SecureSerializer fails on certain types and binary serializers

[shirsa]

Checklist

• I have verified that the issue exists against the main branch of Celery.
• This has already been asked to the discussions forum first.
• I have read the relevant section in the
  contribution guide
  on reporting bugs.
• I have checked the issues list
  for similar or identical bug reports.
• I have checked the pull requests list
  for existing proposed fixes.
• I have checked the commit log
  to find out if the bug was already fixed in the main branch.
• I have included all related issues and possible duplicate issues
  in this issue (If there are none, check this box anyway).
• I have tried to reproduce the issue with pytest-celery and added the reproduction script below.

Mandatory Debugging Information

• I have included the output of celery -A proj report in the issue.
  (if you are not able to do this, then at least specify the Celery
  version affected).
• I have verified that the issue exists against the main branch of Celery.
• I have included the contents of pip freeze in the issue.
• I have included all the versions of all the external dependencies required
  to reproduce this bug.

Optional Debugging Information

• I have tried reproducing the issue on more than one Python version
  and/or implementation.
• I have tried reproducing the issue on more than one message broker and/or
  result backend.
• I have tried reproducing the issue on more than one version of the message
  broker and/or result backend.
• I have tried reproducing the issue on more than one operating system.
• I have tried reproducing the issue on more than one workers pool.
• I have tried reproducing the issue with autoscaling, retries,
  ETA/Countdown & rate limits disabled.
• I have tried reproducing the issue after downgrading
  and/or upgrading Celery and its dependencies.

Related Issues and Possible Duplicates

Related Issues

• None

Possible Duplicates

• None

Environment & Settings

Celery version:

celery report Output:

Steps to Reproduce

Required Dependencies

• Minimal Python Version: N/A or Unknown
• Minimal Celery Version: N/A or Unknown
• Minimal Kombu Version: N/A or Unknown
• Minimal Broker Version: N/A or Unknown
• Minimal Result Backend Version: N/A or Unknown
• Minimal OS and/or Kernel Version: N/A or Unknown
• Minimal Broker Client Version: N/A or Unknown
• Minimal Result Backend Client Version: N/A or Unknown

Python Packages

pip freeze Output:

Other Dependencies

N/A

Minimally Reproducible Test Case

app.conf.update(
    security_key='/private/keys/celery/private.key',
    security_certificate='/private/keys/celery/public.pem',
    security_cert_store='/private/keys/celery/*.pem')

app.setup_security()

@app.task
def serializer_test_task(arg: Any) -> Any:
    return arg

def test_serialize(data):
    res = serializer_test_task.delay(data)
    deserialized_value = res.get()
    assert deserialized_value == data

test_serialize(data=b"foo") # fails to validate signature

#############

app.setup_security(serializer="pickle")
test_serialize(data="foo") # fails to serialize any value using pickle serializer

Expected Behavior

Actual Behavior

There are several bugs in the SecureSerializer feature:

• When using the 'json' serializer (default), it will always fail to validate the signature if the passed value is of type 'bytes'
• When using the other binary serializer (and not a string-based serializer like 'json'), for example 'pickle', the serializer is completely broken.