Made cryptography an optional dependency for pure-python deployments

pyproject.toml

@@ -52,12 +52,16 @@ dependencies    = [
     "typing-extensions>=4.0.1",
     "dataclasses>=0.8;python_version=='3.6'",
     "requests-toolbelt>=1.0.0",
-    "cryptography>=43.0.1",
     "gql>=3.5.0",
     "graphql-core>=3.2.3",
 ]
 
 
+[project.optional-dependencies]
+pkcs12          = ["cryptography>=43.0.1"]
+all             = ["pytenable[pkcs12]"]
+
+
 [project.urls]
 Homepage        = "https://pytenable.readthedocs.io"
 Repository      = "https://github.com/tenable/pytenable"
@@ -113,6 +117,7 @@ docstring-code-line-length = "dynamic"
 [tool.uv]
 dev-dependencies = [
     "bpython>=0.24",
+    "mock>=5.1.0",
     "pytest-cov>=4.1.0",
     "pytest-datafiles>=3.0.0",
     "pytest-vcr>=1.0.2",

tenable/sc/__init__.py

@@ -49,8 +49,6 @@
 from typing import Optional
 from semver import VersionInfo
 import tempfile
-import cryptography.hazmat.primitives.serialization.pkcs12
-from cryptography.hazmat.primitives import serialization
 from tenable.errors import APIError, ConnectionError
 from tenable.base.platform import APIPlatform
 from .accept_risks import AcceptRiskAPI
@@ -78,6 +76,12 @@
 from .system import SystemAPI
 from .users import UserAPI
 
+try:
+   import cryptography.hazmat.primitives.serialization.pkcs12
+   from cryptography.hazmat.primitives import serialization
+except ImportError:
+   serialization = None
+
 
 class TenableSC(APIPlatform):  # noqa PLR0904
     '''TenableSC API Wrapper
@@ -292,6 +296,15 @@ def _p12_auth(self, p12_cert, password):
         """
         PKCS12 Certificate Authentication
         """
+        if not serialization:
+            raise ModuleNotFoundError(
+                (
+                    'Cryptyography library is required for PKCS12 certificate usage. '
+                    'You can either install it with manually or install pytenable with '
+                    '"pytenable[pkcs12]" to install the optional dependencies.'
+                ),
+                name='cryptography',
+            )
         with open(p12_cert, 'rb') as fobj:
             key, cert, _ = serialization.pkcs12.load_key_and_certificates(
                 fobj.read(), password.encode()

tenable/sc/plugins.py

@@ -43,6 +43,19 @@ def _constructor(self, **kwargs):
             kwargs['value'] = self._check('filter:value', kwargs['filter'][2], str)
             del kwargs['filter']
 
+        #filters = kwargs.pop('filters', [])
+        #kwargs['filters'] = []
+        #for filter in filters:
+        #    if isinstance(filter, tuple):
+        #        kwargs['filters'].append({
+        #            'filterField': filter[0],
+        #            'filterOperator': filter[1],
+        #            'filterString': filter[2],
+        #        })
+        #    elif isinstance(filter, dict):
+        #        kwargs['filters'].append(filter)
+
+
         if 'sort_field' in kwargs:
             # convert the snake_cased variant of the parameter to the camelCased
             # variant that the API expects to see.

tenable/version.py

@@ -1,2 +1,2 @@
-version = '1.5.2'
+version = '1.5.3'
 version_info = tuple(int(d) for d in version.split("-")[0].split("."))

tests/sc/test___init__.py

@@ -2,10 +2,9 @@
 test file to test various scenarios in init.py
 '''
 import os
-
+import sys
 import pytest
 from requests.models import Response
-
 from requests.exceptions import ConnectionError as RequestsConnectionError
 from tenable.errors import ConnectionError
 from tenable.sc import TenableSC
@@ -84,3 +83,12 @@ def test_log_in(vcr):
     with vcr.use_cassette('sc_login_5_20_0'):
         tsc.login(access_key='access_key', secret_key='secret_key')
         assert tsc._auth_mech == 'keys'
+
+
+def test_pkcs12_import_error():
+    import tenable.sc
+    tenable.sc.serialization = None
+    with pytest.raises(ModuleNotFoundError):
+        sc = TenableSC(
+            url='http://something', p12_cert='something', password='something'
+        )