[openstack-dev] [all][dev][python] constructing a deterministic representation of a python data structure
Clint Byrum
clint at fewbar.com
Thu Nov 3 22:04:27 UTC 2016
Excerpts from Amrith Kumar's message of 2016-11-03 20:50:01 +0000:
> Josh,
>
> I have the key management part figured out and in actuality I will be
> signing the messages.
>
> But step 1 is getting a deterministic representation and step 2 is hashing.
> Step 3 would be signing.
>
> So, steps 2 and 3 are all set; just need step 1 :) And I'm marveling at the
> link that Morgan provided, it may have what I need.
>
Please please please do not invent your own home rolled cryptographic
envelope!!
sender.py:
to_send = {
'fact': 'red is the best color'
}
payload = json.dumps(to_send)
message = gpg_sign(payload, key)
send_message(message)
receiver.py:
message = recv_message()
(payload, key) = gpg_verify_message(message)
if key not in trusted_keys:
raise Exception('Untrusted sender!')
operate_on_payload(payload)
With all due respect, any of us are almost guaranteed to screw it up
otherwise. Just use a thing known to work. There are plenty already.
More information about the OpenStack-dev
mailing list