New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cryptobox review: signature scope #916

Open
oberstet opened this Issue Oct 3, 2017 · 0 comments

Comments

Projects
None yet
1 participant
@oberstet
Member

oberstet commented Oct 3, 2017

WAMP-cryptobox works by computing a signature over and encrypting a bytes serialization of the following:

payload = {
    u'uri': uri,
    u'args': args,
    u'kwargs': kwargs
}

However, the URI is the only WAMP metadata that is included and checked under the signature.

The design question is: is that signature scope (uri/args/kwargs) enough?

Are there other things besides uri/args/kwargs a receiving client would expect to be untampered under end-to-end encryption (by being part of the stuff that goes into signature)?

Essentially, everything not under the scope of the signature must be treated "untrusted" by the receiving peer. Any intermediary WAMP router between the sending and the receiving peer might have tampered with stuff not under the signature.


Implementation wise the main thing to check is: is the URI contained within the bytes under the signature (still) the same as the URI in the WAMP message envelope? If not, someone tampered with the URI, and this should be treated as "fatal".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment