Python &引用；errorMessage"；：&引用；不带编码的字符串参数"；，_Python_Aws Lambda_Amazon Dynamodb_Boto3_Aws Kms

Python &引用；errorMessage"；：&引用；不带编码的字符串参数"；，

python aws-lambda amazon-dynamodb

Python &引用；errorMessage"；：&引用；不带编码的字符串参数"；，,python,aws-lambda,amazon-dynamodb,boto3,aws-kms,Python,Aws Lambda,Amazon Dynamodb,Boto3,Aws Kms,我试图保存在DynamoDb中加密的密码字符串，我得到了这个错误答复： { "errorMessage": "string argument without an encoding", "errorType": "TypeError", "stackTrace": [ " File \"/var/task/lambda_function.py\", line 25, in lambda_handler\n encrypted_password = encrypt(s

我试图保存在DynamoDb中加密的密码字符串，我得到了这个错误

答复：

{
  "errorMessage": "string argument without an encoding",
  "errorType": "TypeError",
  "stackTrace": [
    "  File \"/var/task/lambda_function.py\", line 25, in lambda_handler\n    encrypted_password = encrypt(session, plain_text_password, key_alias)\n",
    "  File \"/var/task/lambda_function.py\", line 11, in encrypt\n    Plaintext=bytes(secret)\n"
  ]
}

这就是我试图使用的代码

import boto3
import base64
from botocore.exceptions import ClientError

def encrypt(session, secret, alias):
    client = session.client('kms')
    ciphertext = client.encrypt(
        KeyId=alias,
        Plaintext=bytes(secret)
    )
    return base64.b64encode(ciphertext["CiphertextBlob"])

def lambda_handler(event, context):

    plain_text_password = event['password']
    username = event['username']
    key_alias = 'alias/ProjectKey'
    table_name = 'Authentication'

    session = boto3.session.Session()
    table = boto3.resource('dynamodb').Table(table_name)

    encrypted_password = encrypt(session, plain_text_password, key_alias)
    print('ENCRYPTED STRING: ' + encrypted_password)

    item = {
        'username':username,
        'password':encrypted_password
    }

    #check if item with the username already exists; if so, update password; else create new item
    entry = table.get_item(TableName=table_name, Key={'username':username})

    # if an entry with that username already exists, then update its corresponding password
    if 'Item' in entry:
        print('Item found. Updating password.')
        print("entry['Item']" + str(entry['Item']))
        response = table.update_item(
            Key={
                'username': username
            },
            UpdateExpression="set password = :p",
            ExpressionAttributeValues={
                ':p': encrypted_password
            },
            ReturnValues="UPDATED_NEW"
        )
    else:
        #if an entry with that username doesn't already exist, then create it
        print('Adding new item to table.')
        table.put_item(Item=item)
        new_entry = table.get_item(TableName=table_name, Key={'username':username})
        if 'Item' in new_entry:
            print('A new item was inserted in the table.')
        else:
            print('Failed to insert new item in table')

    return 'Function succeeded!'

我尝试在Python2.7和Python3中运行，但没有成功。

我已经分别为Lambda和DB添加了Lambda完全访问和dynamodb完全访问角色，并为KMS提供了相同的管理权限和密钥使用权限。

您能否提供有关

密文[“CiphertextBlob”]

的更多信息（类型，…）

也许你只需要转换成字节，例如

base64.b64encode(bytes("yourstring", 'utf-8'))

或者以另一种方式

base64.b64encode(ciphertext["CiphertextBlob"].encode('utf-8'))

这实际上应该进行base64编码，base64.b64encode（ciphertext[“CiphertextBlob”]），如错误消息所示，在上面两行，您没有正确创建字节。我也尝试了这个returnValue=base64.b64encode（ciphertext[“CiphertextBlob”]）返回字节（returnValue，'utf8'）``这与那一行无关，上面两行（第11行）没有正确创建字节。这实际上对注释有效，我的错。非常感谢：）非常感谢，这也有帮助。我两个都试过了，这个有效：）请检查一下，