secp384r1 secp384r1
|
||||
0x00,0x19 - secp521r1 secp521r1
|
||||
0x00,0x1a - brainpoolP256r1 brainpoolP256r1
|
||||
0x00,0x1b - brainpoolP384r1 brainpoolP384r1
|
||||
0x00,0x1c - brainpoolP512r1 brainpoolP512r1
|
||||
0x00,0x1d - x25519 x25519
|
||||
0x00,0x1e - x448 x448
|
||||
0x00,0x1f - brainpoolP256r1tls13 brainpoolP256r1tls13
|
||||
0x00,0x20 - brainpoolP384r1tls13 brainpoolP384r1tls13
|
||||
0x00,0x21 - brainpoolP512r1tls13 brainpoolP512r1tls13
|
||||
0x00,0x22 - GC256A GC256A
|
||||
0x00,0x23 - GC256B GC256B
|
||||
0x00,0x24 - GC256C GC256C
|
||||
0x00,0x25 - GC256D GC256D
|
||||
0x00,0x26 - GC512A GC512A
|
||||
0x00,0x27 - GC512B GC512B
|
||||
0x00,0x28 - GC512C GC512C
|
||||
0x00,0x29 - curveSM2 curveSM2
|
||||
0x00,0x100 - ffdhe2048 ffdhe2048
|
||||
0x00,0x101 - ffdhe3072 ffdhe3072
|
||||
0x00,0x102 - ffdhe4096 ffdhe4096
|
||||
0x00,0x103 - ffdhe6144 ffdhe6144
|
||||
0x00,0x104 - ffdhe8192 ffdhe8192
|
||||
0x00,0x00 - NULL TPM_ECC_NONE
|
||||
0x00,0x01 - sect163k1 sect163k1
|
||||
0x00,0x02 - sect163r1 sect163r1
|
||||
0x00,0x03 - sect163r2 sect163r2
|
||||
0x00,0x04 - sect193r1 sect193r1
|
||||
0x00,0x05 - sect193r2 sect193r2
|
||||
0x00,0x06 - sect233k1 sect233k1
|
||||
0x00,0x07 - sect233r1 sect233r1
|
||||
0x00,0x08 - sect239k1 sect239k1
|
||||
0x00,0x09 - sect283k1 sect283k1
|
||||
0x00,0x0a - sect283r1 sect283r1
|
||||
0x00,0x0b - sect409k1 sect409k1
|
||||
0x00,0x0c - sect409r1 sect409r1
|
||||
0x00,0x0d - sect571k1 sect571k1
|
||||
0x00,0x0e - sect571r1 sect571r1
|
||||
0x00,0x0f - secp160k1 secp160k1
|
||||
0x00,0x10 - secp160r1 secp160r1
|
||||
0x00,0x11 - secp160r2 secp160r2
|
||||
0x00,0x12 - secp192k1 secp192k1
|
||||
0x00,0x13 - secp192r1 secp192r1
|
||||
0x00,0x14 - secp224k1 secp224k1
|
||||
0x00,0x15 - secp224r1 secp224r1
|
||||
0x00,0x16 - secp256k1 secp256k1
|
||||
0x00,0x17 - secp256r1 secp256r1
|
||||
0x00,0x18 - secp384r1 secp384r1
|
||||
0x00,0x19 - secp521r1 secp521r1
|
||||
0x00,0x1a - brainpoolP256r1 brainpoolP256r1
|
||||
0x00,0x1b - brainpoolP384r1 brainpoolP384r1
|
||||
0x00,0x1c - brainpoolP512r1 brainpoolP512r1
|
||||
0x00,0x1d - x25519 x25519
|
||||
0x00,0x1e - x448 x448
|
||||
0x00,0x1f - brainpoolP256r1tls13 brainpoolP256r1tls13
|
||||
0x00,0x20 - brainpoolP384r1tls13 brainpoolP384r1tls13
|
||||
0x00,0x21 - brainpoolP512r1tls13 brainpoolP512r1tls13
|
||||
0x00,0x22 - GC256A GC256A
|
||||
0x00,0x23 - GC256B GC256B
|
||||
0x00,0x24 - GC256C GC256C
|
||||
0x00,0x25 - GC256D GC256D
|
||||
0x00,0x26 - GC512A GC512A
|
||||
0x00,0x27 - GC512B GC512B
|
||||
0x00,0x28 - GC512C GC512C
|
||||
0x00,0x29 - curveSM2 curveSM2
|
||||
0x01,0x00 - ffdhe2048 ffdhe2048
|
||||
0x01,0x01 - ffdhe3072 ffdhe3072
|
||||
0x01,0x02 - ffdhe4096 ffdhe4096
|
||||
0x01,0x03 - ffdhe6144 ffdhe6144
|
||||
0x01,0x04 - ffdhe8192 ffdhe8192
|
||||
|
||||
@ -66,7 +66,7 @@
|
||||
"DH_groups","testssl.sh/81.169.166.184","443","OK","Unknown DH group (2048 bits)","",""
|
||||
"HTTP_status_code","testssl.sh/81.169.166.184","443","INFO","200 OK ('/')","",""
|
||||
"HTTP_clock_skew","testssl.sh/81.169.166.184","443","INFO","0 seconds from localtime","",""
|
||||
"HTTP_headerTime","testssl.sh/81.169.166.184","443","INFO","1653487014","",""
|
||||
"HTTP_headerTime","testssl.sh/81.169.166.184","443","INFO","1654006271","",""
|
||||
"HSTS_time","testssl.sh/81.169.166.184","443","OK","362 days (=31337000 seconds) > 15552000 seconds","",""
|
||||
"HSTS_subdomains","testssl.sh/81.169.166.184","443","INFO","only for this domain","",""
|
||||
"HSTS_preload","testssl.sh/81.169.166.184","443","INFO","domain is NOT marked for preloading","",""
|
||||
@ -99,17 +99,17 @@
|
||||
"LUCKY13","testssl.sh/81.169.166.184","443","LOW","potentially vulnerable, uses TLS CBC ciphers","CVE-2013-0169","CWE-310"
|
||||
