diff --git a/monkey/monkey_island/cc/server_utils/encryption/repository_encryptor.py b/monkey/monkey_island/cc/server_utils/encryption/repository_encryptor.py index 2c845fe43..d45c760d5 100644 --- a/monkey/monkey_island/cc/server_utils/encryption/repository_encryptor.py +++ b/monkey/monkey_island/cc/server_utils/encryption/repository_encryptor.py @@ -52,6 +52,9 @@ class RepositoryEncryptor(ILockableEncryptor): if self._key_file.is_file(): self._key_file.unlink() + self._password_based_encryptor = None + self._key_based_encryptor = None + def encrypt(self, plaintext: bytes) -> bytes: if self._key_based_encryptor is None: raise LockedKeyError("Cannot encrypt while the encryptor is locked)") diff --git a/monkey/tests/unit_tests/monkey_island/cc/server_utils/encryption/test_repository_encryptor.py b/monkey/tests/unit_tests/monkey_island/cc/server_utils/encryption/test_repository_encryptor.py index d1592219a..ff07efc5f 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/server_utils/encryption/test_repository_encryptor.py +++ b/monkey/tests/unit_tests/monkey_island/cc/server_utils/encryption/test_repository_encryptor.py @@ -99,6 +99,14 @@ def test_reset(encryptor, key_file): assert key_file_hash_1 != key_file_hash_2 +def test_encrypt_after_reset(encryptor, key_file): + encryptor.unlock(SECRET) + encryptor.reset_key() + + with pytest.raises(LockedKeyError): + encryptor.encrypt(PLAINTEXT) + + def test_reset_before_unlock(encryptor): # Test will fail if an exception is raised encryptor.reset_key()