Cryptography: [PyPy] No module named cryptography.hazmat.bindings._constant_time

Created on 21 Aug 2015  Â·  20Comments  Â·  Source: pyca/cryptography

With version 1.0, I get this exception when calling default_backend(), but only under PyPy.

The same code is fine in at least versions 0.9.2 and 0.9.3.

    backend=default_backend(),
.tox/pypy/site-packages/cryptography/hazmat/backends/__init__.py:40: in default_backend
    _default_backend = MultiBackend(_available_backends())
.tox/pypy/site-packages/cryptography/hazmat/backends/__init__.py:27: in _available_backends
    "cryptography.backends"
.tox/pypy/site-packages/pkg_resources/__init__.py:2361: in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
.tox/pypy/site-packages/cryptography/hazmat/backends/commoncrypto/__init__.py:7: in <module>
    from cryptography.hazmat.backends.commoncrypto.backend import backend
.tox/pypy/site-packages/cryptography/hazmat/backends/commoncrypto/backend.py:11: in <module>
    from cryptography.hazmat.backends.commoncrypto.ciphers import (
.tox/pypy/site-packages/cryptography/hazmat/backends/commoncrypto/ciphers.py:11: in <module>
    from cryptography.hazmat.primitives import ciphers, constant_time

Most helpful comment

I did this to solve this issue:
LDFLAGS="-L/usr/lib/x86_64-linux-gnu" pip install cryptography --no-use-wheel
this folder /usr/lib/x86_64-linux-gnu is the one containing the libssl libraries.

All 20 comments

You'll need to upgrade to PyPy 2.6 to use cryptography 1.0. We'll probably be doing a release to make this more obvious (by failing the install entirely) soon.

Duplicate of #2283.

(Master has this problem resolved BTW if you'd like to confirm that it refuses to install on your PyPy)

I'm running PyPy 2.6.1, cryptography 1.0.2 and I'm still getting this issue...

ERROR: Internal Server Error: /api/v1/payment_plan_instance/ 
Traceback (most recent call last):
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/django/core/handlers/base.py", line 111, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/django/db/transaction.py", line 394, in inner
    return func(*args, **kwargs)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/django/views/decorators/csrf.py", line 57, in wrapped_view
    return view_func(*args, **kwargs)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/tastypie/resources.py", line 201, in wrapper
    response = callback(request, *args, **kwargs)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/tastypie/resources.py", line 432, in dispatch_list
    return self.dispatch('list', request, **kwargs)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/tastypie/resources.py", line 464, in dispatch
    response = method(request, **kwargs)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/tastypie/resources.py", line 1340, in post_list
    updated_bundle = self.obj_create(bundle, **self.remove_api_resource_names(kwargs))
  File "/home/adamj/Development/SpringLab/Python/recomed/backend/recomed/api/payment_plan_resources.py", line 168, in obj_create
    self.__create_xero_contact(bundle)
  File "/home/adamj/Development/SpringLab/Python/recomed/backend/recomed/api/payment_plan_resources.py", line 113, in __create_xero_contact
    result = self.xero.contacts.put(contact_data)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/pyxero-0.8.0b3-py2.7.egg/xero/manager.py", line 192, in wrapper
    params=params, cert=cert, timeout=timeout)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/requests/api.py", line 122, in put
    return request('put', url, data=data, **kwargs)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/requests/api.py", line 50, in request
    response = session.request(method=method, url=url, **kwargs)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/requests/sessions.py", line 454, in request
    prep = self.prepare_request(req)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/requests/sessions.py", line 388, in prepare_request
    hooks=merge_hooks(request.hooks, self.hooks),
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/requests/models.py", line 297, in prepare
    self.prepare_auth(auth, url)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/requests/models.py", line 487, in prepare_auth
    r = auth(self)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/requests_oauthlib/oauth1_auth.py", line 79, in __call__
    unicode(r.url), unicode(r.method), r.body or '', r.headers)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/oauthlib/oauth1/rfc5849/__init__.py", line 313, in sign
    ('oauth_signature', self.get_oauth_signature(request)))
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/oauthlib/oauth1/rfc5849/__init__.py", line 150, in get_oauth_signature
    sig = self.SIGNATURE_METHODS[self.signature_method](base_string, self)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/oauthlib/oauth1/rfc5849/signature.py", line 505, in sign_rsa_sha1_with_client
    return sign_rsa_sha1(base_string, client.rsa_key)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/oauthlib/oauth1/rfc5849/signature.py", line 497, in sign_rsa_sha1
    key = _prepare_key_plus(alg, rsa_private_key)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/oauthlib/oauth1/rfc5849/signature.py", line 574, in _prepare_key_plus
    return alg.prepare_key(keystr)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/jwt/algorithms.py", line 167, in prepare_key
    key = load_pem_private_key(key, password=None, backend=default_backend())
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/cryptography/hazmat/backends/__init__.py", line 40, in default_backend
    _default_backend = MultiBackend(_available_backends())
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/cryptography/hazmat/backends/__init__.py", line 27, in _available_backends
    "cryptography.backends"
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/pkg_resources/__init__.py", line 2361, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/cryptography/hazmat/backends/openssl/__init__.py", line 7, in <module>
    from cryptography.hazmat.backends.openssl.backend import backend
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 26, in <module>
    from cryptography.hazmat.backends.openssl.cmac import _CMACContext
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/cryptography/hazmat/backends/openssl/cmac.py", line 12, in <module>
    from cryptography.hazmat.primitives import constant_time, interfaces
  File "/home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/cryptography/hazmat/primitives/constant_time.py", line 9, in <module>
    from cryptography.hazmat.bindings._constant_time import lib
ImportError: No module named cryptography.hazmat.bindings._constant_time

Could you give us the output of pip list and also the output of ls /home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/cryptography/hazmat/bindings/*.so

Sure, one sec:

pip list

alabaster (0.7.4)
amqp (1.4.6)
anyjson (0.3.3)
Babel (1.3)
backports.ssl-match-hostname (3.4.0.2)
beautifulsoup4 (4.3.2)
billiard (3.3.0.20)
blessings (1.6)
bpython (0.13.2)
celery (3.1.18)
certifi (2015.4.28)
cffi (1.1.0)
cryptography (1.0.2)
curtsies (0.1.19)
decorator (3.4.2)
Django (1.7.9)
django-ajax-selects (1.3.6)
django-bitfield (1.7.1)
django-jsonfield (0.9.13)
django-redis (3.8.4)
django-redis-cache (0.13.1)
django-simple-history (1.6.3)
django-tastypie (0.12.1)
django-tastypie-swagger (0.1.4, /home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/src/django-tastypie-swagger)
docutils (0.12)
ecdsa (0.11)
elasticsearch (1.4.0)
elasticutils (0.10.3)
enum34 (1.0.4)
Flask (0.10.1)
Flask-Assets (0.10)
Flask-Script (2.0.5)
Flask-SQLAlchemy (2.0)
Flask-WTF (0.12)
flatdict (1.2.0)
flower (0.8.2)
funkload (1.16.1)
futures (3.0.2)
greenlet (0.4.7)
html2text (2015.4.14)
idna (2.0)
inflection (0.3.1)
ipaddress (1.0.14)
itsdangerous (0.24)
jdcal (1.0)
Jinja2 (2.7.3)
kombu (3.0.26)
lockfile (0.10.2)
lxml (3.4.4)
Markdown (2.4.1)
MarkupSafe (0.23)
mimeparse (0.1.3)
mock (1.0.1)
nose (1.3.6)
oauthlib (1.0.3)
objgraph (2.0.0)
openpyxl (2.2.2)
Pillow (2.9.0)
pip (7.1.2)
profilehooks (1.8.0)
psycopg2cffi (2.7.2)
psycopg2ct (2.4.4)
pyasn1 (0.1.9)
Pycco (0.3.0)
pycparser (2.10)
pyelasticsearch (0.6)
Pygments (2.0.2)
PyJWT (1.4.0)
pyOpenSSL (0.15.1)
pyprof2calltree (1.3.2)
pystache (0.5.4)
python-creole (1.2.0)
python-dateutil (2.4.2)
python-memcached (1.53)
python-mimeparse (0.1.4)
pytz (2015.4)
pyxero (0.8.0b3)
PyYAML (3.11)
readline (6.2.4.1)
redis (2.10.3)
requests (2.8.1)
requests-oauthlib (0.5.0)
setuptools (18.4)
simplejson (3.6.5)
six (1.10.0)
slventures (20150812)
smartypants (1.8.5)
snowballstemmer (1.2.0)
South (1.0.2)
Sphinx (1.3.1)
sphinx-rtd-theme (0.1.8)
SQLAlchemy (1.0.4)
tcpwatch (1.3.1)
toolz (0.7.4)
tornado (4.1)
urllib3 (1.10.4)
uWSGI (2.0.10)
webassets (0.10.1)
webunit (1.3.10)
Werkzeug (0.10.4)
wheel (0.24.0)
WTForms (2.0.2)
xlrd (0.9.3)
Yapsy (1.9.2)

My venv is a little bloated :-/

The ls output:

(recomed-pypy-2.6.1-kubuntu) ✘ adamj@Harvester  ~/Development/SpringLab/Python/misc/common-python   development-issue-13  ls /home/adamj/Development/Tools/Python/VirtualEnv/x86_64/recomed-pypy-2.6.1-kubuntu/site-packages/cryptography/hazmat/bindings/    
commoncrypto  __init__.py  openssl  __pycache__

There don't seem to be any bindings there :-/

The version of cffi that comes with pypy 2.6.1 is versioned as 1.3.0, so something has overwritten it. cffi is not a traditional python module in pypy, so upgrading (or downgrading) it will break it. I'm unsure how to resolve that short of reinstalling pypy actually (you can't just use pip to install the right version in this case).

What on earth...argh. Probably some mess-up in my requirements file. I will remove cffi from that file and re-create the venv.

Hmmm, this is weird. I re-created my virtualenv and confirmed that it's using cffi 1.3.0 but this issue persists...

Just upgraded to PyPy 4.0 and created a new virtualenv. Still no cryptography bindings :-/

Updated to cryptography 1.1 and the bindings are no there!

Hi, this issue is still going on. I am having the same issue 1 years later. Is there any way to write a _constant_time that doesn't have to be compiled? I would view this as a huge improvement as it might be a huge stepping stone to getting this package working on AWS Lambda and Google App Engine.

I am having the same issue as well

I would appreciate it if this issue was opened again. I would be more than willing to aid in the discussion of how potentially we could fix or have a workaround instituted.

As far as I can tell there's nothing we can do here.

This issue was originally opened due to a problem where PyPy < 2.6.1 didn't support the minimum version of cryptography we required to run. At this time we run our CI against PyPy 2.6.1, 4.0.1, and 5.x so we know it compiles and links without issue when the requirements are present.

Subsequently this issue has since been discovered by users who are having trouble in environments where they may not be able to compile software or install new libraries. The error applies to far more than just the constant time module because everything in cryptography links against OpenSSL. GAE and Lambda apparently don't ship the libraries needed (libssl and libcrypto) so the only available workaround would probably be to build via manylinux1 (this is only a theory. I don't use those platforms so I can't confirm). We may ship a manylinux1 wheel in the future, but we'll have to solve the issue of discovery for platform trust roots before we can do that.

Couldn't we institute a workaround whereby a compiled _constant_time created in an environment like manylinux1 (or whatever environment is pertinent for GAE or Lambda) module was loaded depending on the platform the package was running on? I've been able to get other packages with compiled components to run somewhat by finding a compiled module that could be loaded with the package and placing it in the appropriate location upon trying to run.

I generally try to choose pure python packages, but inadvertently the "pure" package I was using ran on this package featuring compiled components.

I did this to solve this issue:
LDFLAGS="-L/usr/lib/x86_64-linux-gnu" pip install cryptography --no-use-wheel
this folder /usr/lib/x86_64-linux-gnu is the one containing the libssl libraries.

I am still getting this issue

It is the end of 2018 and I am still getting this issue.

I am still getting this issue too

This issue is years old and if you are seeing a similar error msg it is not caused by the same problem as the original issue described.

Please try the following: upgrade pip/virtualenv and install cryptography into a fresh virtualenv and see if the problem still occurs. If it does not, you have an issue with your python installation. If it does, please file a new issue against this repository providing details about operating system, python version, and anything else we will need to replicate the issue and we can debug it from there.

Was this page helpful?
0 / 5 - 0 ratings