// import tls "github.com/refraction-networking/utls"
tcpConn, err := net.Dial("tcp", "tlsfingerprint.io:443")
if err != nil {
fmt.Printf("net.Dial() failed: %+v\n", err)
return
}
config := tls.Config{ServerName: "tlsfingerprint.io"}
// This fingerprint includes feature(s), not fully supported by TLS.
// uTLS client with this fingerprint will only be able to to talk to servers,
// that also do not support those features.
tlsConn := tls.UClient(tcpConn, &tlsConfig, tls.HelloCustom)
clientHelloSpec := tls.ClientHelloSpec {
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.DISABLED_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
tls.DISABLED_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
0x00a5,
0x00a3,
0x00a1,
0x009f,
0x006b,
0x006a,
0x0069,
0x0068,
0x0039,
0x0038,
0x0037,
0x0036,
0x0088,
0x0087,
0x0086,
0x0085,
0xc032,
0xc02e,
0xc02a,
0xc026,
0xc00f,
0xc005,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
tls.DISABLED_TLS_RSA_WITH_AES_256_CBC_SHA256,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
0x0084,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
0x00a4,
0x00a2,
0x00a0,
0x009e,
0x0067,
0x0040,
0x003f,
0x003e,
0x0033,
0x0032,
0x0031,
0x0030,
0x009a,
0x0099,
0x0098,
0x0097,
0x0045,
0x0044,
0x0043,
0x0042,
0xc031,
0xc02d,
0xc029,
0xc025,
0xc00e,
0xc004,
tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_RSA_WITH_AES_128_CBC_SHA256,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
0x0096,
0x0041,
0x0007,
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
0xc008,
0x0016,
0x0013,
0x0010,
0x000d,
0xc00d,
0xc003,
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
0x00ff,
},
CompressionMethods: []byte{
0x00, // compressionNone
},
Extensions: []tls.TLSExtension{
&tls.SNIExtension{},
&tls.SupportedPointsExtension{SupportedPoints: []byte{
0x00, // pointFormatUncompressed
0x01
0x02
}},
&tls.SupportedCurvesExtension{[]tls.CurveID{
tls.CurveP256,
tls.CurveP521,
0x001c,
0x001b,
tls.CurveP384,
0x001a,
0x0016,
0x000e,
0x000d,
0x000b,
0x000c,
0x0009,
0x000a,
}},
&tls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []tls.SignatureScheme{
tls.PKCS1WithSHA512,
0x0602,
tls.ECDSAWithP521AndSHA512,
tls.PKCS1WithSHA384,
0x0502,
tls.ECDSAWithP384AndSHA384,
tls.PKCS1WithSHA256,
0x0402,
tls.ECDSAWithP256AndSHA256,
0x0301,
0x0302,
0x0303,
tls.PKCS1WithSHA1,
0x0202,
tls.ECDSAWithSHA1,
},},
&tls.GenericExtension {Id: 0x000f}, // WARNING: UNKNOWN EXTENSION, USE AT YOUR OWN RISK
&tls.NPNExtension{},
&tls.ALPNExtension{AlpnProtocols: []string{"http/1.1"}},
&tls.UtlsPaddingExtension{GetPaddingLen: tls.BoringPaddingStyle},
},
}
tlsConn.ApplyPreset(&clientHelloSpec)
n, err = tlsConn.Write([]byte("Hello, World!"))
// or tlsConn.Handshake() for better control