went through a couple of pcap files and determined ja3 + ja4 sums.
- Android 15/16 are the same (previously ja3 taken instead of ja4 and wrong host. One has to use chrome !)
- Edge 101/Chrome 101 are the same (will be deprated next time)
- surprisingly Java 17.0.3 and 21.0.6 were the same.
- Added: Ja3/ja4 for old Apple Mail and Thunderbird
As mentioned in the comment: For Androids ja3 is is not unique, probably because of GREASE.
One can add two handshakes after another and they are different. ja4 seems more consistent here.
This should be kept in mind for all clients "supplying some grease"
This commit cleans up the initialization of TLS13_KEY_SHARES and TLS13_PUBLIC_KEY_SHARES in etc/tls_data.txt. With this commit, each index in the array that is to be initialized is prefixed with "[0xXX]=". This allows all of the current placeholders to be deleted.
The commit adds support for RFC 8998 and draft-yang-tls-hybrid-sm2-mlkem. This includes support for the TLS_SM4_GCM_SM3 and TLS_SM4_CCM_SM3 cipher suites, the key exchange groups curveSM2 and curveSM2MLKEM768, and SM2 public keys and signatures.
While this commit adds support to tls_sockets() to decrypt server responses encrypted under SM4 GCM or CCM, OpenSSL does not support performing key derivation using curveSM2. So, tls_sockets() can not decrypt server responses if the key exchange was performed using curveSM2 or curveSM2MLKEM768.
This commit fixes#2959 by modifying TLS12_CIPHER, TLS12_CIPHER_2ND_TRY, and TLS12_CIPHER_3RD_TRY so that they each have 118 ciphers (including "00,ff"). It also modifies run_cipherlists(), run_server_defaults(), and run_beast() so that, when $SERVER_SIZE_LIMIT_BUG is true, no more than 125 ciphers are sent.
- Android 13 and 14 were added. They are the same, see ja3 + ja4 value
- as it turned out Android 11 and 12 have also the same ja3 + ja4 values (retrieved from old pcap files)
- so both will be labeled 11/12 an 13/14
- old pcaps from Android 11/12 showed no ALPN --> corrected
This commit modifies testssl.sh so that TLS 1.3 handshakes that use post-quantum algorithms for key exchange can be decrypted, if $OPENSSL supports the algorithms.
This commit adds support for the three code points in draft-kwiatkowski-tls-ecdhe-mlkem and the code point 0x6399 from draft-tls-westerbaan-xyber768d00. The group 0x6399 uses a pre-standard version of Kyber and is considered obsolete.
This commit adds support for the two cipher suites in RFC 9150, TLS_SHA256_SHA256 and TLS_SHA384_SHA384. These are authentication and integrity-only cipher suites.
Dirk