Use of multiple crypto libraries
exploide opened this issue · 1 comments
On dev
branch, requirements.txt
currently lists pycryptodome
as a dependency for AES encryption. Though, when running powerhub.py
, it errors out with ModuleNotFoundError: No module named 'Cryptodome'
.
This is because the package pycryptodome
actually makes available a module named Crypto
. The module Cryptodome
you use here is instead contained in a package named pycryptodomex
. So the entry in requirements.txt
should probably be fixed.
I also noticed, that PowerHub makes use of pyOpenSSL
for key and certificate handling.
The project page of pyOpenSSL
states:
Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where possible. If you are using pyOpenSSL for anything other than making a TLS connection you should move to cryptography and drop your pyOpenSSL dependency.
That cryptography
package is also already present, currently as a dependency of service_identity
.
So PowerHub currently has pycryptodome
/pycryptodomex
, pyOpenSSL
and cryptography
installed. I bet one of them is sufficient (probably cryptography
) but I haven't looked into the details.
twisted requires pyOpenSSL