Add wrapper script to impersonate Safari 15.3

Add a new wrapper script that impersonates Safari 15.3 on MacOS 11.6.4 ("Big Sur"). The wrapper script uses command line arguments previously added to "curl-impersonate" for that purpose: * --curves * --signature-hashes * --no-tls-session-ticket * --http2-pseudo-headers-order
lexiforest · Mar 3, 2022 · f9afe9c · f9afe9c
1 parent 8bc8019
commit f9afe9c
Show file tree

Hide file tree

Showing 4 changed files with 94 additions and 1 deletion.
diff --git a/chrome/Dockerfile b/chrome/Dockerfile
@@ -92,5 +92,5 @@ RUN ver=$(readlink -f curl-7.81.0/lib/.libs/libcurl.so | sed 's/.*so\.//') && \
     strip "out/libcurl-impersonate.so.$ver"
 
 # Wrapper scripts
-COPY curl_chrome* curl_edge* out/
+COPY curl_chrome* curl_edge* curl_safari* out/
 RUN chmod +x out/curl_*
diff --git a/chrome/curl_safari15_3 b/chrome/curl_safari15_3
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+# Find the directory of this script
+dir=`echo "$0" | sed 's%/[^/]*$%%'`
+
+# The list of ciphers can be obtained by looking at the Client Hello message in
+# Wireshark, then converting it using this reference
+# https://wiki.mozilla.org/Security/Cipher_Suites
+"$dir/curl-impersonate" \
+    --ciphers TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_RSA_WITH_AES_256_GCM_SHA384:TLS_RSA_WITH_AES_128_GCM_SHA256:TLS_RSA_WITH_AES_256_CBC_SHA256:TLS_RSA_WITH_AES_128_CBC_SHA256:TLS_RSA_WITH_AES_256_CBC_SHA:TLS_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:TLS_RSA_WITH_3DES_EDE_CBC_SHA \
+    --curves X25519:P-256:P-384:P-521 \
+    --signature-hashes ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256,rsa_pkcs1_sha256,ecdsa_secp384r1_sha384,ecdsa_sha1,rsa_pss_rsae_sha384,rsa_pss_rsae_sha384,rsa_pkcs1_sha384,rsa_pss_rsae_sha512,rsa_pkcs1_sha512,rsa_pkcs1_sha1 \
+    -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15' \
+    -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \
+    -H 'Accept-Language: en-us' \
+    -H 'Accept-Encoding: gzip, deflate, br' \
+    --http2 --false-start --compressed \
+    --tlsv1.0 --no-npn --no-tls-session-ticket \
+    --http2-pseudo-headers-order 'mspa' \
+    $@
diff --git a/tests/signatures.yaml b/tests/signatures.yaml
@@ -300,3 +300,75 @@ signature:
               length: 2
               record_size_limit: 16385
             - type: padding
+---
+name: safari_15.3_macos11.6.4
+browser:
+    name: safari
+    version: 15.3
+    os: macos11.6.4
+    mode: regular
+signature:
+    tls_client_hello:
+        record_version: 'TLS_VERSION_1_0'
+        handshake_version: 'TLS_VERSION_1_2'
+        session_id_length: 32
+        ciphersuites: [
+            'GREASE',
+            0x1301, 0x1302, 0x1303, 0xc02c, 0xc02b, 0xcca9, 0xc030, 0xc02f,
+            0xcca8, 0xc024, 0xc023, 0xc00a, 0xc009, 0xc028, 0xc027, 0xc014,
+            0xc013, 0x009d, 0x009c, 0x003d, 0x003c, 0x0035, 0x002f, 0xc008,
+            0xc012, 0x000a
+        ]
+        comp_methods: [0x00]
+        extensions:
+            - type: GREASE
+              length: 0
+            - type: server_name
+            - type: extended_master_secret
+              length: 0
+            - type: renegotiation_info
+              length: 1
+            - type: supported_groups
+              length: 12
+              supported_groups: [
+                  'GREASE',
+                  0x001d, 0x0017, 0x0018, 0x0019
+              ]
+            - type: ec_point_formats
+              length: 2
+              ec_point_formats: [0]
+            - type: application_layer_protocol_negotiation
+              length: 14
+              alpn_list: ['h2', 'http/1.1']
+            - type: status_request
+              length: 5
+              status_request_type: 0x01
+            - type: signature_algorithms
+              length: 24
+              sig_hash_algs: [
+                  0x0403, 0x0804, 0x0401, 0x0503, 0x0203, 0x0805, 0x0805,
+                  0x0501, 0x0806, 0x0601, 0x0201
+              ]
+            - type: signed_certificate_timestamp
+              length: 0
+            - type: keyshare
+              length: 43
+              key_shares:
+                  - group: 'GREASE'
+                    length: 1
+                  - group: 29
+                    length: 32
+            - type: psk_key_exchange_modes
+              length: 2
+              psk_ke_mode: 1
+            - type: supported_versions
+              length: 11
+              supported_versions: [
+                  'GREASE',
+                  'TLS_VERSION_1_3', 'TLS_VERSION_1_2',
+                  'TLS_VERSION_1_1', 'TLS_VERSION_1_0'
+              ]
+            - type: GREASE
+              length: 1
+              data: !!binary AA==
+            - type: padding
diff --git a/tests/test_impersonate.py b/tests/test_impersonate.py
@@ -126,6 +126,7 @@ class TestImpersonation:
         # Test wrapper scripts
         ("chrome/curl_chrome98", None, "chrome_98.0.4758.102_win10"),
         ("chrome/curl_edge98", None, "edge_98.0.1108.62_win10"),
+        ("chrome/curl_safari15_3", None, "safari_15.3_macos11.6.4"),
         ("firefox/curl_ff91esr", None, "firefox_91.6.0esr_win10"),
         ("firefox/curl_ff95", None, "firefox_95.0.2_win10"),