jmg
/
blog
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
The blog.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 Commits
1 Branch
4.6 MiB
 
 
 
 
Tree: 041eafaf6a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '041eafaf6a'
${ noResults }
blog/content/2017/09/adventures-in-autobahnwamp-...

101 lines
5.2 KiB
Raw Blame History 

  1. ---

  2. title: Adventures in Autobahn/WAMP Security

  3. description: >

  4.   Adventures in Autobahn/WAMP Security

  5. created: !!timestamp '2017-09-17'

  6. time: 12:21 PM

  7. tags:

  8.   - web

  9.   - WAMP

  10.   - security

  11. ---

  12. 

  13. ## Or how security continues to suck because: It's Hard and Someone Else's Problemâ„¢

  14. 

  15. For a personal project, I've decided to use WAMP to move some events and

  16. messages around between different components.  I decided on the AutoBahn

  17. libraries and Crossbar.io as the router.  I was already somewhat familiar

  18. w/ AutoBahn from previous work, and the Crossbar.io router seems to just

  19. work.  As a security person, I decided to evaluate how to make things as

  20. secure as possible.

  21. 

  22. First off,

  23. [my projects must be both authenticated and encrypted](https://twitter.com/encthenet/status/881596129573347328).

  24. WAMP does not appear to have it's own encryption layer, but it does have

  25. it's own authentication layer.  You really don't want to have to trust

  26. two different authentication layers<label for="sn-encauth"

  27. class="margin-toggle sidenote-number"></label><input type="checkbox"

  28. id="sn-encauth" class="margin-toggle"/><span class="sidenote"

  29. id="sn-encauth">The encryption layer must be authenticated, otherwise

  30. any attacker could MiTM the connection.  Most uses of TLS make use of

  31. the CA system for authentication (which has serious issues in trust),

  32. and most web apps add their own authentication layer on top of it (not

  33. using Basic Auth, or other scheme).  The issues w/ this is that if there

  34. is no binding between the two layers, the lower layer (application

  35. layer) cannot be sure that the upper layer has not been compromised.</span>,

  36. so being able to use

  37. [TLS Channel Bindings](https://tools.ietf.org/html/rfc5929) would be an

  38. improvement.  This would ensure that a strong authentication method in

  39. WAMP would ensure that the channel is properly encrypted.  I

  40. [received confirmation](https://twitter.com/crossbario/status/904690145907142656)

  41. from the Crossbar.io team that it was present.

  42. 

  43. Autobahn and Crossbar.io supports a number of

  44. [different authentication schemes](https://crossbar.io/docs/Authentication/).

  45. As I plan on putting this behind a reverse proxy (which I realize will

  46. have it's own issues w/ channel binding), I wanted the strongest security

  47. binding between my client and the server (and I'm a glutton for punishment

  48. for using unproven tech).  The only one that satisfies this requirement

  49. is WAMP-Cryptosign.

  50. 

  51. After I got basic functionality working to make sure things would be

  52. workable w/ this framework, I decided to start working on the

  53. authentication piece.  First problem I ran into was that the AutoBahn|JS

  54. library does not support TLS channel binding.  There is a good reason the

  55. library doesn't support it, and it's for a very bad reason.  There is

  56. no support in the browser [WebSocket API](https://www.w3.org/TR/websockets/)

  57. to query the channel binding information necessary.  The fact that

  58. WebSockets was standardized after Channel bindings were demonstrates that

  59. the people involved in standardizing the web do not take security

  60. seriously.  As usual, they assume that security is not their problem and

  61. leaves it up to someone else to solve (or at another layer).

  62. 

  63. Disappointed that I wouldn't be able to use channel bindings w/ the web

  64. client for this project (I still had the crappy CA authentication of TLS,

  65. so not all was lost), I moved forward w/ CryptoSign.  As has been

  66. demonstrated many times, the only way to get security baked in, is to

  67. make it as easy as possible to use.  I've been long familiar w/

  68. [Crypto Box](https://nacl.cr.yp.to/box.html) by djb (and used by the

  69. Autobahn libraries), and also the [noise protocol](http://noiseprotocol.org/)

  70. (which my friend Trevor created).  Both of these have goals of making

  71. it simple to let developers include security in their projects and not

  72. mess it up, resulting in a broken system.  As currently implemented,

  73. Autobahn's CryptoSign is most definitely not easy to use.

  74. 

  75. Though the documentation is decent, some examples are not present

  76. (`client_ssh_key.py` for example from

  77. [WAMP-cryptosign Static Authentication](https://github.com/crossbario/crossbar-examples/tree/master/authentication/cryptosign/static)).

  78. The

  79. [ApplicationRunner](http://autobahn.readthedocs.io/en/latest/wamp/programming.html#running-components)

  80. helper class does not document how to make use of authentication.  Though

  81. the static authentication page has examples, they make you write quite

  82. a bit of boiler plate.

  83. 

  84. Then even once you do that, you find out that the code doesn't even work

  85. on Python 2.7 and have to

  86. [fix it](https://github.com/crossbario/autobahn-python/pull/901) for

  87. them.  Hopefully the pull request (PR) will not be ignored because of the

  88. failing CI tests, because the current CI tests are problems with their

  89. CI environment, and not the PR.  For CI checks like this, it should only

  90. ding your PR on checks that are newly failing, and ignore any checks that

  91. were previously failing.  This isn't the first project that their CI

  92. environment was broken.

  93. 

  94. Even w/ the fixes in place, there is no documented method of extracting

  95. a public key from a generated ssh key.  I will be adding a method to

  96. print this out.

  97. 

  98. If I (who knows cryptography decently) have to fix and spend hours making

  99. this work, it's no wonder than everyone things that strong cryptography

  100. is hard.  It is hard, but it shouldn't be.