Skip to content

Add Chrome 150 TLS profiles#404

Open
icew4y wants to merge 10 commits into
refraction-networking:masterfrom
icew4y:feature/chrome-150-tls-profile-upstream
Open

Add Chrome 150 TLS profiles#404
icew4y wants to merge 10 commits into
refraction-networking:masterfrom
icew4y:feature/chrome-150-tls-profile-upstream

Conversation

@icew4y

@icew4y icew4y commented Jul 2, 2026

Copy link
Copy Markdown

Summary

  • Add HelloChrome_150 and HelloChrome_150_PSK profiles.
  • Add ML-DSA signature scheme constants/string mappings for 0x0904, 0x0905, and 0x0906.
  • Keep HelloChrome_Auto on Chrome 133 until upstream Go TLS support for ML-DSA certificate signatures is available in uTLS.
  • Keep trust_anchors out of the Chrome 150 profiles.

Rationale

Chrome 150 advertises ML-DSA signature schemes, but the current uTLS handshake implementation is based on a Go TLS stack that cannot verify or produce ML-DSA CertificateVerify signatures yet. The explicit Chrome 150 profiles are still useful for fingerprint parity, while HelloChrome_Auto should avoid advertising capabilities that the stack cannot complete. Go 1.27 draft release notes include crypto/mldsa, crypto/x509 ML-DSA support, and crypto/tls ML-DSA TLS 1.3 support, so Auto can move after that upstream support is available here.

Sources

Tests

  • go test -run 'TestHelloChrome150|TestHelloChromeAuto'
  • go test -count=1 ./...

@icew4y icew4y marked this pull request as ready for review July 2, 2026 00:29
@icew4y icew4y marked this pull request as draft July 2, 2026 21:17
@icew4y icew4y force-pushed the feature/chrome-150-tls-profile-upstream branch 2 times, most recently from f87bfe3 to 424eb6c Compare July 7, 2026 06:40
@icew4y icew4y force-pushed the feature/chrome-150-tls-profile-upstream branch from c10332a to cdfcd97 Compare July 7, 2026 16:54
@icew4y icew4y marked this pull request as ready for review July 8, 2026 18:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant