python + 脚本在 /usr/lib64/python2.7 下的密码学失败
[英]python + script failed regarding to cryptography under /usr/lib64/python2.7
问题描述
I create the following python script
我创建以下 python 脚本
this python script will read the file /lpp/airflow/.sec/rmq_pass to var - pass_hash这个 python 脚本将读取文件/lpp/airflow/.sec/rmq_pass到 var - pass_hash
and will decrypt it to decrypted_pass并将其解密为decrypted_pass
more security_test.py
import sys
import os
import base64
from cryptography.fernet import Fernet
key_file = "/lpp/airflow/.sec/key"
rmq_pass_file = "/lpp/airflow/.sec/rmq_pass"
key = open(key_file, 'r')
f = Fernet(key.read())
pass_hash = open(rmq_pass_file, 'r')
#decrypting the password from "pass_file" file using the key from the "key_file".
decrypted_pass = f.decrypt(pass_hash.read())
ConnStr = "amqp://airflow:" + decrypted_pass + "@localhost:5672//"
when I run the script its failed on /usr/lib64/python2.7/site-packages/cryptography/fernet.py, or any under /usr/lib64/python2.7/site-packages/cryptography当我运行脚本时,它在 /usr/lib64/python2.7/site-packages/cryptography/fernet.py 或/usr/lib64/python2.7/site-packages/cryptography下的任何地方都失败了
we try to re-install the package cryptography, but this didn't help我们尝试重新安装 package 加密,但这没有帮助
and idea what is could be?和想法可能是什么?
python security_test.py
Traceback (most recent call last):
File "security_test.py", line 14, in <module>
decrypted_pass = f.decrypt(pass_hash.read())
File "/usr/lib64/python2.7/site-packages/cryptography/fernet.py", line 75, in decrypt
return self._decrypt_data(data, timestamp, ttl)
File "/usr/lib64/python2.7/site-packages/cryptography/fernet.py", line 117, in _decrypt_data
self._verify_signature(data)
File "/usr/lib64/python2.7/site-packages/cryptography/fernet.py", line 101, in _verify_signature
h = HMAC(self._signing_key, hashes.SHA256(), backend=self._backend)
File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/primitives/hmac.py", line 31, in __init__
self._ctx = self._backend.create_hmac_ctx(key, self.algorithm)
File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 207, in create_hmac_ctx
return _HMACContext(self, key, algorithm)
File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/hmac.py", line 34, in __init__
key_ptr = self._backend._ffi.from_buffer(key)
TypeError: from_buffer() cannot return the address of the raw string within a str or unicode or bytearray object
IMPORTANT NOTE - on other machine this script is working fine重要提示 - 在其他机器上这个脚本工作正常
what is the best way to resolve it?解决它的最佳方法是什么? by remove all modules and install them again?通过删除所有模块并重新安装它们? or by re-install python?或通过重新安装 python?
1 个解决方案
解决方案1
1 2020-05-29 01:25:26
If this was installed by pip , then this issue is due to having an out-of-date cffi package (I was able to reproduce this problem by force-installing cffi 1.5 in a virtualenv ).如果这是由pip安装的,则此问题是由于cffi package 过时(我能够通过在virtualenv中强制安装cffi 1.5 来重现此问题)。 Newer versions of cryptography require cffi >= 1.8 , but pip does not always resolve that properly (depending on a variety of other scenarios).较新版本的cryptography需要cffi >= 1.8 ,但pip并不总是能正确解决这个问题(取决于各种其他场景)。 You can pip install -U cffi to see if that resolves it, but in general you should strongly consider running Python code inside of a virtualenv and not installing packages into the global package space.您可以pip install -U cffi看看是否可以解决它,但通常您应该强烈考虑在virtualenv内运行 Python 代码,而不是将包安装到全局 ZEFE90A8E604A7C840E88D03AZ87 空间中。 The OS package manager assumes that it owns global packages and you can cause many issues with your install if you mix and match distribution packages with pip installs.操作系统 package 管理器假定它拥有全局包,如果您将分发包与pip安装混合和匹配,您可能会导致安装出现许多问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.