"winshock","testssl.sh/81.169.166.184","443","OK","not vulnerable","CVE-2014-6321","CWE-94"
|
||||
"RC4","testssl.sh/81.169.166.184","443","OK","not vulnerable","CVE-2013-2566 CVE-2015-2808","CWE-310"
|
||||
"clientsimulation-android_442","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-android_500","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256","",""
|
||||
"clientsimulation-android_60","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256","",""
|
||||
"clientsimulation-android_70","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-android_81","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-android_90","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-android_X","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-chrome_74_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-android_11","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-android_12","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-chrome_79_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-chrome_101_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-firefox_66_win81","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-firefox_71_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-firefox_100_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-ie_6_xp","testssl.sh/81.169.166.184","443","INFO","No connection","",""
|
||||
"clientsimulation-ie_8_win7","testssl.sh/81.169.166.184","443","INFO","TLSv1.0 ECDHE-RSA-AES256-SHA","",""
|
||||
"clientsimulation-ie_8_xp","testssl.sh/81.169.166.184","443","INFO","No connection","",""
|
||||
@ -118,20 +118,19 @@
|
||||
"clientsimulation-ie_11_winphone81","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-SHA","",""
|
||||
"clientsimulation-ie_11_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-edge_15_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-edge_17_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-opera_66_win10","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-safari_9_ios9","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-safari_9_osx1011","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-safari_10_osx1012","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-edge_101_win10_21h2","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-safari_121_ios_122","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-safari_130_osx_10146","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-apple_ats_9_ios9","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-java_6u45","testssl.sh/81.169.166.184","443","INFO","No connection","",""
|
||||
"clientsimulation-safari_154_osx_1231","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-java_7u25","testssl.sh/81.169.166.184","443","INFO","TLSv1.0 ECDHE-RSA-AES128-SHA","",""
|
||||
"clientsimulation-java_8u161","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-java1102","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-java1201","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-java1703","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-go_1178","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-libressl_283","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-openssl_102e","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-openssl_110l","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-openssl_111d","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-thunderbird_68_3_1","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-openssl_303","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
"clientsimulation-apple_mail_16_0","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","",""
|
||||
"clientsimulation-thunderbird_91_9","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
|
||||
|
||||
Loading…
Reference in New Issue
Block a user