add ClientHello Padding

Enable OpenSSL Option SSL_OP_TLSEXT_PADDING to produce same size packets while handshaking new orcon over TLS. Since Tor uses Padding of Packets to fixed size wherever possible too.

Before with random Length:

TLSv1.3 Record Layer: Handshake Protocol: Client Hello
   Content Type: Handshake (22)
   Version: TLS 1.0 (0x0301)
   Length: 308
   Handshake Protocol: Client Hello
...

After with enabled padding extension of up to 512 bytes filled:

TLSv1.3 Record Layer: Handshake Protocol: Client Hello
    Content Type: Handshake (22)
    Version: TLS 1.0 (0x0301)
    Length: 512
    Handshake Protocol: Client Hello
...
Extension: padding (len=186)
    Type: padding (21)
    Length: 183
    Padding Data: 000000000000000000000000000000000000000000000000000000000000000000000000…

Wireshark filter to check working:

tls.handshake.extension.type == 21

SSL_OP_TLSEXT_PADDING.patch

Edited Jan 11, 2022 by pseudonymisaTor

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information