Pinging @anwarnunez @candytaco : it looks like pycryptodome is a drop-in replacement of pycrypto with support of recent python versions.

Thanks for the pull request @kroq-gar78 and thanks for pinging @mvdoc .

@kroq-gar78 : Apologies for my fuzzy memory but yes as far as I recall encryption functionality is tested automatically with a series of upload/downloads. However, I'm not sure there is an explicit test to decrypt a pre-existing object.

I'm curious as to the level of backwards compatibility here. Does it mean that existing arrays encrypted with pycrypto will be seemlessly decrypted with pycryptodome? We need to (1) perform this test and ideally (2) incorporate it as a unitest in order to proceed.

@kroq-gar78 Are you able to perform (1) on your end?
@candytaco (2) would require storing a known array (e.g. np.arange()) in the test bucket that persists across CI runs, with the object name being tagged with pycrypto and python versions. The unitest can then glob those objects and download+decrypt them. Would you or someone in the lab be able to take that on? I no longer have credentials.

Another option is to remove support for encryption but I'm not sure how disruptive that would be. It's not great that pycrypto is preventing cottoncandy installs in Python 3.11+.