Python 3.x TypeError:参数应该是类似对象或ASCII字符串的字节,而不是';二进制';
我试图用用户名和保存的加密密码验证用户,第一个lambda函数给出了一个错误,因为类型不应该是二进制的,但是在第二个lambda函数中,我用来保存用户名和密码的详细信息,如果我尝试解密相同的内容,则会出现错误。我在两个函数中传递相同的参数,但是一个在工作,另一个不工作,这两个函数都在访问同一个dynamoDB表。 我不知道如何检查“secret”支持哪种数据类型,正如它所说的错误,比如字节或ASCII字符串。加密后的密码将以二进制形式保存在由函数自动创建的表中,类型未手动定义 我尝试导入binascii并转换“password_from_table=binascii.b2a_base64(password_from_table)”,结果出现以下错误Python 3.x TypeError:参数应该是类似对象或ASCII字符串的字节,而不是';二进制';,python-3.x,aws-lambda,amazon-dynamodb,boto3,aws-kms,Python 3.x,Aws Lambda,Amazon Dynamodb,Boto3,Aws Kms,我试图用用户名和保存的加密密码验证用户,第一个lambda函数给出了一个错误,因为类型不应该是二进制的,但是在第二个lambda函数中,我用来保存用户名和密码的详细信息,如果我尝试解密相同的内容,则会出现错误。我在两个函数中传递相同的参数,但是一个在工作,另一个不工作,这两个函数都在访问同一个dynamoDB表。 我不知道如何检查“secret”支持哪种数据类型,正如它所说的错误,比如字节或ASCII字符串。加密后的密码将以二进制形式保存在由函数自动创建的表中,类型未手动定义 我尝试导入bina
Response:
{
"errorMessage": "a bytes-like object is required, not 'Binary'",
"errorType": "TypeError",
"stackTrace": [
" File \"/var/task/lambda_function.py\", line 37, in lambda_handler\n password_from_table = binascii.b2a_base64(password_from_table)\n"
]
}
import boto3
import base64
from boto3.dynamodb.conditions import Key, Attr
def decrypt(session, secret):
client = session.client('kms')
plaintext = client.decrypt(
CiphertextBlob=(base64.b64decode(secret))
)
return plaintext["Plaintext"]
def lambda_handler(event, context):
session = boto3.session.Session()
dynamodb = boto3.resource('dynamodb')
authentication_table_name = 'Authorization'
#authorization_table = dynamodb.Table('GE_redo_authorization')
authentication_table = dynamodb.Table(authentication_table_name)
password = event['password']
username = event['username']
# Authenticate user with encrypted DDB
entry = authentication_table.get_item(TableName=authentication_table_name, Key={'username':username})
if 'Item' in entry:
password_from_table = entry['Item']['password']
decrypted_password_from_table = decrypt(session,password_from_table)
decrypted_password_from_table = decrypted_password_from_table.decode('utf-8')
if password == decrypted_password_from_table:
return 'Correct password'
else:
return 'Incorrect password'
else:
return 'Invalid User'
Response:
{
"errorMessage": "argument should be a bytes-like object or ASCII string, not 'Binary'",
"errorType": "TypeError",
"stackTrace": [
" File \"/var/task/lambda_function.py\", line 36, in lambda_handler\n decrypted_password_from_table = decrypt(session,password_from_table)\n",
" File \"/var/task/lambda_function.py\", line 10, in decrypt\n CiphertextBlob=(base64.b64decode(secret))\n",
" File \"/var/lang/lib/python3.8/base64.py\", line 80, in b64decode\n s = _bytes_from_decode_data(s)\n",
" File \"/var/lang/lib/python3.8/base64.py\", line 45, in _bytes_from_decode_data\n raise TypeError(\"argument should be a bytes-like object or ASCII \"\n"
]
}
import boto3
import base64
from botocore.exceptions import ClientError
def encrypt(session, secret, alias):
client = session.client('kms')
ciphertext = client.encrypt(
KeyId=alias,
Plaintext=(secret),
)
return base64.b64encode(ciphertext["CiphertextBlob"])
def lambda_handler(event, context):
plain_text_password = event['password']
username = event['username']
key_alias = 'alias/ProjectKey'
table_name = 'Authorization'
session = boto3.session.Session()
table = boto3.resource('dynamodb').Table(table_name)
encrypted_password = encrypt(session, plain_text_password, key_alias)
decrypted_password = decrypt(session, encrypted_password)
item = {
'username':username,
'password':encrypted_password
}
#check if item with the username already exists; if so, update password; else create new item
entry = table.get_item(TableName=table_name, Key={'username':username})
# if an entry with that username already exists, then update its corresponding password
if 'Item' in entry:
print("entry['Item']" + str(entry['Item']))
response = table.update_item(
Key={
'username': username
},
UpdateExpression="set password = :p",
ExpressionAttributeValues={
':p': encrypted_password
},
ReturnValues="UPDATED_NEW"
)
else:
#if an entry with that username doesn't already exist, then create it
table.put_item(Item=item)
new_entry = table.get_item(TableName=table_name, Key={'username':username})
decrypted_password = decrypt(session, encrypted_password)
return decrypted_password
def decrypt(session, secret):
client = session.client('kms')
plaintext = client.decrypt(
CiphertextBlob=(base64.b64decode(secret))
)
return plaintext["Plaintext"]
Response:
"password"