0

我正在尝试jwt.encode使用从 DynamoDB 中检索的私钥执行一条小请求消息。我的工作站是 Mac OS。

该代码在我的本地环境中工作,但当我尝试在 AWS lambda python3.7 环境中执行它时失败。有关如何解决此问题的任何建议?

{
  "errorMessage": "Invalid PKCS8 header",
  "errorType": "JWSError",
  "stackTrace": [
    "  File \"/var/task/lambda_function.py\", line 228, in lambda_handler\n    response = send_request(url, body=body)\n",
    "  File \"/var/task/lambda_function.py\", line 67, in send_request\n    token = _gen_jwt(private_key)\n",
    "  File \"/var/task/lambda_function.py\", line 52, in _gen_jwt\n    token = jwt.encode(payload, private_key, algorithm='RS256', headers=headers)\n",
    "  File \"/var/task/jose/jwt.py\", line 61, in encode\n    return jws.sign(claims, key, headers=headers, algorithm=algorithm)\n",
    "  File \"/var/task/jose/jws.py\", line 47, in sign\n    signed_output = _sign_header_and_claims(encoded_header, encoded_payload, algorithm, key)\n",
    "  File \"/var/task/jose/jws.py\", line 168, in _sign_header_and_claims\n    raise JWSError(e)\n"
  ]
}
4

1 回答 1

2

在我在 Linux 环境中重建我的 lambda 包并重新部署到 AWS Lambda 后,这个问题得到了解决。

我从 python3.7.4 创建了一个 docker 映像,并将包从容器内部署到 lambda。

此解决方案还解决了该问题:

ImportError: /var/task/cryptography/hazmat/bindings/_constant_time.so: invalid ELF header

根据https://github.com/pyca/cryptography/issues/3051

于 2019-08-22T14:22:08.877 回答