🧹 Add secp256r1 to tls client hello key share extension (#4037)

Some servers will prefer this, and respond with a `HelloRetryRequest` if
its not provided

providers/network/resources/tlsshake/tlsshake.go

@@ -717,9 +717,28 @@ func (s *Tester) helloTLSMsg(conf *ScanConfig) ([]byte, int, error) {
 		//     d9:45:92:16:ff:36:63:0d:0d:5a:3d:9d:47:ce:3e:
 		//     cd:7e
 
-		publicKey := "\xe7\x08\x71\x36\xd0\x81\xe0\x16\x19\x3a\xcb\x67\xca\xb8\x28\xd9\x45\x92\x16\xff\x36\x63\x0d\x0d\x5a\x3d\x9d\x47\xce\x3e\xcd\x7e"
-		extensions.WriteString("\x00\x33\x00\x26\x00\x24\x00\x1d\x00\x20")
-		extensions.WriteString(publicKey)
+		// The comment above is not how the stuff below was generated. It was taken
+		// from a real-world TLS 1.3 handshake and then converted to a byte array.
+		// It contains both x25519 and secp256r1 keys. I'm leaving the comment above
+		// for reference, but it's not how the keys were generated.
+		keyShareBytes := []byte{
+			0x00, 0x33, 0x00, 0x6b, 0x00, 0x69, 0x00, 0x1d,
+			0x00, 0x20, 0x5b, 0x55, 0x18, 0x62, 0xb8, 0x87,
+			0x93, 0xd2, 0xb5, 0xa3, 0xdf, 0x2d, 0xdf, 0x5a,
+			0x05, 0x00, 0xaf, 0xa5, 0xde, 0xea, 0xd6, 0x3a,
+			0x6e, 0x29, 0x10, 0x8e, 0x5b, 0xcf, 0xde, 0xc6,
+			0x57, 0x08, 0x00, 0x17, 0x00, 0x41, 0x04, 0x6b,
+			0xf2, 0x37, 0x7d, 0xf2, 0x20, 0xd5, 0x6f, 0xb0,
+			0xde, 0xe7, 0x5f, 0x98, 0x79, 0x7a, 0x31, 0x54,
+			0x10, 0x44, 0xde, 0xed, 0x4a, 0xfc, 0x59, 0xda,
+			0x51, 0x00, 0x8a, 0xfe, 0x0a, 0xc6, 0x14, 0xea,
+			0x07, 0xe3, 0x3a, 0xc5, 0x31, 0x55, 0xfb, 0x70,
+			0xed, 0x4c, 0xdb, 0x84, 0x66, 0x47, 0xd2, 0x3a,
+			0xd7, 0xe3, 0xf6, 0x0d, 0x72, 0x30, 0x6a, 0x73,
+			0x54, 0xc1, 0x93, 0x1f, 0x97, 0x75, 0x44,
+		}
+
+		extensions.Write(keyShareBytes)
 
 	default:
 		return nil, 0, errors.New("unsupported TLS/SSL version: " + conf.version)