search

Legrandin / pycryptodome

A self-contained cryptographic library for Python
https://www.pycryptodome.org
Other
2.74k stars 492 forks source link

Cryptodome in AWS lambda - Not found '_raw_ecb.cpython-311-x86_64-linux-gnu.so' #770

Open Jun711 opened 9 months ago

Jun711 commented 9 months ago

Question Where can I download some shared library files such as _raw_ecb.cpython-311-x86_64-linux-gnu.so?

Info I have an AWS lambda function which uses Crytodome with python 3.7 runtime. It is pycryptodomex-3.8.2 installed by another developer 4 years ago.

I tried upgrading it to python 3.11 but found out that it cannot find some library files such as _raw_ecb.cpython-311-x86_64-linux-gnu.so. Previously installed Cryptodome Cipher folder contains these python 3.7 so files.

Screen Shot 2023-09-29 at 12 04 07 PM

Attempt I have tried upgrading Cryptodome to the latest version 3.19.0 but I got the same error mesage

Error Message Current lambda is using this image: public.ecr.aws/lambda/python:3.11-rapid-x86_64 and this is the error message

[ERROR] OSError: Cannot load native module 'Cryptodome.Cipher._raw_ecb': 
Not found '_raw_ecb.cpython-311-x86_64-linux-gnu.so', 
Cannot load '_raw_ecb.abi3.so': /var/task/libs/Cryptodome/Util/../Cipher/_raw_ecb.abi3.so: invalid ELF header, 
No  File "/var/lang/lib/python3.11/importlib/__init__.py", line 126, 
in import_mod  File "/var/task/libs/Cryptodome/Util/_raw_api.py", line 315, in load_pycryptod    
raise OSError("Cannot load native module '%s': %s" % (name, ", ".join(attempts)))
Legrandin commented 9 months ago

Dependencies should be included in a Lambda zip file using pip as explained here: https://docs.aws.amazon.com/lambda/latest/dg/python-package.html . Have you tried that?

Jun711 commented 9 months ago

@Legrandin That is how I installed Cryptodome in the Lambda zip file. How do I pip install the other dependency library files like _raw_ecb.cpython-311-x86_64-linux-gnu.so?

Legrandin commented 9 months ago

Your problem (as indicated by the invalid ELF header message) is that you are building your lambda on an architecture which is not compatible with the runtime of the lambda.

That is the reason for the commands given in section "Working with built distributions (wheels)". More in general, it is better to build the lambda using the runtime itself.

Jun711 commented 9 months ago

@Legrandin I see. I don't custom build the lambda runtime, I use the default lambda runtime provided by AWS Can you give me those required wheel files?

mohammadn0man commented 5 months ago

For me changing the build environment where pip install is executing worked. └─ [~] Environment ├─ [~] .Image: │ ├─ [-] aws/codebuild/amazonlinux-aarch64-lambda-standard:python3.11 │ └─ [+] aws/codebuild/amazonlinux-x86_64-lambda-standard:python3.11 └─ [~] .Type: ├─ [-] ARM_LAMBDA_CONTAINER └─ [+] LINUX_LAMBDA_CONTAINER