Ошибка расшифровки aws-encryption-sdk-python: «65 не является допустимой версией SerializationVersion» ⇐ Python

[Anonymous]

Я пытаюсь реализовать Cognito MFA с помощью электронной почты. Следуя документации здесь: https://docs.aws.amazon.com/cognito/lat ... ender.html
Я используя лямбда-выражение Python, которое запускается Cognito, когда пользователь вводит свой пароль пользователя+пароль. Однако при работе с библиотекой aws-encryption-sdk-python я получаю следующую ошибку:

Код: Выделить всё

Traceback (most recent call last):
File "/var/task/aws_encryption_sdk/internal/formatting/deserialize.py", line 87, in _verified_version_from_id
return SerializationVersion(version_id)
File "/var/lang/lib/python3.9/enum.py", line 384, in __call__
return cls.__new__(cls, value)
File "/var/lang/lib/python3.9/enum.py", line 702, in __new__
raise ve_exc
ValueError: 65 is not a valid SerializationVersion

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/var/task/aws_encryption_sdk/__init__.py", line 186, in decrypt
plaintext = decryptor.read()
File "/var/task/aws_encryption_sdk/streaming_client.py", line 250, in read
self._prep_message()
File "/var/task/aws_encryption_sdk/streaming_client.py", line 782, in _prep_message
self._header, self.header_auth = self._read_header()
File "/var/task/aws_encryption_sdk/streaming_client.py", line 797, in _read_header
header, raw_header = deserialize_header(self.source_stream, self.config.max_encrypted_data_keys)
File "/var/task/aws_encryption_sdk/internal/formatting/deserialize.py", line 336, in deserialize_header
version = _verified_version_from_id(version_id)
File "/var/task/aws_encryption_sdk/internal/formatting/deserialize.py", line 89, in _verified_version_from_id
raise NotSupportedError("Unsupported version
{}
".format(version_id), error)
aws_encryption_sdk.exceptions.NotSupportedError: ('Unsupported version 65', ValueError('65 is not a valid SerializationVersion'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/var/task/aws_encryption_sdk/streaming_client.py", line 218, in __exit__
self.close()
File "/var/task/aws_encryption_sdk/streaming_client.py", line 985, in close
raise SerializationError("Footer not read")
aws_encryption_sdk.exceptions.SerializationError: Footer not read

Я нигде не устанавливаю версию 65. Это мой код, и я уже проверил, что переменные env передаются правильно:

Код: Выделить всё

import os
import json
import boto3
from botocore.exceptions import ClientError
from common.utils import *
from common.sqlUtils import *
from common.authentication import *
from common.authorization import *
from common.exceptions import GeneralException
from sendgrid import SendGridAPIClient
from sendgrid.helpers.mail import Mail
import aws_encryption_sdk
from aws_encryption_sdk.identifiers import CommitmentPolicy

# Configure the encryption SDK client with the KMS key from the environment variables.
awsEncryptionSdkClient = aws_encryption_sdk.EncryptionSDKClient(
commitment_policy=CommitmentPolicy.REQUIRE_ENCRYPT_REQUIRE_DECRYPT
)
decryptionKeyArn = os.environ["cognitoCodeEncryptionKeyArn"]
kms_key_provider = aws_encryption_sdk.StrictAwsKmsMasterKeyProvider(
key_ids=[decryptionKeyArn]
)

def sendEmail(event, context):
try:
#TODO check if email is verified, user is confirmed, etc

plaintextCode = None
if "request" in event and "code" in event["request"]:
print("Line 35: ", event)
encryptedCode = event["request"]["code"]
print("encryptedCode: ", encryptedCode)
print("decryptionKeyArn ", decryptionKeyArn)
plaintextCode, plaintextHeader = awsEncryptionSdkClient.decrypt(
source=encryptedCode,
key_provider=kms_key_provider
)
print("plaintextCode:", plaintextCode)

subject = None
html_content = None
if plaintextCode is not None:
subject = 'Code'
html_content = f'[b]Your code is: {plaintextCode}[/b]'

message = Mail(
from_email='no-reply@mydomain.com',
to_emails=event["request"]["userAttributes"]["email"],
subject=subject,
html_content=html_content
)

sendgridSecret = getSecret(os.environ['cognitoSendgridSecretArn'])
if isJson(sendgridSecret):
sendgridSecret = json.loads(sendgridSecret)['SENDGRID_API_KEY']

sg = SendGridAPIClient(sendgridSecret)
response = sg.send(message)
print(response.status_code)
print(response.body)
print(response.headers)

#TODO check if email was sent successfully

return json_response({"sendgrid message": response})

except Exception as e:
httpCode = 500
if isinstance(e, GeneralException):
httpCode = e.httpCode
print(str(e))
return json_response({"message": str(e)}, httpCode)

Будем признательны за любые подсказки!

Подробнее здесь: https://stackoverflow.com/questions/787 ... ionversion