FORUMS
Remove All Ads from XDA

SSL Ciphers in Android Gingerbread

192 posts
Thanks Meter: 349
 
By hunderteins, Senior Member on 17th October 2013, 09:55 AM
Post Reply Email Thread
************ UPDATE *****************
update.zip flashable for DSC and DSC PDroid can be found at
openssl 1.0.1e update for DSC/407
*****************************************

Hello,

you may have heard of the badly choosen default ssl ciphers (1) in gingerbread.
Gingerbread devices use outdated encryption algorithms for ssl communication.

That problem effects also gingerbread based roms like 407 or dsc. You can check this by sending
your default browser (or for example nakedbrowser) to a ssl browser test-server (2)

You will get a result like in attachment 1 ciphers_original: We are using the RC4-SHA without perfect forward secrecy. That is problematic cause of the Lucky 13 attack agains this encryption (3)

With some patch in core.jar in our framework (attachment ciphers_reorder.patch) I got DHE-RSA-AES128-SHA which is considered more secure and also supports perfect forward secrecy. (attachment ciphers_pfs)

You can get my core.jar from http://ge.tt/api/1/files/1MKLbUv/0/blob?download. Install it into /system/framework and rebuild your dalvik-cache.

I can't support TLSv1.1 or TLSv1.2 yet, because it would need to recompile a more recent version of libssl.so.

Users of Opera get even DHE-RSA-AES256-SHA in their connection (attachment ciphers_opera) which is considered state-of-the art cryptography. But even than, other android apps will use the badly choosen systems default. So it is a good idea even for opera
users, to update core.jar.

Can please someone confirm my findings, and install core.jar in a 407 or dsc rom and check your browser on (2)

(1) http://op-co.de/blog/posts/android_ssl_downgrade/
(2) https://cc.dcsec.uni-hannover.de/
(3) http://www.isg.rhul.ac.uk/tls/Lucky13.html
Attached Thumbnails
Click image for larger version

Name:	ciphers_original.jpg
Views:	419
Size:	45.8 KB
ID:	2331010   Click image for larger version

Name:	ciphers_pfs.jpg
Views:	447
Size:	48.7 KB
ID:	2331012   Click image for larger version

Name:	ciphers_opera.jpg
Views:	392
Size:	43.6 KB
ID:	2331013  
Attached Files
File Type: patch ciphers_reorder.patch - [Click for QR Code] (3.8 KB, 53 views)
The Following 4 Users Say Thank You to hunderteins For This Useful Post: [ View ] Gift hunderteins Ad-Free
 
 
17th October 2013, 01:36 PM |#2  
Member
Flag Kuala Lumpur
Thanks Meter: 8
 
More
@hunderteins,
Thanks for the post.
I am on currently BB407, PCM ROM. Should I do this too?
How is it, which one to choose? Copy your given "core.jar" and paste to "/system/framework" and rebuild your dalvik-cache... OR flash " ciphers_reorder.patch" ?
Ops, sorry I don't know how to handle file.patch... how is it?

Attached are test run using Firefox and Opera.
I have also run using STOCK browser, BOAT browser, and ONE browser. Result same as you shown in your post's 1st picture.



Dell Streak | InnerSD 8GB | ExternalSD 32GB | Custom ROM
Attached Thumbnails
Click image for larger version

Name:	uploadfromtaptalk1382013160314.jpg
Views:	142
Size:	46.0 KB
ID:	2331360   Click image for larger version

Name:	uploadfromtaptalk1382013355080.jpg
Views:	134
Size:	56.6 KB
ID:	2331367  
17th October 2013, 01:55 PM |#3  
OP Senior Member
Thanks Meter: 349
 
More
Quote:
Originally Posted by Razak RK

I am on currently BB407, PCM ROM. Should I do this too?

don't know pcm rom. Can you checksum your /system/framework/core.jar ?
For example
Code:
$ sha1sum /system/framework/core.jar
126bad1df158f1af179d353ecd9e781501a30c73  /system/framework/core.jar
$ md5sum /system/framework/core.jar
1b1c955e837b4413fcbeead0a54cd4b7  /system/framework/core.jar
If you get the same values as above, it's safe to copy my core.jar into
your /system/framework/ and rebuild dalvik-cache (for example with a restart).

