Closed ghost closed 4 years ago
We only need it if people using pypaseto need to read v1 tokens made by others, or generated v1 tokens because others can't use v2.
The biggest difference is that where we depend on pysodium for the libsodium functions (basically everything needed in v2), we have to use a different dependency or two to handle v1 for RSA and AES.
It would be nice if pypaseto could be pip installed successfully with support for v1 being determined at runtime instead of failing to install.
would pycryptodome be acceptable?
Pycryptodome would probably be a good choice. I haven't thoroughly examined all the options, but as long as it provides the crypto functions we need.
I'm closing this for now. If anyone comes up with a solid v1 PR, I'll be happy to get it added in!
Do we need version 1? Aren't both intents allowed by version 2?
Curious about the differences, as I'd like to help you write it, if we need it.