I create the following python script
this python script will read the file /lpp/airflow/.sec/rmq_pass to var - pass_hash
and will decrypt it to decrypted_pass
more security_test.py
import sys
import os
import base64
from cryptography.fernet import Fernet
key_file = "/lpp/airflow/.sec/key"
rmq_pass_file = "/lpp/airflow/.sec/rmq_pass"
key = open(key_file, 'r')
f = Fernet(key.read())
pass_hash = open(rmq_pass_file, 'r')
#decrypting the password from "pass_file" file using the key from the "key_file".
decrypted_pass = f.decrypt(pass_hash.read())
ConnStr = "amqp://airflow:" + decrypted_pass + "@localhost:5672//"
when I run the script
its failed on /usr/lib64/python2.7/site-packages/cryptography/fernet.py , or any under /usr/lib64/python2.7/site-packages/cryptography
we try to re-install the package cryptography , but this didn't help
and idea what is could be ?
python security_test.py
Traceback (most recent call last):
File "security_test.py", line 14, in <module>
decrypted_pass = f.decrypt(pass_hash.read())
File "/usr/lib64/python2.7/site-packages/cryptography/fernet.py", line 75, in decrypt
return self._decrypt_data(data, timestamp, ttl)
File "/usr/lib64/python2.7/site-packages/cryptography/fernet.py", line 117, in _decrypt_data
self._verify_signature(data)
File "/usr/lib64/python2.7/site-packages/cryptography/fernet.py", line 101, in _verify_signature
h = HMAC(self._signing_key, hashes.SHA256(), backend=self._backend)
File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/primitives/hmac.py", line 31, in __init__
self._ctx = self._backend.create_hmac_ctx(key, self.algorithm)
File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 207, in create_hmac_ctx
return _HMACContext(self, key, algorithm)
File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/hmac.py", line 34, in __init__
key_ptr = self._backend._ffi.from_buffer(key)
TypeError: from_buffer() cannot return the address of the raw string within a str or unicode or bytearray object
IMPORTANT NOTE - on other machine this script is working fine
what is the best way to resolve it ? by remove all modules and install them again ? or by re-install python ?
If this was installed by pip, then this issue is due to having an out-of-date cffi package (I was able to reproduce this problem by force-installing cffi 1.5 in a virtualenv). Newer versions of cryptography require cffi >= 1.8, but pip does not always resolve that properly (depending on a variety of other scenarios). You can pip install -U cffi to see if that resolves it, but in general you should strongly consider running Python code inside of a virtualenv and not installing packages into the global package space. The OS package manager assumes that it owns global packages and you can cause many issues with your install if you mix and match distribution packages with pip installs.