As the PyCrypto website says [1]:
> PyCrypto 2.x is unmaintained, obsolete, and contains security
> vulnerabilities.
Therefore, switch to PyCryptodome, a maintained PyCrypto fork
which is listed there as the recommended alternative for
existing software that depends on PyCrypto.
Notes on the port:
1) As the PyCryptodome introduction documentation [2] says,
there are 2 alternative projects/namespaces that can be
used:
* pycryptodome, which uses the `Crypto` package
that PyCrypto also uses, so is almost a drop-in
replacement for Pycrypto
* pycryptodomex, which uses the `Cryptodome` package
It also mentions that the use of pycryptodome
"is therefore recommended only when you are
sure that the whole application is deployed in a virtualenv".
Since it isn't sure that the application is deployed in a
virtualenv, to make it more explicit that PyCryptodome
is being used and because Linux distros like Debian
package the `Cryptodome` package [3], the port is done to
the `pycryptodomex` library that uses the `Cryptodome`
package name.
2) As the "Compatibility with PyCrypto" page in the PyCryptodome
doc [4] says:
> The following packages, modules and functions have been removed:
>
> * Crypto.Random.OSRNG, Crypto.Util.winrandom and Crypto.Random.randpool.
> You should use Crypto.Random only.
The `PublicKey.RSA.generate` method already uses
`Crypto.Random.get_random_bytes()` as default [5],
so just drop the second parameter using `RandomPool.getBytes`
in `virtualsmartcard/src/vpicc/virtualsmartcard/cards/cryptoflex.py`.
[1] https://www.pycrypto.org/
[2] https://www.pycryptodome.org/src/introduction
[3] https://packages.debian.org/bullseye/python3-pycryptodome
[4] https://pycryptodome.readthedocs.io/en/latest/src/vs_pycrypto.html
[5] https://pycryptodome.readthedocs.io/en/latest/src/public_key/rsa.html
There is no longer an external (or stable) interface for libopensc.
Linking this program with an existing version of libopensc that is
pre-installed in the system library paths is not practical.
However, a specific snapshot of the OpenSC source code is embedded
here as a Git submodule (and included in the source distributions).
Build libopensc from this and statically link it into this program.
(Options such as '--enable-openpace' that are passed to ./configure
will be forwarded to control the build configuration of libopensc.)
Remove code that existed for compatibility when dynamically linking
with older versions of libopensc.
