jmg
/
blog
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
The blog.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
101 Commits
1 Branch
4.6 MiB
 
 
 
 
Tree: ad2aa639c2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ad2aa639c2'
${ noResults }
blog/content/2017/09/adventures-in-autobahnwamp-...

102 lines
5.3 KiB
Raw Blame History 

  1. ---

  2. title: Adventures in Autobahn/WAMP Security

  3. description: >

  4.   Adventures in Autobahn/WAMP Security

  5. posted: !!timestamp '2017-09-17'

  6. created: !!timestamp '2017-09-17'

  7. time: 12:21 PM

  8. tags:

  9.   - web

  10.   - WAMP

  11.   - security

  12. ---

  13. 

  14. ## Or how security continues to suck because: It's Hard and Someone Else's Problemâ„¢

  15. 

  16. For a personal project, I've decided to use WAMP to move some events and

  17. messages around between different components.  I decided on the AutoBahn

  18. libraries and Crossbar.io as the router.  I was already somewhat familiar

  19. w/ AutoBahn from previous work, and the Crossbar.io router seems to just

  20. work.  As a security person, I decided to evaluate how to make things as

  21. secure as possible.

  22. 

  23. First off,

  24. [my projects must be both authenticated and encrypted](https://twitter.com/encthenet/status/881596129573347328).

  25. WAMP does not appear to have it's own encryption layer, but it does have

  26. it's own authentication layer.  You really don't want to have to trust

  27. two different authentication layers<label for="sn-encauth"

  28. class="margin-toggle sidenote-number"></label><input type="checkbox"

  29. id="sn-encauth" class="margin-toggle"/><span class="sidenote">The

  30. encryption layer must be authenticated, otherwise

  31. any attacker could MiTM the connection.  Most uses of TLS make use of

  32. the CA system for authentication (which has serious issues in trust),

  33. and most web apps add their own authentication layer on top of it (not

  34. using Basic Auth, or other scheme).  The issues w/ this is that if there

  35. is no binding between the two layers, the lower layer (application

  36. layer) cannot be sure that the upper layer has not been compromised.</span>,

  37. so being able to use

  38. [TLS Channel Bindings](https://tools.ietf.org/html/rfc5929) would be an

  39. improvement.  This would ensure that a strong authentication method in

  40. WAMP would ensure that the channel is properly encrypted.  I

  41. [received confirmation](https://twitter.com/crossbario/status/904690145907142656)

  42. from the Crossbar.io team that it was present.

  43. 

  44. Autobahn and Crossbar.io supports a number of

  45. [different authentication schemes](https://crossbar.io/docs/Authentication/).

  46. As I plan on putting this behind a reverse proxy (which I realize will

  47. have it's own issues w/ channel binding), I wanted the strongest security

  48. binding between my client and the server (and I'm a glutton for punishment

  49. for using unproven tech).  The only one that satisfies this requirement

  50. is WAMP-Cryptosign.

  51. 

  52. After I got basic functionality working to make sure things would be

  53. workable w/ this framework, I decided to start working on the

  54. authentication piece.  First problem I ran into was that the AutoBahn|JS

  55. library does not support TLS channel binding.  There is a good reason the

  56. library doesn't support it, and it's for a very bad reason.  There is

  57. no support in the browser [WebSocket API](https://www.w3.org/TR/websockets/)

  58. to query the channel binding information necessary.  The fact that

  59. WebSockets was standardized after Channel bindings were demonstrates that

  60. the people involved in standardizing the web do not take security

  61. seriously.  As usual, they assume that security is not their problem and

  62. leaves it up to someone else to solve (or at another layer).

  63. 

  64. Disappointed that I wouldn't be able to use channel bindings w/ the web

  65. client for this project (I still had the crappy CA authentication of TLS,

  66. so not all was lost), I moved forward w/ CryptoSign.  As has been

  67. demonstrated many times, the only way to get security baked in, is to

  68. make it as easy as possible to use.  I've been long familiar w/

  69. [Crypto Box](https://nacl.cr.yp.to/box.html) by djb (and used by the

  70. Autobahn libraries), and also the [noise protocol](https://noiseprotocol.org/)

  71. (which my friend Trevor created).  Both of these have goals of making

  72. it simple to let developers include security in their projects and not

  73. mess it up, resulting in a broken system.  As currently implemented,

  74. Autobahn's CryptoSign is most definitely not easy to use.

  75. 

  76. Though the documentation is decent, some examples are not present

  77. (`client_ssh_key.py` for example from

  78. [WAMP-cryptosign Static Authentication](https://github.com/crossbario/crossbar-examples/tree/master/authentication/cryptosign/static)).

  79. The

  80. [ApplicationRunner](https://autobahn.readthedocs.io/en/latest/wamp/programming.html#running-components)

  81. helper class does not document how to make use of authentication.  Though

  82. the static authentication page has examples, they make you write quite

  83. a bit of boiler plate.

  84. 

  85. Then even once you do that, you find out that the code doesn't even work

  86. on Python 2.7 and have to

  87. [fix it](https://github.com/crossbario/autobahn-python/pull/901) for

  88. them.  Hopefully the pull request (PR) will not be ignored because of the

  89. failing CI tests, because the current CI tests are problems with their

  90. CI environment, and not the PR.  For CI checks like this, it should only

  91. ding your PR on checks that are newly failing, and ignore any checks that

  92. were previously failing.  This isn't the first project that their CI

  93. environment was broken.

  94. 

  95. Even w/ the fixes in place, there is no documented method of extracting

  96. a public key from a generated ssh key.  I will be adding a method to

  97. print this out.

  98. 

  99. If I (who knows cryptography decently) have to fix and spend hours making

  100. this work, it's no wonder than everyone things that strong cryptography

  101. is hard.  It is hard, but it shouldn't be.