Open Stack

Yes, what I'm trying to do is related to this spec.
https://review.openstack.org/#/c/391637/

The basic idea is this, I'd like to make sure that a message sent over
oslo.messaging is actually from the person that we expect that it is from.

So, to that end, I'd like to sign the message on the way out (before I make
the RPC call), and verify the signature when it is received. And with that,
and the understanding that the private keys are secured, I can rely on the
authenticity of the message (or in this case, the RPC call).

The signing side is easy; I can sign the arguments to the RPC call before I
make the RPC call. And I can intercept the arguments with a decorator on the
receiving side. My challenge now is to ensure that I have a deterministic
representation of the arguments on the calling and called side.

Now, if I could interest oslo.messaging to provide an interface into this,
life would be much easier because the message is a deterministic
representation. My issue in trying to do this one level up, in trove, is
that I don' t have access to the message.

Say, for example, I gave the call() or cast() call a callback method which
would be called with the 'msg' that was to be sent, then I could sign the
message and return the signature that oslo could then add to the message and
send along with the rpc call. And on the receiving side, if I provided the
Target with a callback that would construct the signature of a message, we
could do the same thing there.

The reason I asked my question was because I was attempting to solve the
problem in Trove; if on the other hand there's an interest in solving this
in oslo.messaging (I've added oslo and oslo-messaging to the subject line) I
would be happy to contribute the code that would do it similar to the review
you proposed.

Thanks!

-amrith

-----Original Message-----
From: gordon chung [mailto:gord at live.ca] 
Sent: Thursday, November 3, 2016 3:09 PM
To: openstack-dev at lists.openstack.org
Subject: Re: [openstack-dev] [all][dev][python] constructing a deterministic
representation of a python data structure



On 03/11/16 02:24 PM, Amrith Kumar wrote:

>
> So, just before calling call() or cast(), I could compute the hash and 
> stuff it into the dictionary that is being sent over, and I can do the 
> same on the receiving side. But since I cannot guarantee that the 
> representation on the receiving side is necessarily identical to the 
> representation on the sending side, I have issues computing the hash.
>
>

based on description, you're trying to sign the messages? there was some
effort done in oslo.messaging[1]

we do something similar in Ceilometer to sign IPC messages[2]. it does add
overhead though.

[1] https://review.openstack.org/#/c/205330/
[2]
https://github.com/openstack/ceilometer/blob/ffc9ee99c10ede988769907fdb0594a
512c890cd/ceilometer/publisher/utils.py#L43-L58

cheers,
--
gord

__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4805 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20161103/597a30cc/attachment.bin>