If you have other checksum values, you would need to decompile (smali) your core.jar, apply the patch-file and compile (smali) it again and replace classes.dex in your core.jar.

Quote:
Originally Posted by Razak RK

Attached are test run using Firefox and Opera.
I have also run using STOCK browser, BOAT browser, and ONE browser. Result same as you shown in your post's 1st picture.

Well thank your for the confirmation. Firefox seems also immune. The others use the default android classes.

There is one thing in firefox though. It is able to use TLSv1.2 on the desktop. I wonder if this would work on the mobile version also. Go into about:config and set security.tls.version.max from 1 to 3. Reconnect to the test-server. You should see a nice 'This connection uses TLSv1.2'

Good luck,
hunderteins
17th October 2013, 06:04 PM |#4  
Senior Member
Flag Tarsus
Thanks Meter: 133
 
Donate to Me
More
Thank you Hunderteins!
How about kernel 3.0?
Are you still working on it?

Regards...[COLOR="Silver"]
17th October 2013, 06:42 PM |#5  
Member
Flag Kuala Lumpur
Thanks Meter: 8
 
More
Quote:
Originally Posted by hunderteins

don't know pcm rom. Can you checksum your /system/framework/core.jar ?
For example

Code:
$ sha1sum /system/framework/core.jar
126bad1df158f1af179d353ecd9e781501a30c73  /system/framework/core.jar
$ md5sum /system/framework/core.jar
1b1c955e837b4413fcbeead0a54cd4b7  /system/framework/core.jar
If you get the same values as above, it's safe to copy my core.jar into
your /system/framework/ and rebuild dalvik-cache (for example with a restart).

If you have other checksum values, you would need to decompile (smali) your core.jar, apply the patch-file and compile (smali) it again and replace classes.dex in your core.jar.



Well thank your for the confirmation. Firefox seems also immune. The others use the default android classes.

There is one thing in firefox though. It is able to use TLSv1.2 on the desktop. I wonder if this would work on the mobile version also. Go into about:config and set security.tls.version.max from 1 to 3. Reconnect to the test-server. You should see a nice 'This connection uses TLSv1.2'

Good luck,
hunderteins

~•~•~•~•~
@hunderteins,
Thank you for your reply.
Here is the checksum I get when I run in Terminal Emulator:-

$ export PATH=/data/local/bin:$PATH
$sha1sum /system/framework/core.jar
1291fcce44f4be036e2209ccb46d3313b65bdfdc /system/framework/core.jar
$md5sum /system/framework/core.jar
19bd48b8eac1bb123a823d039415a344 /system/framework/core.jar
$

So, they are NOT the same.
I don't have knowledge of how to decompile (smali) of core.jar, applying the patch-file, compile (smali) it again and replace classes.dex in my core.jar. Nope... I'm stuck to go further.

As for Firefox mobile on my Streak PCM7, I have check the menu and settings, here is NO option as per you mention.

Reason I'm interested to know is to set my Streak at best.
BTW, I'm currently installing and testing all the Streak Custom ROMs in XDA, trying to find a ROM that would probably best for my daily use = Performance+Save Power+Other Features. I probably end up having to learn to mix some ROMs into my own personal use...if I got the time to do it though... :P



Dell Streak | InnerSD 8GB | ExternalSD 32GB | Custom ROM
18th October 2013, 12:43 PM |#6  
OP Senior Member
Thanks Meter: 349
 
More
Quote:
Originally Posted by Razak RK

I don't have knowledge of how to decompile (smali) of core.jar, applying the patch-file, compile (smali) it again and replace classes.dex in my core.jar. Nope... I'm stuck to go further.

basically you need http://code.google.com/p/smali/downloads/list

a good tutorial how the framework is decompiled/updated can be found at
http://forum.xda-developers.com/show....php?t=1084850

for how to apply a patch to a source-file consult the manpage of patch

back to topic. I updated core.jar http://ge.tt/api/1/files/7F3UKbv/0/blob?download
Now DHE-RSA-AES256-SHA is included in the list of useable ciphers.
This way in stockbrowser/nakedbrowser the same encrpytion is used as in opera/firefox
look into attached image.

