Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add an authenticating serializer #88

Merged
merged 1 commit into from
Aug 4, 2018
Merged

Add an authenticating serializer #88

merged 1 commit into from
Aug 4, 2018

Conversation

sebschrader
Copy link
Member

Although Celery already includes an authenticating serializer, it is not very
difficult to implement a serializer. The serializer included with Celery uses
X.509 certificates and OpenSSL, which is flexible, but complex.

This serializer uses a lightweight PKI scheme based on ed25519 and the
well-regarded libsodium library. All that needs to be done, is to generate a
secure random 32 byte sequence. The serializer has a single signing key and a
list of trusted verification keys.

Resolves #68

Although Celery already includes an authenticating serializer, it is not very
difficult to implement a serializer. The serializer included with Celery uses
X.509 certificates and OpenSSL, which is flexible, but complex.

This serializer uses a lightweight PKI scheme based on ed25519 and the
well-regarded libsodium library. All that needs to be done, is to generate a
secure random 32 byte sequence. The serializer has a single signing key and a
list of trusted verification keys.

Addresses #68
@sebschrader sebschrader added this to the 0.4 milestone Aug 4, 2018
@sebschrader sebschrader merged commit ce8763b into master Aug 4, 2018
s = ED25519Serializer(signing_key, verify_keys, serializer,
content_encoding)
kombu_register(name, s.serialize, s.deserialize, content_type,
content_encoding)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How precisely would this serializer be enabled? I don't see any config changes in this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants