0
const ciphers = [
'TLS_CHACHA20_POLY1305_SHA256',
'TLS_AES_128_GCM_SHA256',
'TLS_AES_256_GCM_SHA384',
'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256' ];
const agent = new Agent({ ciphers: ciphers.join(':'), honorCipherOrder: true, minVersion: 'TLSv1.2' });

The above code is in Javascript, from this, it's connecting to a rest api belonging to riot, how can I achieve the same thing in c#, my code used to work before the above cipher suits became a requirement, now it's not working anymore (error 403 forbidden), and all it needs is to set the cipher suit, but it seems impossible for httpclient, which is what I'm using to connect to the api

Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
Dartz
  • 11
  • 4
  • 1
    *"error 403 forbidden"* means that the TLS handshake has succeeded, because otherwise it would not have been able to transmit a HTTP response with this error code. But without working ciphers the TLS handshake would have failed, i.e. something like *alert handshake failure* or *alert no shared ciphers*. Which suggests that the problem you phase is likely not the ciphers but something else. – Steffen Ullrich Jun 17 '22 at 12:50
  • Agreed, also you don't normally need to set the ciphers as the client will automatically negotiate an appropriate cipher with the server. – Charlieface Jun 17 '22 at 12:56
  • @SteffenUllrich except if some firewall like cloudflare's is enabled – ggeorge Jun 17 '22 at 12:57
  • @ggeorge: I think you refer to Cloudflare anti-bot protection. This might take into account the ciphers in order to decide if it is a bot or not (i.e. JA3 fingerprint or similar) but still the TLS handshake succeeded. And anti-bot detection needs usually more to bypass than just changing some ciphers. – Steffen Ullrich Jun 17 '22 at 13:01
  • @SteffenUllrich right i mean the anti-bot mechanish that profiling the tls fingerptint. In case of CF, at least 2 months ago, the way to bypass this mechanish was only to use the right ciphers in the correct order according to chrome's (or any browser) ciphers and order. And yes in case you use different tls fingerprint, CF returns 403 – ggeorge Jun 17 '22 at 13:04
  • @ggeorge yes cloud flare is being used by riot – Dartz Jun 17 '22 at 13:18
  • as @ggeorge pointed out, it's cloudflare that's preventing me from connecting successfully, others had the same issue, same error code, and got it working using the ciphers code bit, but all of them use python or js, and I've no idea how to do this for httpclient in c# – Dartz Jun 17 '22 at 13:19
  • try this one https://github.com/Carcraftz/TLS-Fingerprint-API – ggeorge Jun 17 '22 at 13:20
  • 1
    Pass all traffic through this proxy server – ggeorge Jun 17 '22 at 13:21
  • @ggeorge that seems like an overkill, right? – Dartz Jun 17 '22 at 14:34
  • @Dartz another solution would be this one https://stackoverflow.com/a/68286587/5276946 – ggeorge Jun 18 '22 at 07:53

0 Answers0