AdrianVollmer/PowerHub

Use of multiple crypto libraries

exploide opened this issue · 1 comments

On dev branch, requirements.txt currently lists pycryptodome as a dependency for AES encryption. Though, when running powerhub.py, it errors out with ModuleNotFoundError: No module named 'Cryptodome'.

This is because the package pycryptodome actually makes available a module named Crypto. The module Cryptodome you use here is instead contained in a package named pycryptodomex. So the entry in requirements.txt should probably be fixed.

I also noticed, that PowerHub makes use of pyOpenSSL for key and certificate handling.
The project page of pyOpenSSL states:

Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where possible. If you are using pyOpenSSL for anything other than making a TLS connection you should move to cryptography and drop your pyOpenSSL dependency.

That cryptography package is also already present, currently as a dependency of service_identity.

So PowerHub currently has pycryptodome/pycryptodomex, pyOpenSSL and cryptography installed. I bet one of them is sufficient (probably cryptography) but I haven't looked into the details.

twisted requires pyOpenSSL