diff --git a/monkey/monkey_island/cc/server_utils/encryption/data_store_encryptor.py b/monkey/monkey_island/cc/server_utils/encryption/data_store_encryptor.py index 9fecce939..bc5d44dd6 100644 --- a/monkey/monkey_island/cc/server_utils/encryption/data_store_encryptor.py +++ b/monkey/monkey_island/cc/server_utils/encryption/data_store_encryptor.py @@ -1,9 +1,8 @@ import os +import secrets from pathlib import Path from typing import Union -from cryptography.fernet import Fernet - from monkey_island.cc.server_utils.file_utils import open_new_securely_permissioned_file from .i_encryptor import IEncryptor @@ -36,7 +35,7 @@ class DataStoreEncryptor(IEncryptor): return KeyBasedEncryptor(plaintext_key) def _create_key(self) -> KeyBasedEncryptor: - plaintext_key = Fernet.generate_key() + plaintext_key = secrets.token_bytes(32) encrypted_key = self._password_based_encryptor.encrypt(plaintext_key) with open_new_securely_permissioned_file(str(self._key_file), "wb") as f: diff --git a/monkey/monkey_island/cc/server_utils/encryption/repository_encryptor.py b/monkey/monkey_island/cc/server_utils/encryption/repository_encryptor.py index ccc5403f1..3e73e6314 100644 --- a/monkey/monkey_island/cc/server_utils/encryption/repository_encryptor.py +++ b/monkey/monkey_island/cc/server_utils/encryption/repository_encryptor.py @@ -1,7 +1,6 @@ +import secrets from pathlib import Path -from cryptography.fernet import Fernet - from monkey_island.cc.server_utils.file_utils import open_new_securely_permissioned_file from . import ILockableEncryptor, LockedKeyError, ResetKeyError, UnlockError @@ -36,7 +35,7 @@ class RepositoryEncryptor(ILockableEncryptor): return KeyBasedEncryptor(plaintext_key) def _create_key(self) -> KeyBasedEncryptor: - plaintext_key = Fernet.generate_key() + plaintext_key = secrets.token_bytes(32) encrypted_key = self._password_based_encryptor.encrypt(plaintext_key) with open_new_securely_permissioned_file(str(self._key_file), "wb") as f: