Signing and encryption support for messages

Registered by Russell Bryant

Add signing and encryption for messages.

Blueprint information

Mark McLoughlin
Simo Sorce
Series goal:
Slow progress
Milestone target:
Started by
Mark McLoughlin

Related branches



Deferred until Icehouse -


Ongoing discussion here:


Current patches:


(historical notes)

Simo and I had some offline discussion about whether we can land this stuff before the keystone key-distribution-server blueprint is implemented.

Right now, the code has a "FIXME: fetch from server" which basically means the code can't be used right now. I don't think we should merge this code into Oslo until there's some way of testing it.

I suggested the idea of supporting multiple key distribution strategies and implementing a very hacky one to begin with - e.g. a SEK cache file (with the same permissions as secure_message_key file) which would contain an SEK for each peer pair. On the "key server" we'd have all the secret keys, a file which describes the peer relationships and a script to generate the SEK caches with a long TTL. These SEK caches could be distributed with e.g. scp or shared storage.

That might not be something we'd ever recommend people use in any sort of a production environment, but it could allow us to test the code paths in e.g. devstack or SmokeStack.

Simo's preference is to push forward with the keystone kds work and only fallback to a simpler, interim distribution strategy if the keystone work gets stalled.

Given all that, I'm moving this to the havana-2 milestone since havana-1 is two weeks away. -- markmc


As requested by ttx, I've set the status to Blocked pending progress on the kds side -- markmc


Unclear to me what's happening with KDS at this point, see -- @markmc


I adjusted the priority to medium, to reflect the fact that the key-distribution-server bp is only a medium priority item for keystone. -- dhellmann


Removed from icehouse from now - unless something changes dramatically, it's not going to make it -- @markmc

Gerrit topic:,topic:bp/trusted-messaging,n,z

Addressed by:
    Adds message security plugins

Addressed by:
    Add simple hmac adding and validating


Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.