Added Chrome 112 with PSK TLS profile

psiphon/common/protocol/protocol.go

@@ -325,27 +325,28 @@ func IsValidClientTunnelProtocol(
 }
 
 const (
-	TLS_VERSION_12          = "TLSv1.2"
-	TLS_VERSION_13          = "TLSv1.3"
-	TLS_PROFILE_IOS_111     = "iOS-11.1"
-	TLS_PROFILE_IOS_121     = "iOS-12.1"
-	TLS_PROFILE_IOS_13      = "iOS-13"
-	TLS_PROFILE_IOS_14      = "iOS-14"
-	TLS_PROFILE_SAFARI_16   = "Safari-16"
-	TLS_PROFILE_CHROME_58   = "Chrome-58"
-	TLS_PROFILE_CHROME_62   = "Chrome-62"
-	TLS_PROFILE_CHROME_70   = "Chrome-70"
-	TLS_PROFILE_CHROME_72   = "Chrome-72"
-	TLS_PROFILE_CHROME_83   = "Chrome-83"
-	TLS_PROFILE_CHROME_96   = "Chrome-96"
-	TLS_PROFILE_CHROME_102  = "Chrome-102"
-	TLS_PROFILE_CHROME_106  = "Chrome-106"
-	TLS_PROFILE_FIREFOX_55  = "Firefox-55"
-	TLS_PROFILE_FIREFOX_56  = "Firefox-56"
-	TLS_PROFILE_FIREFOX_65  = "Firefox-65"
-	TLS_PROFILE_FIREFOX_99  = "Firefox-99"
-	TLS_PROFILE_FIREFOX_105 = "Firefox-105"
-	TLS_PROFILE_RANDOMIZED  = "Randomized-v2"
+	TLS_VERSION_12             = "TLSv1.2"
+	TLS_VERSION_13             = "TLSv1.3"
+	TLS_PROFILE_IOS_111        = "iOS-11.1"
+	TLS_PROFILE_IOS_121        = "iOS-12.1"
+	TLS_PROFILE_IOS_13         = "iOS-13"
+	TLS_PROFILE_IOS_14         = "iOS-14"
+	TLS_PROFILE_SAFARI_16      = "Safari-16"
+	TLS_PROFILE_CHROME_58      = "Chrome-58"
+	TLS_PROFILE_CHROME_62      = "Chrome-62"
+	TLS_PROFILE_CHROME_70      = "Chrome-70"
+	TLS_PROFILE_CHROME_72      = "Chrome-72"
+	TLS_PROFILE_CHROME_83      = "Chrome-83"
+	TLS_PROFILE_CHROME_96      = "Chrome-96"
+	TLS_PROFILE_CHROME_102     = "Chrome-102"
+	TLS_PROFILE_CHROME_106     = "Chrome-106"
+	TLS_PROFILE_CHROME_112_PSK = "Chrome-112_PSK"
+	TLS_PROFILE_FIREFOX_55     = "Firefox-55"
+	TLS_PROFILE_FIREFOX_56     = "Firefox-56"
+	TLS_PROFILE_FIREFOX_65     = "Firefox-65"
+	TLS_PROFILE_FIREFOX_99     = "Firefox-99"
+	TLS_PROFILE_FIREFOX_105    = "Firefox-105"
+	TLS_PROFILE_RANDOMIZED     = "Randomized-v2"
 )
 
 var SupportedTLSProfiles = TLSProfiles{
@@ -362,6 +363,7 @@ var SupportedTLSProfiles = TLSProfiles{
 	TLS_PROFILE_CHROME_96,
 	TLS_PROFILE_CHROME_102,
 	TLS_PROFILE_CHROME_106,
+	TLS_PROFILE_CHROME_112_PSK,
 	TLS_PROFILE_FIREFOX_55,
 	TLS_PROFILE_FIREFOX_56,
 	TLS_PROFILE_FIREFOX_65,

psiphon/tlsDialer.go

@@ -60,6 +60,7 @@ import (
 	"encoding/hex"
 	std_errors "errors"
 	"io/ioutil"
+	"math"
 	"net"
 
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common"
@@ -858,6 +859,29 @@ func getUTLSClientHelloID(
 		return utls.HelloChrome_102, nil, nil
 	case protocol.TLS_PROFILE_CHROME_106:
 		return utls.HelloChrome_106_Shuffle, nil, nil
+	case protocol.TLS_PROFILE_CHROME_112_PSK:
+		preset, err := utls.UTLSIdToSpec(utls.HelloChrome_112_PSK_Shuf)
+		if err != nil {
+			return utls.HelloCustom, nil, err
+		}
+
+		// Generates typical PSK extension values.
+		labelLengths := []int{192, 208, 224, 226, 235, 240, 273, 421, 429, 441}
+		label := prng.Bytes(labelLengths[prng.Intn(len(labelLengths))])
+		obfuscatedTicketAge := uint32(prng.Range(13029567, math.MaxUint32))
+		binder := prng.Bytes(33)
+		binder[0] = 0x20 // Binder's length
+
+		if pskExt, ok := preset.Extensions[len(preset.Extensions)-1].(*utls.FakePreSharedKeyExtension); ok {
+			pskExt.PskIdentities = []utls.PskIdentity{
+				{
+					Label:               label,
+					ObfuscatedTicketAge: obfuscatedTicketAge,
+				},
+			}
+			pskExt.PskBinders = [][]byte{binder}
+		}
+		return utls.HelloCustom, &preset, nil
 	case protocol.TLS_PROFILE_FIREFOX_55:
 		return utls.HelloFirefox_55, nil, nil
 	case protocol.TLS_PROFILE_FIREFOX_56: