diff --git a/lib/packet.ml b/lib/packet.ml index 5a17e9e1..2ff4118c 100644 --- a/lib/packet.ml +++ b/lib/packet.ml @@ -275,189 +275,50 @@ type named_group = (** enum of all TLS ciphersuites *) [%%cenum type any_ciphersuite = - | TLS_NULL_WITH_NULL_NULL [@id 0x0000] - | TLS_RSA_WITH_NULL_MD5 [@id 0x0001] - | TLS_RSA_WITH_NULL_SHA [@id 0x0002] - | TLS_RSA_WITH_IDEA_CBC_SHA [@id 0x0007] - | TLS_RSA_WITH_DES_CBC_SHA [@id 0x0009] | TLS_RSA_WITH_3DES_EDE_CBC_SHA [@id 0x000A] - | TLS_DH_DSS_WITH_DES_CBC_SHA [@id 0x000C] - | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA [@id 0x000D] - | TLS_DH_RSA_WITH_DES_CBC_SHA [@id 0x000F] - | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA [@id 0x0010] - | TLS_DHE_DSS_WITH_DES_CBC_SHA [@id 0x0012] - | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA [@id 0x0013] - | TLS_DHE_RSA_WITH_DES_CBC_SHA [@id 0x0015] | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA [@id 0x0016] - (* MITM deprecated *) - | TLS_DH_anon_WITH_DES_CBC_SHA [@id 0x001A] - | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA [@id 0x001B] - | RESERVED_SSL3_1 [@id 0x001C] (* RFC5246 *) - | RESERVED_SSL3_2 [@id 0x001D] (* RFC5246 *) - | TLS_PSK_WITH_NULL_SHA [@id 0x002C] (*RFC4785*) - | TLS_DHE_PSK_WITH_NULL_SHA [@id 0x002D] (*RFC4785*) - | TLS_RSA_PSK_WITH_NULL_SHA [@id 0x002E] (*RFC4785*) (* from RFC 3268 *) | TLS_RSA_WITH_AES_128_CBC_SHA [@id 0x002F] - | TLS_DH_DSS_WITH_AES_128_CBC_SHA [@id 0x0030] - | TLS_DH_RSA_WITH_AES_128_CBC_SHA [@id 0x0031] - | TLS_DHE_DSS_WITH_AES_128_CBC_SHA [@id 0x0032] | TLS_DHE_RSA_WITH_AES_128_CBC_SHA [@id 0x0033] - | TLS_DH_anon_WITH_AES_128_CBC_SHA [@id 0x0034] | TLS_RSA_WITH_AES_256_CBC_SHA [@id 0x0035] - | TLS_DH_DSS_WITH_AES_256_CBC_SHA [@id 0x0036] - | TLS_DH_RSA_WITH_AES_256_CBC_SHA [@id 0x0037] - | TLS_DHE_DSS_WITH_AES_256_CBC_SHA [@id 0x0038] | TLS_DHE_RSA_WITH_AES_256_CBC_SHA [@id 0x0039] - | TLS_DH_anon_WITH_AES_256_CBC_SHA [@id 0x003A] (* from RFC 5246 *) - | TLS_RSA_WITH_NULL_SHA256 [@id 0x003B] | TLS_RSA_WITH_AES_128_CBC_SHA256 [@id 0x003C] | TLS_RSA_WITH_AES_256_CBC_SHA256 [@id 0x003D] - | TLS_DH_DSS_WITH_AES_128_CBC_SHA256 [@id 0x003E] - | TLS_DH_RSA_WITH_AES_128_CBC_SHA256 [@id 0x003F] - | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 [@id 0x0040] | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 [@id 0x0067] - | TLS_DH_DSS_WITH_AES_256_CBC_SHA256 [@id 0x0068] - | TLS_DH_RSA_WITH_AES_256_CBC_SHA256 [@id 0x0069] - | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 [@id 0x006A] | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 [@id 0x006B] - | TLS_DH_anon_WITH_AES_128_CBC_SHA256 [@id 0x006C] - | TLS_DH_anon_WITH_AES_256_CBC_SHA256 [@id 0x006D] - | TLS_PSK_WITH_3DES_EDE_CBC_SHA [@id 0x008B] (*RFC4279*) - | TLS_PSK_WITH_AES_128_CBC_SHA [@id 0x008C] (*RFC4279*) - | TLS_PSK_WITH_AES_256_CBC_SHA [@id 0x008D] (*RFC4279*) - | TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA [@id 0x008F] (*RFC4279*) - | TLS_DHE_PSK_WITH_AES_128_CBC_SHA [@id 0x0090] (*RFC4279*) - | TLS_DHE_PSK_WITH_AES_256_CBC_SHA [@id 0x0091] (*RFC4279*) - | TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA [@id 0x0093] (*RFC4279*) - | TLS_RSA_PSK_WITH_AES_128_CBC_SHA [@id 0x0094] (*RFC4279*) - | TLS_RSA_PSK_WITH_AES_256_CBC_SHA [@id 0x0095] (*RFC4279*) - | TLS_RSA_WITH_SEED_CBC_SHA [@id 0x0096] (*RFC4162*) - | TLS_DH_DSS_WITH_SEED_CBC_SHA [@id 0x0097] (*RFC4162*) - | TLS_DH_RSA_WITH_SEED_CBC_SHA [@id 0x0098] (*RFC4162*) - | TLS_DHE_DSS_WITH_SEED_CBC_SHA [@id 0x0099] (*RFC4162*) - | TLS_DHE_RSA_WITH_SEED_CBC_SHA [@id 0x009A] (*RFC4162*) - | TLS_DH_anon_WITH_SEED_CBC_SHA [@id 0x009B] (*RFC4162*) | TLS_RSA_WITH_AES_128_GCM_SHA256 [@id 0x009C] (*RFC5288*) | TLS_RSA_WITH_AES_256_GCM_SHA384 [@id 0x009D] (*RFC5288*) | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 [@id 0x009E] (*RFC5288*) | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 [@id 0x009F] (*RFC5288*) - | TLS_DH_RSA_WITH_AES_128_GCM_SHA256 [@id 0x00A0] (*RFC5288*) - | TLS_DH_RSA_WITH_AES_256_GCM_SHA384 [@id 0x00A1] (*RFC5288*) - | TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 [@id 0x00A2] (*RFC5288*) - | TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 [@id 0x00A3] (*RFC5288*) - | TLS_DH_DSS_WITH_AES_128_GCM_SHA256 [@id 0x00A4] (*RFC5288*) - | TLS_DH_DSS_WITH_AES_256_GCM_SHA384 [@id 0x00A5] (*RFC5288*) - | TLS_DH_anon_WITH_AES_128_GCM_SHA256 [@id 0x00A6] (*RFC5288*) - | TLS_DH_anon_WITH_AES_256_GCM_SHA384 [@id 0x00A7] (*RFC5288*) - | TLS_PSK_WITH_AES_128_GCM_SHA256 [@id 0x00A8] (*RFC5487*) - | TLS_PSK_WITH_AES_256_GCM_SHA384 [@id 0x00A9] (*RFC5487*) - | TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 [@id 0x00AA] (*RFC5487*) - | TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 [@id 0x00AB] (*RFC5487*) - | TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 [@id 0x00AC] (*RFC5487*) - | TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 [@id 0x00AD] (*RFC5487*) - | TLS_PSK_WITH_AES_128_CBC_SHA256 [@id 0x00AE] (*RFC5487*) - | TLS_PSK_WITH_AES_256_CBC_SHA384 [@id 0x00AF] (*RFC5487*) - | TLS_PSK_WITH_NULL_SHA256 [@id 0x00B0] (*RFC5487*) - | TLS_PSK_WITH_NULL_SHA384 [@id 0x00B1] (*RFC5487*) - | TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 [@id 0x00B2] (*RFC5487*) - | TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 [@id 0x00B3] (*RFC5487*) - | TLS_DHE_PSK_WITH_NULL_SHA256 [@id 0x00B4] (*RFC5487*) - | TLS_DHE_PSK_WITH_NULL_SHA384 [@id 0x00B5] (*RFC5487*) - | TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 [@id 0x00B6] (*RFC5487*) - | TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 [@id 0x00B7] (*RFC5487*) - | TLS_RSA_PSK_WITH_NULL_SHA256 [@id 0x00B8] (*RFC5487*) - | TLS_RSA_PSK_WITH_NULL_SHA384 [@id 0x00B9] (*RFC5487*) | TLS_EMPTY_RENEGOTIATION_INFO_SCSV [@id 0x00FF] (*RFC5746*) | TLS_AES_128_GCM_SHA256 [@id 0x1301] (*RFC8446*) | TLS_AES_256_GCM_SHA384 [@id 0x1302] (*RFC8446*) | TLS_CHACHA20_POLY1305_SHA256 [@id 0x1303] (*RFC8446*) | TLS_AES_128_CCM_SHA256 [@id 0x1304] (*RFC8446*) - | TLS_AES_128_CCM_8_SHA256 [@id 0x1305] (*RFC8446*) | TLS_FALLBACK_SCSV [@id 0x5600] (*draft-ietf-tls-downgrade-scsv*) (* from RFC 4492 *) - | TLS_ECDH_ECDSA_WITH_NULL_SHA [@id 0xC001] - | TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA [@id 0xC003] - | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA [@id 0xC004] - | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA [@id 0xC005] - | TLS_ECDHE_ECDSA_WITH_NULL_SHA [@id 0xC006] | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA [@id 0xC008] | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA [@id 0xC009] | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA [@id 0xC00A] - | TLS_ECDH_RSA_WITH_NULL_SHA [@id 0xC00B] - | TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA [@id 0xC00D] - | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA [@id 0xC00E] - | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA [@id 0xC00F] - | TLS_ECDHE_RSA_WITH_NULL_SHA [@id 0xC010] | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA [@id 0xC012] | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA [@id 0xC013] | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA [@id 0xC014] - | TLS_ECDH_anon_WITH_NULL_SHA [@id 0xC015] - | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA [@id 0xC017] - | TLS_ECDH_anon_WITH_AES_128_CBC_SHA [@id 0xC018] - | TLS_ECDH_anon_WITH_AES_256_CBC_SHA [@id 0xC019] - | TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA [@id 0xC01A] (*RFC5054*) - | TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA [@id 0xC01B] (*RFC5054*) - | TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA [@id 0xC01C] (*RFC5054*) - | TLS_SRP_SHA_WITH_AES_128_CBC_SHA [@id 0xC01D] (*RFC5054*) - | TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA [@id 0xC01E] (*RFC5054*) - | TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA [@id 0xC01F] (*RFC5054*) - | TLS_SRP_SHA_WITH_AES_256_CBC_SHA [@id 