diff options
-rw-r--r-- | README.chromium | 4 | ||||
-rw-r--r-- | openssl/openssl.config | 5 | ||||
-rw-r--r-- | openssl/patches/reduce_client_hello_size.patch | 64 | ||||
-rw-r--r-- | openssl/ssl/t1_lib.c | 36 | ||||
-rw-r--r-- | patches.chromium/z_reduce_client_hello_size.patch | 87 |
5 files changed, 169 insertions, 27 deletions
diff --git a/README.chromium b/README.chromium index 36b1480..6e49163 100644 --- a/README.chromium +++ b/README.chromium @@ -176,6 +176,10 @@ located in patches.chromium/. Currently this consists of: Exclude the source files bn_asm.c and rc4_skey.c for x86_64 because they are replaced by x86_64-gcc.c and rc4-x86_64.S. + z_reduce_client_hello_size.patch + Advertise support of only the NIST curves P-521, P-384, and P-256, + as well as only uncompressed points, to keep ClientHello small. + ************************************************************************** Adding new Chromium patches: diff --git a/openssl/openssl.config b/openssl/openssl.config index 78dac05..7519558 100644 --- a/openssl/openssl.config +++ b/openssl/openssl.config @@ -995,6 +995,7 @@ channelid.patch \ eng_dyn_dirs.patch \ fix_clang_build.patch \ x509_hash_name_algorithm_change.patch \ +reduce_client_hello_size.patch \ " OPENSSL_PATCHES_progs_SOURCES="\ @@ -1054,3 +1055,7 @@ crypto/x509v3/v3_utl.c \ OPENSSL_PATCHES_x509_hash_name_algorithm_change_SOURCES="\ crypto/x509/by_dir.c \ " + +OPENSSL_PATCHES_reduce_client_hello_size_SOURCES="\ +ssl/t1_lib.c \ +" diff --git a/openssl/patches/reduce_client_hello_size.patch b/openssl/patches/reduce_client_hello_size.patch new file mode 100644 index 0000000..b4e3c23 --- /dev/null +++ b/openssl/patches/reduce_client_hello_size.patch @@ -0,0 +1,64 @@ +diff -burN android-openssl.orig/ssl/t1_lib.c android-openssl/ssl/t1_lib.c +--- android-openssl.orig/ssl/t1_lib.c 2013-06-21 14:24:45.338681810 -0700 ++++ android-openssl/ssl/t1_lib.c 2013-06-21 14:34:07.977205221 -0700 +@@ -202,33 +202,14 @@ + NID_secp521r1 /* secp521r1 (25) */ + }; + ++/* We support only the elliptic curves that are also supported by NSS ++ * to improve compatibility with sites that don't accept large ClientHellos. ++ */ + static int pref_list[] = + { +- NID_sect571r1, /* sect571r1 (14) */ +- NID_sect571k1, /* sect571k1 (13) */ + NID_secp521r1, /* secp521r1 (25) */ +- NID_sect409k1, /* sect409k1 (11) */ +- NID_sect409r1, /* sect409r1 (12) */ + NID_secp384r1, /* secp384r1 (24) */ +- NID_sect283k1, /* sect283k1 (9) */ +- NID_sect283r1, /* sect283r1 (10) */ +- NID_secp256k1, /* secp256k1 (22) */ + NID_X9_62_prime256v1, /* secp256r1 (23) */ +- NID_sect239k1, /* sect239k1 (8) */ +- NID_sect233k1, /* sect233k1 (6) */ +- NID_sect233r1, /* sect233r1 (7) */ +- NID_secp224k1, /* secp224k1 (20) */ +- NID_secp224r1, /* secp224r1 (21) */ +- NID_sect193r1, /* sect193r1 (4) */ +- NID_sect193r2, /* sect193r2 (5) */ +- NID_secp192k1, /* secp192k1 (18) */ +- NID_X9_62_prime192v1, /* secp192r1 (19) */ +- NID_sect163k1, /* sect163k1 (1) */ +- NID_sect163r1, /* sect163r1 (2) */ +- NID_sect163r2, /* sect163r2 (3) */ +- NID_secp160k1, /* secp160k1 (15) */ +- NID_secp160r1, /* secp160r1 (16) */ +- NID_secp160r2, /* secp160r2 (17) */ + }; + + int tls1_ec_curve_id2nid(int curve_id) +@@ -1703,17 +1684,18 @@ + if (using_ecc) + { + if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist); +- if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) ++ /* To save an additional 2 bytes in the ClientHello, we only advertise support ++ * for the only EC Point Format that NSS supports (instead of all 3). ++ */ ++ if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(1)) == NULL) + { + SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); + return -1; + } +- s->tlsext_ecpointformatlist_length = 3; ++ s->tlsext_ecpointformatlist_length = 1; + s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed; +- s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; +- s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; + +- /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */ ++ /* we only advertise support for elliptic curves in NSA Suite B */ + if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist); + s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2; + if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) diff --git a/openssl/ssl/t1_lib.c b/openssl/ssl/t1_lib.c index 28d45b3..f447f22 100644 --- a/openssl/ssl/t1_lib.c +++ b/openssl/ssl/t1_lib.c @@ -202,33 +202,14 @@ static int nid_list[] = NID_secp521r1 /* secp521r1 (25) */ }; +/* We support only the elliptic curves that are also supported by NSS + * to improve compatibility with sites that don't accept large ClientHellos. + */ static int pref_list[] = { - NID_sect571r1, /* sect571r1 (14) */ - NID_sect571k1, /* sect571k1 (13) */ NID_secp521r1, /* secp521r1 (25) */ - NID_sect409k1, /* sect409k1 (11) */ - NID_sect409r1, /* sect409r1 (12) */ NID_secp384r1, /* secp384r1 (24) */ - NID_sect283k1, /* sect283k1 (9) */ - NID_sect283r1, /* sect283r1 (10) */ - NID_secp256k1, /* secp256k1 (22) */ NID_X9_62_prime256v1, /* secp256r1 (23) */ - NID_sect239k1, /* sect239k1 (8) */ - NID_sect233k1, /* sect233k1 (6) */ - NID_sect233r1, /* sect233r1 (7) */ - NID_secp224k1, /* secp224k1 (20) */ - NID_secp224r1, /* secp224r1 (21) */ - NID_sect193r1, /* sect193r1 (4) */ - NID_sect193r2, /* sect193r2 (5) */ - NID_secp192k1, /* secp192k1 (18) */ - NID_X9_62_prime192v1, /* secp192r1 (19) */ - NID_sect163k1, /* sect163k1 (1) */ - NID_sect163r1, /* sect163r1 (2) */ - NID_sect163r2, /* sect163r2 (3) */ - NID_secp160k1, /* secp160k1 (15) */ - NID_secp160r1, /* secp160r1 (16) */ - NID_secp160r2, /* secp160r2 (17) */ }; int tls1_ec_curve_id2nid(int curve_id) @@ -1703,17 +1684,18 @@ int ssl_prepare_clienthello_tlsext(SSL *s) if (using_ecc) { if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist); - if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) + /* To save an additional 2 bytes in the ClientHello, we only advertise support + * for the only EC Point Format that NSS supports (instead of all 3). + */ + if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(1)) == NULL) { SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); return -1; } - s->tlsext_ecpointformatlist_length = 3; + s->tlsext_ecpointformatlist_length = 1; s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed; - s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; - s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; - /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */ + /* we only advertise support for elliptic curves in NSA Suite B */ if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist); s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2; if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) diff --git a/patches.chromium/z_reduce_client_hello_size.patch b/patches.chromium/z_reduce_client_hello_size.patch new file mode 100644 index 0000000..1bac5cc --- /dev/null +++ b/patches.chromium/z_reduce_client_hello_size.patch @@ -0,0 +1,87 @@ +diff -burN android-openssl.orig/openssl.config