Closed gfrlv closed 3 years ago
pyaes is, of course, less audited than Cryptography, if we needed it for something serious there would have been security issues to consider, but encryption of that mylogin.cnf
file is a joke anyway, we can just take whatever works.
Description
removed the Cryptography dependency in favor of pyaes. Cryptography was used in only one place: to decrypt the
mylogin.cnf
file.This is a first step towards #950: Cryptography is a pain to package because it relies on a lot of data files. It can be done, but either there will be a large useless memory footprint (those files need to be loaded into ram), or it will require a lot of hacking into the guts of Cryptography to get rid of the parts we don't need. I don't think it's worth the effort.
Checklist
changelog.md
.AUTHORS
file (or it's already there).