0xC020] (*RFC5054*) - | TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA [@id 0xC021] (*RFC5054*) - | TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA [@id 0xC022] (*RFC5054*) | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 [@id 0xC023] (*RFC5289*) | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 [@id 0xC024] (*RFC5289*) - | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 [@id 0xC025] (*RFC5289*) - | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 [@id 0xC026] (*RFC5289*) | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 [@id 0xC027] (*RFC5289*) | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 [@id 0xC028] (*RFC5289*) - | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 [@id 0xC029] (*RFC5289*) - | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 [@id 0xC02A] (*RFC5289*) | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 [@id 0xC02B] (*RFC5289*) | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 [@id 0xC02C] (*RFC5289*) - | TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 [@id 0xC02D] (*RFC5289*) - | TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 [@id 0xC02E] (*RFC5289*) | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [@id 0xC02F] (*RFC5289*) | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 [@id 0xC030] (*RFC5289*) - | TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 [@id 0xC031] (*RFC5289*) - | TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 [@id 0xC032] (*RFC5289*) - | TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA [@id 0xC034] (*RFC5489*) - | TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA [@id 0xC035] (*RFC5489*) - | TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA [@id 0xC036] (*RFC5489*) - | TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 [@id 0xC037] (*RFC5489*) - | TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 [@id 0xC038] (*RFC5489*) - | TLS_ECDHE_PSK_WITH_NULL_SHA [@id 0xC039] (*RFC5489*) - | TLS_ECDHE_PSK_WITH_NULL_SHA256 [@id 0xC03A] (*RFC5489*) - | TLS_ECDHE_PSK_WITH_NULL_SHA384 [@id 0xC03B] (*RFC5489*) | TLS_RSA_WITH_AES_128_CCM [@id 0xC09C] (*RFC6655*) | TLS_RSA_WITH_AES_256_CCM [@id 0xC09D] (*RFC6655*) | TLS_DHE_RSA_WITH_AES_128_CCM [@id 0xC09E] (*RFC6655*) | TLS_DHE_RSA_WITH_AES_256_CCM [@id 0xC09F] (*RFC6655*) - | TLS_RSA_WITH_AES_128_CCM_8 [@id 0xC0A0] (*RFC6655*) - | TLS_RSA_WITH_AES_256_CCM_8 [@id 0xC0A1] (*RFC6655*) - | TLS_DHE_RSA_WITH_AES_128_CCM_8 [@id 0xC0A2] (*RFC6655*) - | TLS_DHE_RSA_WITH_AES_256_CCM_8 [@id 0xC0A3] (*RFC6655*) - | TLS_PSK_WITH_AES_128_CCM [@id 0xC0A4] (*RFC6655*) - | TLS_PSK_WITH_AES_256_CCM [@id 0xC0A5] (*RFC6655*) - | TLS_DHE_PSK_WITH_AES_128_CCM [@id 0xC0A6] (*RFC6655*) - | TLS_DHE_PSK_WITH_AES_256_CCM [@id 0xC0A7] (*RFC6655*) - | TLS_PSK_WITH_AES_128_CCM_8 [@id 0xC0A8] (*RFC6655*) - | TLS_PSK_WITH_AES_256_CCM_8 [@id 0xC0A9] (*RFC6655*) - | TLS_DHE_PSK_WITH_AES_128_CCM_8 [@id 0xC0AA] (*RFC6655*) - | TLS_DHE_PSK_WITH_AES_256_CCM_8 [@id 0xC0AB] (*RFC6655*) | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 [@id 0xCCA8] (*RFC7905*) | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 [@id 0xCCA9] (*RFC7905*) | TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 [@id 0xCCAA] (*RFC7905*) - | TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 [@id 0xCCAB] (*RFC7905*) - | TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 [@id 0xCCAC] (*RFC7905*) - | TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 [@id 0xCCAD] (*RFC7905*) - | TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 [@id 0xCCAE] (*RFC7905*) - | TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 [@id 0xD001] (*I-D.mattsson-tls-ecdhe-psk-aead*) - | TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 [@id 0xD002] (*I-D.mattsson-tls-ecdhe-psk-aead*) - | TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 [@id 0xD003] (*I-D.mattsson-tls-ecdhe-psk-aead*) - | TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 [@id 