Mike Salvatore
061c002c94
Island: Remove protected self._formatted_key member
2022-07-19 09:49:31 -04:00
Mike Salvatore
9654e869a7
Island: Modify error messages in EncryptionKey32Bytes
2022-07-19 19:17:18 +05:30
Shreya Malviya
2e443f229a
UT: Wrap encryption key with EncryptionKey32Bytes in test_key_based_encryptor.py
2022-07-19 19:17:18 +05:30
Shreya Malviya
37b8db6a6c
Island: Wrap missed encryption key with EncryptionKey32Bytes in DataStoreEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
6d6b7e8cba
Island: Remove unneeded docstring fields in KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
a7b4bbbd52
Island: Rename variable in KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
11aff1f7fe
UT: Add tests for EncryptionKey32Bytes
2022-07-19 19:17:18 +05:30
Shreya Malviya
6000fdcaf1
Island: Check type of 'key' in EncryptionKey32Bytes
2022-07-19 19:17:18 +05:30
Shreya Malviya
74cb986e36
Island: Remove SizeError and use ValueError
2022-07-19 19:17:18 +05:30
Shreya Malviya
7f60fb4419
Island: Wrap encryption keys with EncryptionKey32Bytes in RepositoryEncryptor and DataStoreEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
72222105d6
UT: Change key in test_key_based_encryptor.py (generated using secrets.token_bytes(32))
2022-07-19 19:17:18 +05:30
Shreya Malviya
4d31e0d56e
Island: Switch back to using secrets for encryption key generation instead of cryptography.fernet in DataStoreEncryptor and RepositoryEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
d022c65439
Island: Fix imports in encryption_key_types.py and key_based_encryptor.py
2022-07-19 19:17:18 +05:30
Shreya Malviya
80104381d7
Island: Use EncryptionKey32Bytes in KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
4e755bbd2f
Island: Move SizeError to its own file
2022-07-19 19:17:18 +05:30
Shreya Malviya
0111dea47f
Island: Move EncryptionKey32Bytes to its own file
2022-07-19 19:17:18 +05:30
Shreya Malviya
d55e7b1455
Island: Create custom type EncryptionKey32Bit
2022-07-19 19:17:18 +05:30
Shreya Malviya
cbe842029a
Island: Add details about what kind of key is acceptable in KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
bd1c788a4c
Island: Add docstrings to KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
ca420b8afc
UT: Modify test_key_based_encryptor so it doesn't rely on KeyBasedEncryptor._BLOCK_SIZE
2022-07-19 19:17:18 +05:30
Shreya Malviya
24a119eb81
Island: Remove ununsed _BLOCK_SIZE variable from KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
978057b289
Project: Remove pycryptodome as an Island dependency
2022-07-19 19:17:17 +05:30
Mike Salvatore
3480b18e39
BB: Remove zerologon exploiter from depth_1_a_test_configuration
2022-07-19 09:00:51 -04:00
Mike Salvatore
4cd1c6bf3c
BB: Reorder some things in depth_1_a.py
2022-07-19 08:59:10 -04:00
Mike Salvatore
87363d3096
BB: Rename credentials -> CREDENTIALS
2022-07-19 08:57:19 -04:00
Mike Salvatore
707aa97a65
BB: Add TCP ports to depth_1_a_test_configuration
2022-07-19 08:47:57 -04:00
Mike Salvatore
189e2ad3d1
BB: Add HTTP ports to depth_1_a_test_configuration
2022-07-19 08:13:09 -04:00
Mike Salvatore
0c6764daf5
BB: Add add_http_ports()
2022-07-19 08:12:46 -04:00
Shreya Malviya
53e366a677
Island: Remove unused _KEY_LENGTH_BYTES variables from DataStoreEncryptor and RepositoryEncryptor
2022-07-19 14:51:58 +05:30
Shreya Malviya
f8eeda1e6f
Island: Use cryptography.fernet to generate key in DataStoreEncryptor
...
and RepositoryEncryptor
We changed our encryption code to use cryptography.fernet instead of
pycryptodome. Using secrets.token_bytes() with fernet was causing
padding and encoding issues. This is a quicker and easier solution, and
also probably more reliable since everything to do with encryption is
from the same module now.
2022-07-19 14:51:58 +05:30
Shreya Malviya
5eb77dcbb6
UT: Change key in test_key_based_encryptor.py to be URL safe (cryptography.fernet requires this)
2022-07-19 14:51:58 +05:30
Shreya Malviya
f542c9d0a8
Island: Fix KeyBasedEncryptor's encrypt function's logic
2022-07-19 14:51:58 +05:30
Shreya Malviya
637926ed09
Island: Extract fernet_object to an object variable in KeyBasedEncryptor
2022-07-19 14:51:58 +05:30
Shreya Malviya
373d34dce6
Island: Use cryptography.fernet for encryption in KeyBasedEncryptor
2022-07-19 14:51:58 +05:30
Shreya Malviya
c1449fb897
Island: Remove TODO comment about using cryptography.fernet
2022-07-19 14:51:58 +05:30
Shreya Malviya
09e57541cc
Project: Update Island dependencies to add `cryptography`
2022-07-19 14:51:58 +05:30
Shreya Malviya
c12e281e4e
Island: Use secrets instead of Crypto (pycryptodome) in DataStoreEncryptor
2022-07-19 14:51:58 +05:30
Ilija Lazoroski
cc021f33ff
UI: Add note about removal of 'weak_password' issue
2022-07-19 10:15:22 +02:00
Ilija Lazoroski
b3ec9e340f
UI: Fix Credentials parsing to use simplified credentials object
2022-07-18 21:49:24 +02:00
Ilija Lazoroski
57f2c7e058
Island: Fix credentials formatting to use simplified credentials object
2022-07-18 21:48:47 +02:00
Ilija Lazoroski
c56b38f695
UI: Add note in StolenPasswords component
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
67e67441c1
UI: Remove unused getCredenatislSecrets function
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
07b4956717
UI: Set stolen_creds issues in state
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
5e1adbb877
UI: Add formatting to StolenPasswordsComponent
...
This component was used in security and attack report with
two different sets of data. The first one is from the
credentials endpoint which needed formatting and the second
from the telemetry which was already formatted.
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
27c0b838c4
Island: Fix one missed telemetry processor
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
474a26aeff
UI: Fix StolenCredentials issue to add if we have any stolen credentials
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
5c765f85c2
UI: Add StolenCredentialsIssue to issues
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
35ed7f60c4
Island: Fix an import in initialize
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
c65439e049
UI: Remove WeakPassword issue
...
* We don't have the passwords used for exploiting the machines
in the UI
* All it will be reworked
2022-07-18 21:23:17 +02:00
Ilija Lazoroski
1683265868
Island: Rename reporting/stolen_credentials.py to
...
reporting/format_credentials.py
2022-07-18 21:23:17 +02:00