android-openssl/openssl.config +--- android-openssl.orig/openssl.config 2013-06-21 14:24:36.298545589 -0700 ++++ android-openssl/openssl.config 2013-06-21 14:30:36.253997113 -0700 +@@ -995,6 +995,7 @@ + eng_dyn_dirs.patch \ + fix_clang_build.patch \ + x509_hash_name_algorithm_change.patch \ ++reduce_client_hello_size.patch \ + " + + OPENSSL_PATCHES_progs_SOURCES="\ +@@ -1054,3 +1055,7 @@ + OPENSSL_PATCHES_x509_hash_name_algorithm_change_SOURCES="\ + crypto/x509/by_dir.c \ + " ++ ++OPENSSL_PATCHES_reduce_client_hello_size_SOURCES="\ ++ssl/t1_lib.c \ ++" +diff -burN android-openssl.orig/patches/reduce_client_hello_size.patch android-openssl/patches/reduce_client_hello_size.patch +--- android-openssl.orig/patches/reduce_client_hello_size.patch 1969-12-31 16:00:00.000000000 -0800 ++++ android-openssl/patches/reduce_client_hello_size.patch 2013-06-21 14:35:14.508212895 -0700 +@@ -0,0 +1,64 @@ ++diff -burN android-openssl.orig/ssl/t1_lib.c android-openssl/ssl/t1_lib.c ++--- android-openssl.orig/ssl/t1_lib.c 2013-06-21 14:24:45.338681810 -0700 +++++ android-openssl/ssl/t1_lib.c 2013-06-21 14:34:07.977205221 -0700 ++@@ -202,33 +202,14 @@ ++ NID_secp521r1 /* secp521r1 (25) */ ++ }; ++ +++/* We support only the elliptic curves that are also supported by NSS +++ * to improve compatibility with sites that don't accept large ClientHellos. +++ */ ++ static int pref_list[] = ++ { ++- NID_sect571r1, /* sect571r1 (14) */ ++- NID_sect571k1, /* sect571k1 (13) */ ++ NID_secp521r1, /* secp521r1 (25) */ ++- NID_sect409k1, /* sect409k1 (11) */ ++- NID_sect409r1, /* sect409r1 (12) */ ++ NID_secp384r1, /* secp384r1 (24) */ ++- NID_sect283k1, /* sect283k1 (9) */ ++- NID_sect283r1, /* sect283r1 (10) */ ++- NID_secp256k1, /* secp256k1 (22) */ ++ NID_X9_62_prime256v1, /* secp256r1 (23) */ ++- NID_sect239k1, /* sect239k1 (8) */ ++- NID_sect233k1, /* sect233k1 (6) */ ++- NID_sect233r1, /* sect233r1 (7) */ ++- NID_secp224k1, /* secp224k1 (20) */ ++- NID_secp224r1, /* secp224r1 (21) */ ++- NID_sect193r1, /* sect193r1 (4) */ ++- NID_sect193r2, /* sect193r2 (5) */ ++- NID_secp192k1, /* secp192k1 (18) */ ++- NID_X9_62_prime192v1, /* secp192r1 (19) */ ++- NID_sect163k1, /* sect163k1 (1) */ ++- NID_sect163r1, /* sect163r1 (2) */ ++- NID_sect163r2, /* sect163r2 (3) */ ++- NID_secp160k1, /* secp160k1 (15) */ ++- NID_secp160r1, /* secp160r1 (16) */ ++- NID_secp160r2, /* secp160r2 (17) */ ++ }; ++ ++ int tls1_ec_curve_id2nid(int curve_id) ++@@ -1703,17 +1684,18 @@ ++ if (using_ecc) ++ { ++ if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist); ++- if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) +++ /* To save an additional 2 bytes in the ClientHello, we only advertise support +++ * for the only EC Point Format that NSS supports (instead of all 3). +++ */ +++ if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(1)) == NULL) ++ { ++ SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); ++ return -1; ++ } ++- s->tlsext_ecpointformatlist_length = 3; +++ s->tlsext_ecpointformatlist_length = 1; ++ s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed; ++- s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; ++- s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; ++ ++- /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */ +++ /* we only advertise support for elliptic curves in NSA Suite B */ ++ if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist); ++ s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2; ++ if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) |