0xD004] (*I-D.mattsson-tls-ecdhe-psk-aead*) - | TLS_ECDHE_PSK_WITH_AES_256_CCM_SHA384 [@id 0xD005] (*I-D.mattsson-tls-ecdhe-psk-aead*) [@@uint16_t] [@@sexp] ] diff --git a/tests/readertests.ml b/tests/readertests.ml index 7589327f..46ae09ee 100644 --- a/tests/readertests.ml +++ b/tests/readertests.ml @@ -1178,11 +1178,11 @@ let good_client_hellos = ([1; 0; 0; 40; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 0; (* comp *) 2; 0; 1; (* exts *)] , ch ) ; (* ciphersuites *) - ([1; 0; 0; 40; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 2; 0; 0; (* comp *) 0; (* exts *)] , { ch with ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] } ) ; - ([1; 0; 0; 42; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 4; 0; 0; 0; 1; (* comp *) 0; (* exts *)] , { ch with ciphersuites = Packet.([TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5]) } ) ; + ([1; 0; 0; 40; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 2; 0; 0x0A; (* comp *) 0; (* exts *)] , { ch with ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] } ) ; + ([1; 0; 0; 42; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 4; 0; 0x0A; 0; 0x16; (* comp *) 0; (* exts *)] , { ch with ciphersuites = Packet.([TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA]) } ) ; (* ignore unknown ciphersuite *) - ([1; 0; 0; 42; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 4; 0; 0; 0; 0x47; (* comp *) 0; (* exts *)] , { ch with ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] } ) ; + ([1; 0; 0; 42; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 4; 0; 0x0A; 0; 0x47; (* comp *) 0; (* exts *)] , { ch with ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] } ) ; (* ignore unknown compression method *) ([1; 0; 0; 40; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 0; (* comp *) 2; 0; 42; (* exts *)] , ch ) ; @@ -1198,13 +1198,13 @@ let good_client_hellos = *) (* combine ciphersuite + compression *) - ([1; 0; 0; 44; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 4; 0; 0; 0; 1; (* comp *) 2; 0; 1; (* exts *)] , { ch with ciphersuites = Packet.([TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5]) }) ; + ([1; 0; 0; 44; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 4; 0; 0x0A; 0; 0x16; (* comp *) 2; 0; 1; (* exts *)] , { ch with ciphersuites = Packet.([TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA]) }) ; (* session id *) ([1; 0; 0; 41; 3; 3] @ rand @ [(* session id *) 3; 1; 2; 3; (* cipher *) 0; 0; (* comp *) 0; (* exts *)] , { ch with sessionid = Some (list_to_cstruct [1; 2; 3] ) } ) ; (* combine ciphersuite + compression + session id *) - ([1; 0; 0; 47; 3; 3] @ rand @ [(* session id *) 3; 1; 2; 3; (* cipher *) 0; 4; 0; 0; 0; 1; (* comp *) 2; 0; 1; (* exts *)] , { ch with ciphersuites = Packet.([TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5]) ; sessionid = Some (list_to_cstruct [1; 2; 3]) }) ; + ([1; 0; 0; 47; 3; 3] @ rand @ [(* session id *) 3; 1; 2; 3; (* cipher *) 0; 4; 0; 0x0A; 0; 0x16; (* comp *) 2; 0; 1; (* exts *)] , { ch with ciphersuites = Packet.([TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA]) ; sessionid = Some (list_to_cstruct [1; 2; 3]) }) ; (* extensions *) @@ -1264,7 +1264,7 @@ let good_client_hellos = { ch with client_version = `TLS_1_0 ; client_random = list_to_cstruct [0x7c; 0x53; 0x05; 0x72; 0x7a; 0x1b; 0x84; 0x70; 0x30; 0x89; 0xef; 0xad; 0xfb; 0x56; 0xc1; 0x3d; 0x73; 0x4b; 0xc7; 0xcb; 0x8c; 0xc8; 0x75; 0x43; 0x01; 0x12; 0x32; 0xd6; 0x74; 0x87; 0xcb; 0x18] ; - ciphersuites = Packet.([TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA; TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA; TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA; TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA; TLS_DHE_RSA_WITH_AES_256_CBC_SHA; TLS_DHE_DSS_WITH_AES_256_CBC_SHA; TLS_ECDH_RSA_WITH_AES_256_CBC_SHA; TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA; TLS_RSA_WITH_AES_256_CBC_SHA; TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA; TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA; TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA; TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA; TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA; TLS_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA; TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA; TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA; TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA; TLS_DHE_RSA_WITH_AES_128_CBC_SHA; TLS_DHE_DSS_WITH_AES_128_CBC_SHA; TLS_DHE_RSA_WITH_SEED_CBC_SHA; TLS_DHE_DSS_WITH_SEED_CBC_SHA; TLS_ECDH_RSA_WITH_AES_128_CBC_SHA; TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA; TLS_RSA_WITH_AES_128_CBC_SHA; TLS_RSA_WITH_SEED_CBC_SHA; TLS_RSA_WITH_IDEA_CBC_SHA; TLS_DHE_RSA_WITH_DES_CBC_SHA; TLS_DHE_DSS_WITH_DES_CBC_SHA; TLS_RSA_WITH_DES_CBC_SHA; TLS_EMPTY_RENEGOTIATION_INFO_SCSV]); + ciphersuites = Packet.([TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA; TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA; TLS_DHE_RSA_WITH_AES_256_CBC_SHA; TLS_RSA_WITH_AES_256_CBC_SHA; TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA; TLS_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA; TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA; TLS_DHE_RSA_WITH_AES_128_CBC_SHA; TLS_RSA_WITH_AES_128_CBC_SHA; TLS_EMPTY_RENEGOTIATION_INFO_SCSV]); extensions = [`SupportedGroups Packet.([SECP521R1; SECP384R1; SECP256R1]); `ALPN ["h2"; "http/1.1"] ] } ) ; @@ -1304,7 +1304,7 @@ let good_client_hellos = { ch with client_version = `TLS_1_2 ; client_random = list_to_cstruct [0xb7; 0x36; 0xeb; 0x21; 0xec; 0x81; 0x4d; 0x01; 0xfc; 0xf4; 0xe2; 0x06; 0x9a; 0x34; 0xb7; 0x21; 0xe1; 0x23; 0x6f; 0xbe; 0x50; 0xbf; 0xfe; 0x33; 0x9b; 0xc9; 0x5b; 0x20; 0x0e; 0x15; 0x02; 0x27] ; - ciphersuites = Packet.([TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384; TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384; TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384; TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384; TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA; TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA; TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA; TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA; TLS_DHE_DSS_WITH_AES_256_GCM_SHA384; TLS_DHE_RSA_WITH_AES_256_GCM_SHA384; TLS_DHE_RSA_WITH_AES_256_CBC_SHA256; TLS_DHE_DSS_WITH_AES_256_CBC_SHA256; TLS_DHE_RSA_WITH_AES_256_CBC_SHA; TLS_DHE_DSS_WITH_AES_256_CBC_SHA; TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384; TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384; TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384; TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384; TLS_ECDH_RSA_WITH_AES_256_CBC_SHA; TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA; TLS_RSA_WITH_AES_256_GCM_SHA384; TLS_RSA_WITH_AES_256_CBC_SHA256; TLS_RSA_WITH_AES_256_CBC_SHA; TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA; TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA; TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA; TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA; TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA; TLS_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256; TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256; TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256; TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256; TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA; TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA; TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA; TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA; TLS_DHE_DSS_WITH_AES_128_GCM_SHA256; TLS_DHE_RSA_WITH_AES_128_GCM_SHA256; TLS_DHE_RSA_WITH_AES_128_CBC_SHA256; TLS_DHE_DSS_WITH_AES_128_CBC_SHA256; TLS_DHE_RSA_WITH_AES_128_CBC_SHA; TLS_DHE_DSS_WITH_AES_128_CBC_SHA; TLS_DHE_RSA_WITH_SEED_CBC_SHA; TLS_DHE_DSS_WITH_SEED_CBC_SHA; TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256; TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256; TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256; TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256; TLS_ECDH_RSA_WITH_AES_128_CBC_SHA; TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA; TLS_RSA_WITH_AES_128_GCM_SHA256; TLS_RSA_WITH_AES_128_CBC_SHA256; TLS_RSA_WITH_AES_128_CBC_SHA; TLS_RSA_WITH_SEED_CBC_SHA; TLS_RSA_WITH_IDEA_CBC_SHA; TLS_DHE_RSA_WITH_DES_CBC_SHA; TLS_DHE_DSS_WITH_DES_CBC_SHA; TLS_RSA_WITH_DES_CBC_SHA; TLS_EMPTY_RENEGOTIATION_INFO_SCSV]) ; + ciphersuites = Packet.([TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384; TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384; TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384; TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384; TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA; TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA; TLS_DHE_RSA_WITH_AES_256_GCM_SHA384; TLS_DHE_RSA_WITH_AES_256_CBC_SHA256; TLS_DHE_RSA_WITH_AES_256_CBC_SHA; TLS_RSA_WITH_AES_256_GCM_SHA384; TLS_RSA_WITH_AES_256_CBC_SHA256; TLS_RSA_WITH_AES_256_CBC_SHA; TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA; TLS_RSA_WITH_3DES_EDE_CBC_SHA; TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256; TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256; TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256; TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256; TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA; TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA; TLS_DHE_RSA_WITH_AES_128_GCM_SHA256; TLS_DHE_RSA_WITH_AES_128_CBC_SHA256; TLS_DHE_RSA_WITH_AES_128_CBC_SHA; TLS_RSA_WITH_AES_128_GCM_SHA256; TLS_RSA_WITH_AES_128_CBC_SHA256; TLS_RSA_WITH_AES_128_CBC_SHA; TLS_EMPTY_RENEGOTIATION_INFO_SCSV]) ; extensions = [`SupportedGroups Packet.([SECP521R1; SECP384R1; SECP256R1]); `SignatureAlgorithms [`RSA_PKCS1_SHA512 ; diff --git a/tests/readerwritertests.ml b/tests/readerwritertests.ml index 8829ab34..2696e2fa 100644 --- a/tests/readerwritertests.ml +++ b/tests/readerwritertests.ml @@ -363,14 +363,14 @@ let rw_handshake_client_hello_vals = ClientHello { ch with client_version = `TLS_1_0 } ; ClientHello { ch with client_version = `TLS_1_1 } ; - ClientHello { ch with ciphersuites = [ Packet.TLS_NULL_WITH_NULL_NULL ] } ; - ClientHello { ch with ciphersuites = Packet.([ TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5 ; TLS_RSA_WITH_AES_256_CBC_SHA ]) } ; + ClientHello { ch with ciphersuites = [ Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA ] } ; + ClientHello { ch with ciphersuites = Packet.([ TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_RSA_WITH_AES_256_CBC_SHA ]) } ; ClientHello { ch with sessionid = (Some (list_to_cstruct rnd)) } ; ClientHello { ch with sessionid = (Some client_random) } ; ClientHello { ch with - ciphersuites = Packet.([ TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5 ; TLS_RSA_WITH_AES_256_CBC_SHA ]) ; + ciphersuites = Packet.([ TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_RSA_WITH_AES_256_CBC_SHA ]) ; sessionid = (Some client_random) } ; ClientHello { ch with extensions = [ make_hostname_ext "foobar" ] } ; @@ -388,12 +388,12 @@ let rw_handshake_client_hello_vals = ] } ; ClientHello { ch with - ciphersuites = Packet.([ TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5 ; TLS_RSA_WITH_AES_256_CBC_SHA ]) ; + ciphersuites = Packet.([ TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_RSA_WITH_AES_256_CBC_SHA ]) ; sessionid = (Some client_random) ; extensions = [ make_hostname_ext "foobarblubb" ] } ; ClientHello { ch with - ciphersuites = Packet.([ TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5 ; TLS_RSA_WITH_AES_256_CBC_SHA ]) ; + ciphersuites = Packet.([ TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_RSA_WITH_AES_256_CBC_SHA ]) ; sessionid = (Some client_random) ; extensions = [ make_hostname_ext "foobarblubb" ; @@ -403,7 +403,7 @@ let rw_handshake_client_hello_vals = ] } ; ClientHello { ch with - ciphersuites = Packet.([ TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5 ; TLS_RSA_WITH_AES_256_CBC_SHA ]) ; + ciphersuites = Packet.([ TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_RSA_WITH_AES_256_CBC_SHA ]) ; sessionid = (Some client_random) ; extensions = [ make_hostname_ext "foobarblubb" ; diff --git a/tests/writertests.ml b/tests/writertests.ml index 4881a890..aa38eacd 100644 --- a/tests/writertests.ml +++ b/tests/writertests.ml @@ -299,22 +299,22 @@ let handshake_assembler_tests = ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] ; extensions = [] }, - [ 1; 0; 0; 41; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0; 1; 0 ] ) ; + [ 1; 0; 0; 41; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0x0a; 1; 0 ] ) ; ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = Packet.([TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5 ; TLS_RSA_WITH_NULL_SHA ; TLS_RSA_WITH_3DES_EDE_CBC_SHA]); + ciphersuites = Packet.([TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_RSA_WITH_AES_128_CBC_SHA ; TLS_DHE_RSA_WITH_AES_128_CBC_SHA]); extensions = [] }, - [ 1; 0; 0; 47; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 8; 0; 0; 0; 1; 0; 2; 0; 0x0a; 1; 0 ] ) ; + [ 1; 0; 0; 47; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 8; 0; 0x0A; 0; 0x16; 0; 0x2F; 0; 0x33; 1; 0 ] ) ; ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = Packet.([TLS_NULL_WITH_NULL_NULL ; TLS_RSA_WITH_NULL_MD5 ; TLS_RSA_WITH_NULL_SHA ; TLS_RSA_WITH_3DES_EDE_CBC_SHA]); + ciphersuites = Packet.([TLS_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ; TLS_RSA_WITH_AES_128_CBC_SHA ; TLS_DHE_RSA_WITH_AES_128_CBC_SHA]); extensions = [ `SignatureAlgorithms [`RSA_PKCS1_SHA512 ; @@ -322,7 +322,7 @@ let handshake_assembler_tests = `RSA_PKCS1_SHA256 ; `RSA_PKCS1_SHA224 ; `RSA_PKCS1_SHA1 ] ] }, - [ 1; 0; 0; 65; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 8; 0; 0; 0; 1; 0; 2; 0; 0x0a; 1; 0 ; 0; 0x10 ; + [ 1; 0; 0; 65; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 8; 0; 0x0A; 0; 0x16; 0; 0x2F; 0; 0x33; 1; 0 ; 0; 0x10 ; 0x00; 0x0d; 0x00; 0x0c; (* signature algorithms *) 0x00; 0x0a; 0x06; 0x01; 0x05; 0x01; 0x04; 0x01; 0x03; 0x01; 0x02; 0x01 ] ) ; @@ -331,73 +331,73 @@ let handshake_assembler_tests = ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] ; extensions = [`ALPN ["h2"; "http/1.1"]] }, - [ 1; 0; 0; 61; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0; 1; 0; 0; 18; 0; 16; 0; 14; 0; 12; 2; 104; 50; 8; 104; 116; 116; 112; 47; 49; 46; 49 ] ) ; + [ 1; 0; 0; 61; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0x0A; 1; 0; 0; 18; 0; 16; 0; 14; 0; 12; 2; 104; 50; 8; 104; 116; 116; 112; 47; 49; 46; 49 ] ) ; ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] ; extensions = [make_hostname_ext "foo"] }, - [ 1; 0; 0; 55; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0; 1; 0; 0; 12; 0; 0; 0; 8; 0; 6; 0; 0; 3; 102; 111; 111 ] ) ; + [ 1; 0; 0; 55; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0x0A; 1; 0; 0; 12; 0; 0; 0; 8; 0; 6; 0; 0; 3; 102; 111; 111 ] ) ; ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] ; extensions = [make_hostname_ext "foofoofoofoofoofoofoofoofoofoo"] }, - [ 1; 0; 0; 82; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0; 1; 0; 0; 39; 0; 0; 0; 35; 0; 33; 0; 0; 30; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111 ] ) ; + [ 1; 0; 0; 82; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0x0A; 1; 0; 0; 39; 0; 0; 0; 35; 0; 33; 0; 0; 30; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111; 102; 111; 111 ] ) ; ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] ; extensions = [make_hostname_ext "foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoo.foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoo.foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoof"] }, - [ 1; 0; 0; 232; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0; 1; 0; 0; 189; 0; 0; 0; 185; 0; 183; 0; 0; 180; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102 ] ) ; + [ 1; 0; 0; 232; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0x0A; 1; 0; 0; 189; 0; 0; 0; 185; 0; 183; 0; 0; 180; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102 ] ) ; (* this one is the smallest which needs extra padding (due to its size being > 256 and < 511) *) ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] ; extensions = [make_hostname_ext "foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoo.foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoo.foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoo.foofoofoofoofoofoofo"] }, - [ 1; 0; 1; 0xFC; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0; 1; 0; 1; 0xD1; 0; 0; 0; 0xD0; 0; 0xCE; 0; 0; 0xCB; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111; 0; 21; 0; 0xF9; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0 ] ) ; + [ 1; 0; 1; 0xFC; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0x0A; 1; 0; 1; 0xD1; 0; 0; 0; 0xD0; 0; 0xCE; 0; 0; 0xCB; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111; 0; 21; 0; 0xF9; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0 ] ) ; (* this one is the biggest which needs no extra padding *) ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA] ; extensions = [make_hostname_ext "foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoo.foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoo.foofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoofoo.foofoofoofoofoof"] }, - [ 1; 0; 0; 251; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0; 1; 0; 0; 208; 0; 0; 0; 204; 0; 202; 0; 0; 199; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102 ] ) ; + [ 1; 0; 0; 251; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 2; 0; 0x0A; 1; 0; 0; 208; 0; 0; 0; 204; 0; 202; 0; 0; 199; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 46; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102;111;111; 102 ] ) ; (* this one is the biggest which needs no extra padding, and no exts *) ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; -Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; -Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; -Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL ] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; +Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; +Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; +Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA ] ; extensions = [] }, - [ 1; 0; 0; 251; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 212; 0; 0; -0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; + [ 1; 0; 0; 251; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 212; 0; 0x0A; +0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 1; 0 ] ) ; (* add one more, and we get into padding no exts *) ( ClientHello { client_version = `TLS_1_2 ; client_random = a_cs <+> a_cs ; sessionid = None ; - ciphersuites = [Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; -Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; -Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL; -Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL ] ; + ciphersuites = [Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; +Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; +Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA; +Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA;Packet.TLS_RSA_WITH_3DES_EDE_CBC_SHA ] ; extensions = [] }, - [ 1; 0; 1; 0xFC; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 214; 0; 0; 0; 0; -0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; 0;0;0;0;0;0;0;0;0;0; + [ 1; 0; 1; 0xFC; 3; 3 ] @ a_l @ a_l @ [ 0; 0; 214; 0; 0x0A; 0; 0x0A; +0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 0;0x0A;0;0x0A;0;0x0A;0;0x0A;0;0x0A; 1; 0; 0;0xFD;0;0x15;0;0xF9; 0;0;0;0;0;0;0;0;0;