Excerpts from Amrith Kumar's message of 2016-11-03 20:50:01 +0000:
> Josh,
>
> I have the key management part figured out and in actuality I will be
> signing the messages.
>
> But step 1 is getting a deterministic representation and step 2 is hashing.
> Step 3 would be signing.
>
> So, steps 2 and 3 are all set; just need step 1 :) And I'm marveling at the
> link that Morgan provided, it may have what I need.
>
Please please please do not invent your own home rolled cryptographic
envelope!!
sender.py:
to_send = {
'fact': 'red is the best color'
}
payload = json.dumps(to_send)
message = gpg_sign(payload, key)
send_message(message)
receiver.py:
message = recv_message()
(payload, key) = gpg_verify_message(message)
if key not in trusted_keys:
raise Exception('Untrusted sender!')
operate_on_payload(payload)
With all due respect, any of us are almost guaranteed to screw it up
otherwise. Just use a thing known to work. There are plenty already.
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