Patch is also included for thoose who find it useful.

Have a nice weekend,
hunderteins
Attached Thumbnails
Click image for larger version

Name:	ciphers_pfs256.jpg
Views:	131
Size:	39.4 KB
ID:	2333652  
Attached Files
File Type: patch ciphers_reorder_256.patch - [Click for QR Code] (6.1 KB, 26 views)
The Following 2 Users Say Thank You to hunderteins For This Useful Post: [ View ] Gift hunderteins Ad-Free
18th October 2013, 12:46 PM |#7  
OP Senior Member
Thanks Meter: 349
 
More
Quote:
Originally Posted by sinan33

How about kernel 3.0?
Are you still working on it?

didn't post in that thread, did I?
19th October 2013, 11:17 AM |#8  
Senior Member
Flag Tarsus
Thanks Meter: 133
 
Donate to Me
More
Quote:
Originally Posted by hunderteins

didn't post in that thread, did I?

Sorry dude; just eagerness
19th October 2013, 04:57 PM |#9  
Strephon Alkhalikoi's Avatar
Senior Member
Flag Vulcan
Thanks Meter: 1,982
 
More
Confirmed working on Traveller DSC. ROM updates will be coming shortly.

Flashable zip for core.jar patch suitable for DSC and Traveller DSC: MediaFire | Mega
The Following 3 Users Say Thank You to Strephon Alkhalikoi For This Useful Post: [ View ] Gift Strephon Alkhalikoi Ad-Free
5th November 2013, 03:26 PM |#10  
OP Senior Member
Thanks Meter: 349
 
More
Elliptic curve Diffie–Hellman Key exchange
Hello,
the libssl 1.0.0a on the streak supports elliptic curve Diffie–Hellman key exchange.
With the right server, this speeds up https compared to normal Diffie–Hellman key exchange.
So I had to change the core.jar again to support these cyphers.
With this update I removed the know weak ciphers (export, 56bit etc)
I attached a openssl command for the commandline, to check libssl.so for features. It might
be useful elsewhere.

Have fun,
hunderteins
Attached Thumbnails
Click image for larger version

Name:	ecdhe.png
Views:	78
Size:	118.6 KB
ID:	2372922  
Attached Files
File Type: patch ecdhe.patch - [Click for QR Code] (12.3 KB, 18 views)
File Type: jar core.jar - [Click for QR Code] (1.83 MB, 5 views)
File Type: jar core-pdroid.jar - [Click for QR Code] (1.84 MB, 8 views)
File Type: gz openssl.gz - [Click for QR Code] (153.4 KB, 14 views)
The Following User Says Thank You to hunderteins For This Useful Post: [ View ] Gift hunderteins Ad-Free
5th November 2013, 09:35 PM |#11  
OP Senior Member
Thanks Meter: 349
 
More
TLSv1.1 and TLSv1.2 protocol
Hello,
SSLv3/TLSv1.0 are known to be problematic with stream ciphers (the cbc ones) and
as mentioned before, I had to compiled a more recent version of libssl to support
the modern TLS variants.

Attached are the openssl binary and the libssl.so and libcrypto.so of openssl 1.0.1e.
They work on my streak and I get a clean https TLSv1.2 connection to the testserver.

Next step is, to modify core.jar again to get the modern GCM streaming methods
and SHA384 hashes.

Have a nice evening,
hunderteins
Attached Thumbnails
Click image for larger version

Name:	tlsv12.png
Views:	120
Size:	76.5 KB
ID:	2373552  
Attached Files
File Type: zip openssl-1.0.1e-armv7a.zip - [Click for QR Code] (767.2 KB, 42 views)
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes