Shreya Malviya
4d31e0d56e
Island: Switch back to using secrets for encryption key generation instead of cryptography.fernet in DataStoreEncryptor and RepositoryEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
d022c65439
Island: Fix imports in encryption_key_types.py and key_based_encryptor.py
2022-07-19 19:17:18 +05:30
Shreya Malviya
80104381d7
Island: Use EncryptionKey32Bytes in KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
4e755bbd2f
Island: Move SizeError to its own file
2022-07-19 19:17:18 +05:30
Shreya Malviya
0111dea47f
Island: Move EncryptionKey32Bytes to its own file
2022-07-19 19:17:18 +05:30
Shreya Malviya
d55e7b1455
Island: Create custom type EncryptionKey32Bit
2022-07-19 19:17:18 +05:30
Shreya Malviya
cbe842029a
Island: Add details about what kind of key is acceptable in KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
bd1c788a4c
Island: Add docstrings to KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
ca420b8afc
UT: Modify test_key_based_encryptor so it doesn't rely on KeyBasedEncryptor._BLOCK_SIZE
2022-07-19 19:17:18 +05:30
Shreya Malviya
24a119eb81
Island: Remove ununsed _BLOCK_SIZE variable from KeyBasedEncryptor
2022-07-19 19:17:18 +05:30
Shreya Malviya
978057b289
Project: Remove pycryptodome as an Island dependency
2022-07-19 19:17:17 +05:30
Shreya Malviya
53e366a677
Island: Remove unused _KEY_LENGTH_BYTES variables from DataStoreEncryptor and RepositoryEncryptor
2022-07-19 14:51:58 +05:30
Shreya Malviya
f8eeda1e6f
Island: Use cryptography.fernet to generate key in DataStoreEncryptor
...
and RepositoryEncryptor
We changed our encryption code to use cryptography.fernet instead of
pycryptodome. Using secrets.token_bytes() with fernet was causing
padding and encoding issues. This is a quicker and easier solution, and
also probably more reliable since everything to do with encryption is
from the same module now.
2022-07-19 14:51:58 +05:30
Shreya Malviya
5eb77dcbb6
UT: Change key in test_key_based_encryptor.py to be URL safe (cryptography.fernet requires this)
2022-07-19 14:51:58 +05:30
Shreya Malviya
f542c9d0a8
Island: Fix KeyBasedEncryptor's encrypt function's logic
2022-07-19 14:51:58 +05:30
Shreya Malviya
637926ed09
Island: Extract fernet_object to an object variable in KeyBasedEncryptor
2022-07-19 14:51:58 +05:30
Shreya Malviya
373d34dce6
Island: Use cryptography.fernet for encryption in KeyBasedEncryptor
2022-07-19 14:51:58 +05:30
Shreya Malviya
c1449fb897
Island: Remove TODO comment about using cryptography.fernet
2022-07-19 14:51:58 +05:30
Shreya Malviya
09e57541cc
Project: Update Island dependencies to add `cryptography`
2022-07-19 14:51:58 +05:30
Shreya Malviya
c12e281e4e
Island: Use secrets instead of Crypto (pycryptodome) in DataStoreEncryptor
2022-07-19 14:51:58 +05:30
ilija-lazoroski
7456ef6b05
Merge pull request #2100 from guardicore/2092-remove-single-tests
...
2092 remove single tests
2022-07-18 21:02:54 +02:00
Mike Salvatore
ea1dc930a1
BB: Remove "single_tests" subpackage
2022-07-18 13:08:29 -04:00
Mike Salvatore
cf45ae4c3e
BB: Remove "grouped" subpackage
2022-07-18 13:07:18 -04:00
Mike Salvatore
c1073bd1ea
BB: Remove unused "single_tests"
2022-07-18 13:06:00 -04:00
Mike Salvatore
70f3506317
BB: Remove test_blackbox_in_depth.py
2022-07-18 13:02:19 -04:00
Mike Salvatore
4e11ed2816
Merge pull request #2099 from guardicore/2072-credentials-store-fix
...
2072 credentials store fix
2022-07-18 11:07:38 -04:00
Mike Salvatore
dde3fd3476
UT: Parametrize test_get_credentials_from_store()
2022-07-18 10:30:52 -04:00
Mike Salvatore
ebc854735e
Agent: Use new Credentials objects in AggregatingCredentialsStore
2022-07-18 10:22:14 -04:00
Mike Salvatore
ef4fbb30cc
Agent: Use new credentials format in ControlChannel
2022-07-18 09:55:08 -04:00
Mike Salvatore
19a7bfd8e6
Merge pull request #2098 from guardicore/2072-simplify-credentials
...
2072 simplify credentials
2022-07-18 09:35:54 -04:00
Mike Salvatore
e5d3271b74
UT: Use Credentials.to_mapping() in test_credential_telem_send()
2022-07-18 09:23:21 -04:00
Mike Salvatore
068dbbe963
Agent: Extract methods to clean up AggregatingCredentialsStore
2022-07-18 09:14:51 -04:00
Mike Salvatore
7c920cced3
Agent: Fix identity logic in AggregatingCredentialsStore
2022-07-18 09:07:11 -04:00
Mike Salvatore
9edfe6979b
Agent: Capture secrets if missing username in SSHCredentialCollector
2022-07-18 08:53:36 -04:00
Mike Salvatore
d5a125d985
Agent: Capture username even if no secrets are associated
2022-07-18 08:46:07 -04:00
Mike Salvatore
c144ad9e64
Agent: Fix "new user" logic in MimikatzCredentialCollector
...
Neither Passwords nor hashes should be included for and users that
Infection Monkey creates.
2022-07-18 08:42:31 -04:00
Mike Salvatore
cb9f43d242
Agent: Fix type hint in MimikatzCredentialCollector
2022-07-18 08:27:32 -04:00
Mike Salvatore
302803b779
Agent: Improve variable names in MimikatzCredentialCollector
2022-07-18 08:27:08 -04:00
Mike Salvatore
acf12c2de1
Common: Simplify _make_credentials()
2022-07-18 08:14:01 -04:00
Mike Salvatore
9e7963afc0
Common: Simplify _serialize_credentials()
2022-07-18 08:13:09 -04:00
Ilija Lazoroski
575fff0cdb
Agent: Simplify credentials object in MimikatzCredentialCollector
2022-07-18 11:49:44 +02:00
Ilija Lazoroski
2cb6c60866
UT: Fix credentials intercepting telemetry messenger tests
2022-07-18 11:47:49 +02:00
Ilija Lazoroski
0f2fc0902f
Agent: Simplify credentials object in aggregating credentials store
2022-07-18 11:32:12 +02:00
Ilija Lazoroski
f421f42604
Agent: Simplify credentials in ssh credentials collector
2022-07-18 11:32:12 +02:00
Mike Salvatore
213b161d1a
Common: Fix type hints in credentials.py
2022-07-15 12:34:42 -04:00
Mike Salvatore
62ce91b59b
Common: Prevent invalid Credentials objects from being constructed
2022-07-15 12:19:12 -04:00
Mike Salvatore
19a720898e
Island: Handle encryption/decryption of None credential components
2022-07-15 11:36:07 -04:00
Mike Salvatore
2af713dabd
Common: Allow identities or secrets to be None
...
It's possible that credentials are stolen and an identity/secret
association can not be made. For example, a list of usernames can be
acquired by `ls /home`, but no passwords will be retrieved this way.
Credentials(identity=Username("username"), secret=None) will represent
this case.
2022-07-15 10:50:25 -04:00
Mike Salvatore
e3b23993fa
Common: Add type hints to dicts in credentials.py
2022-07-15 10:44:14 -04:00
Mike Salvatore
63731b8334
UT: Test identity/password combos in test_credentials.py
2022-07-15 10:44:14 -04:00