Island: Use secrets instead of Crypto (pycryptodome) in DataStoreEncryptor

monkey/monkey_island/cc/server_utils/encryption/data_store_encryptor.py

@@ -1,9 +1,8 @@
 import os
+import secrets
 from pathlib import Path
 from typing import Union
 
-from Crypto import Random  # noqa: DUO133  # nosec: B413
-
 from monkey_island.cc.server_utils.file_utils import open_new_securely_permissioned_file
 
 from .i_encryptor import IEncryptor
@@ -38,8 +37,7 @@ class DataStoreEncryptor(IEncryptor):
         return KeyBasedEncryptor(plaintext_key)
 
     def _create_key(self) -> KeyBasedEncryptor:
-        # TODO: Can we just use secrets.token_bytes(DataStoreEncryptor._KEY_LENGTH_BYTES)?
-        plaintext_key = Random.new().read(DataStoreEncryptor._KEY_LENGTH_BYTES)
+        plaintext_key = secrets.token_bytes(DataStoreEncryptor._KEY_LENGTH_BYTES)
 
         encrypted_key = self._password_based_encryptor.encrypt(plaintext_key)
         with open_new_securely_permissioned_file(str(self._key_file), "wb") as f: