From an IRC discussion about why it doesn't work (pycryptopp), I decided to look at Cryptography and pynacl, and what uses pycryptopp in tahoe.
- ed25519 is supported by pynacl.
- AES is supported by Cryptography.
- RSA keys (in many formats) are supported by Cryptography.
- SHA256 hashes are supported by Cryptography.
Zooko mentioned that Cryptography has a hard dependency on OpenSSL (which he rightfully dislikes) but my unqualified self thinks that it might not be so bad. Worth a shot, maybe? I have (some) time on Tuesday's PyCon? AU sprint session to maybe take a hack on it, if the maintainers don't find the current-hard-dep on OpenSSL a dealbreaker.
