From 05482e64d223d8e2b22361a02f9587e8e4dbba53 Mon Sep 17 00:00:00 2001
From: Andy Wang <cbeuw.andy@gmail.com>
Date: Sat, 12 Sep 2020 21:18:31 +0100
Subject: [PATCH] Update Chrome signature to 85. Address #129

---
 internal/client/chrome.go      | 28 ++++++++++++++--------------
 internal/client/chrome_test.go |  8 ++++----
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/internal/client/chrome.go b/internal/client/chrome.go
index b5cfa50..3c03120 100644
--- a/internal/client/chrome.go
+++ b/internal/client/chrome.go
@@ -1,4 +1,4 @@
-// Fingerprint of Chrome 76
+// Fingerprint of Chrome 85
 
 package client
 
@@ -44,7 +44,7 @@ func (c *Chrome) composeExtensions(sni []byte, keyShare []byte) []byte {
 		return ret
 	}
 
-	// extension length is always 401, and server name length is variable
+	// extension length is always 403, and server name length is variable
 
 	var ext [17][]byte
 	ext[0] = addExtRec(makeGREASE(), nil)                         // First GREASE
@@ -57,21 +57,21 @@ func (c *Chrome) composeExtensions(sni []byte, keyShare []byte) []byte {
 	APLN, _ := hex.DecodeString("000c02683208687474702f312e31")
 	ext[7] = addExtRec([]byte{0x00, 0x10}, APLN)                                 // app layer proto negotiation
 	ext[8] = addExtRec([]byte{0x00, 0x05}, []byte{0x01, 0x00, 0x00, 0x00, 0x00}) // status request
-	sigAlgo, _ := hex.DecodeString("0012040308040401050308050501080606010201")
+	sigAlgo, _ := hex.DecodeString("001004030804040105030805050108060601")
 	ext[9] = addExtRec([]byte{0x00, 0x0d}, sigAlgo)                 // Signature Algorithms
 	ext[10] = addExtRec([]byte{0x00, 0x12}, nil)                    // signed cert timestamp
 	ext[11] = addExtRec([]byte{0x00, 0x33}, makeKeyShare(keyShare)) // key share
 	ext[12] = addExtRec([]byte{0x00, 0x2d}, []byte{0x01, 0x01})     // psk key exchange modes
 	suppVersions, _ := hex.DecodeString("0a9A9A0304030303020301")   // 9A9A needs to be a GREASE
 	copy(suppVersions[1:3], makeGREASE())
-	ext[13] = addExtRec([]byte{0x00, 0x2b}, suppVersions) // supported versions
-	ext[14] = addExtRec([]byte{0x00, 0x1b}, []byte{0x02, 0x00, 0x02})
-	ext[15] = addExtRec(makeGREASE(), []byte{0x00}) // Last GREASE
-	// len(ext[1]) + 172 + len(ext[16]) = 401
-	// len(ext[16]) = 229 - len(ext[1])
-	// 2+2+len(padding) = 229 - len(ext[1])
-	// len(padding) = 225 - len(ext[1])
-	ext[16] = addExtRec([]byte{0x00, 0x15}, make([]byte, 225-len(ext[1]))) // padding
+	ext[13] = addExtRec([]byte{0x00, 0x2b}, suppVersions)             // supported versions
+	ext[14] = addExtRec([]byte{0x00, 0x1b}, []byte{0x02, 0x00, 0x02}) // compress certificate
+	ext[15] = addExtRec(makeGREASE(), []byte{0x00})                   // Last GREASE
+	// len(ext[1]) + 170 + len(ext[16]) = 403
+	// len(ext[16]) = 233 - len(ext[1])
+	// 2+2+len(padding) = 233 - len(ext[1])
+	// len(padding) = 229 - len(ext[1])
+	ext[16] = addExtRec([]byte{0x00, 0x15}, make([]byte, 229-len(ext[1]))) // padding
 	var ret []byte
 	for _, e := range ext {
 		ret = append(ret, e...)
@@ -87,13 +87,13 @@ func (c *Chrome) composeClientHello(hd clientHelloFields) (ch []byte) {
 	clientHello[3] = hd.random                // random
 	clientHello[4] = []byte{0x20}             // session id length 32
 	clientHello[5] = hd.sessionId             // session id
-	clientHello[6] = []byte{0x00, 0x22}       // cipher suites length 34
-	cipherSuites, _ := hex.DecodeString("130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a")
+	clientHello[6] = []byte{0x00, 0x20}       // cipher suites length 34
+	cipherSuites, _ := hex.DecodeString("130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035")
 	clientHello[7] = append(makeGREASE(), cipherSuites...) // cipher suites
 	clientHello[8] = []byte{0x01}                          // compression methods length 1
 	clientHello[9] = []byte{0x00}                          // compression methods
 	clientHello[11] = c.composeExtensions(hd.sni, hd.x25519KeyShare)
-	clientHello[10] = []byte{0x00, 0x00} // extensions length 401
+	clientHello[10] = []byte{0x00, 0x00} // extensions length 403
 	binary.BigEndian.PutUint16(clientHello[10], uint16(len(clientHello[11])))
 	var ret []byte
 	for _, c := range clientHello {
diff --git a/internal/client/chrome_test.go b/internal/client/chrome_test.go
index 7a418cf..cf416af 100644
--- a/internal/client/chrome_test.go
+++ b/internal/client/chrome_test.go
@@ -27,16 +27,16 @@ func TestMakeGREASE(t *testing.T) {
 }
 
 func TestComposeExtension(t *testing.T) {
-	serverName := "cdn.bizible.com"
-	keyShare, _ := hex.DecodeString("010a8896b68fb16e2a245ed87be2699348ab72068bb326eac5beaa00fa56ff17")
+	serverName := "www.cloudflare.com"
+	keyShare, _ := hex.DecodeString("811b3c1f32edabbf31edeab4b8e0f8eae58fc6b3c3c9c1809a137dbc2ab2293c")
 
 	sni := makeServerName(serverName)
 
 	result := (&Chrome{}).composeExtensions(sni, keyShare)
-	target, _ := hex.DecodeString("5a5a000000000014001200000f63646e2e62697a69626c652e636f6d00170000ff01000100000a000a0008fafa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029fafa000100001d0020010a8896b68fb16e2a245ed87be2699348ab72068bb326eac5beaa00fa56ff17002d00020101002b000b0aaaaa0304030303020301001b0003020002eaea000100001500c9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
+	target, _ := hex.DecodeString("fafa00000000001700150000127777772e636c6f7564666c6172652e636f6d00170000ff01000100000a000a00089a9a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00299a9a000100001d0020811b3c1f32edabbf31edeab4b8e0f8eae58fc6b3c3c9c1809a137dbc2ab2293c002d00020101002b000b0a1a1a0304030303020301001b00030200023a3a000100001500ca00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
 	for p := 0; p < len(result); {
 		// skip GREASEs
-		if p == 0 || p == 43 || p == 122 || p == 174 || p == 191 {
+		if result[p]&0x0F == 0xA && result[p+1]&0x0F == 0xA {
 			p += 2
 			continue
 		}