// import tls "github.com/refraction-networking/utls"
tcpConn, err := net.Dial("tcp", "tlsfingerprint.io:443")
if err != nil {
fmt.Printf("net.Dial() failed: %+v\n", err)
return
}
config := tls.Config{ServerName: "tlsfingerprint.io"}
// This fingerprint includes feature(s), not fully supported by TLS.
// uTLS client with this fingerprint will only be able to to talk to servers,
// that also do not support those features.
tlsConn := tls.UClient(tcpConn, &tlsConfig, tls.HelloCustom)
clientHelloSpec := tls.ClientHelloSpec {
CipherSuites: []uint16{
0xff87,
0xff86,
0xff83,
0xff82,
0xff37,
0xff36,
0xff33,
0xff32,
0xff17,
0xff16,
0xff13,
0xff12,
0xff07,
0xff06,
0xff03,
0xff02,
0x16ba,
0x16b9,
0x16b8,
0x16b7,
0xff85,
0xff84,
0xff81,
0xff80,
0xff35,
0xff34,
0xff31,
0xff30,
0xff15,
0xff14,
0xff11,
0xff10,
0xff05,
0xff04,
0xff01,
0xff00,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
0x009f,
0xccaa,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
0xc08b,
0xc087,
0xc07d,
0xc05d,
0xc053,
0xcc15,
tls.OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
tls.OLD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
0x009e,
0xc08a,
0xc086,
0xc07c,
0xc061,
0xc060,
0xc05c,
0xc052,
0xc0ad,
0xc09f,
0xc0ac,
0xc09e,
0xc0af,
0xc0a3,
0xc0ae,
0xc0a2,
tls.DISABLED_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
tls.DISABLED_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
0x006b,
0xc077,
0xc073,
0xc04d,
0xc049,
0xc045,
0x00c4,
0x0088,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
0x0067,
0xc076,
0xc072,
0xc04c,
0xc048,
0xc044,
0x00be,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
0x0045,
0x0039,
0x0033,
0xc08d,
0xc08c,
0xc089,
0xc088,
0xc079,
0xc078,
0xc075,
0xc074,
0xc063,
0xc062,
0xc05f,
0xc05e,
0xc04f,
0xc04e,
0xc04b,
0xc04a,
0xc032,
0xc031,
0xc02e,
0xc02d,
0xc02a,
0xc029,
0xc026,
0xc025,
0xc00f,
0xc00e,
0xc005,
0xc004,
0x003f,
0xc07f,
0xc07e,
0xc055,
0xc054,
0xc041,
0x00ff,
},
CompressionMethods: []byte{
0x00, // compressionNone
0x01
},
Extensions: []tls.TLSExtension{
&tls.SupportedCurvesExtension{[]tls.CurveID{
0x001e,
tls.X25519,
tls.CurveP384,
tls.CurveP256,
tls.CurveP521,
0x000e,
0x000d,
0x001c,
0x000c,
0x000b,
0x001b,
0x000a,
0x0009,
0x0016,
0x001a,
0x0008,
0x0007,
0x0006,
0x0015,
0x0014,
0x0004,
0x0005,
0x0013,
0x0012,
0x0002,
0x0003,
0x0001,
0x0010,
0x0011,
0x000f,
}},
&tls.SupportedPointsExtension{SupportedPoints: []byte{
0x00, // pointFormatUncompressed
}},
&tls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []tls.SignatureScheme{
0x0808,
0x0807,
0x080b,
0x080a,
0x0809,
tls.PSSWithSHA512,
tls.PSSWithSHA384,
tls.PSSWithSHA256,
tls.ECDSAWithP521AndSHA512,
tls.ECDSAWithP384AndSHA384,
tls.ECDSAWithP256AndSHA256,
0x0303,
tls.PKCS1WithSHA512,
tls.PKCS1WithSHA384,
tls.PKCS1WithSHA256,
0x0301,
tls.ECDSAWithSHA1,
0x0202,
tls.PKCS1WithSHA1,
0x0101,
},},
&tls.GenericExtension {Id: 0x0016}, // WARNING: UNKNOWN EXTENSION, USE AT YOUR OWN RISK
&tls.UtlsExtendedMasterSecretExtension{},
&tls.SessionTicketExtension{},
&tls.UtlsPaddingExtension{GetPaddingLen: tls.BoringPaddingStyle},
},
}
tlsConn.ApplyPreset(&clientHelloSpec)
n, err = tlsConn.Write([]byte("Hello, World!"))
// or tlsConn.Handshake() for better control