Commit Graph

9226 Commits

Author SHA1 Message Date
Mike Salvatore fde69c7297 Island: Remove empty authentication subpackage 2022-07-20 14:52:22 -04:00
Mike Salvatore e93455031a
Merge pull request #2093 from guardicore/1965-credentials-report
1965 credentials report
2022-07-19 13:50:55 -04:00
Shreya Malviya d33d30824f
Merge pull request #2095 from guardicore/2047-replace-pycryptodome
Remove `pycryptodome`
2022-07-19 21:32:17 +05:30
Mike Salvatore 3794f735af Island: Remove unnecessary type from docstring in KeyBasedEncryptor 2022-07-19 09:50:34 -04:00
Mike Salvatore 061c002c94 Island: Remove protected self._formatted_key member 2022-07-19 09:49:31 -04:00
Mike Salvatore 9654e869a7 Island: Modify error messages in EncryptionKey32Bytes 2022-07-19 19:17:18 +05:30
Shreya Malviya 2e443f229a UT: Wrap encryption key with EncryptionKey32Bytes in test_key_based_encryptor.py 2022-07-19 19:17:18 +05:30
Shreya Malviya 37b8db6a6c Island: Wrap missed encryption key with EncryptionKey32Bytes in DataStoreEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya 6d6b7e8cba Island: Remove unneeded docstring fields in KeyBasedEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya a7b4bbbd52 Island: Rename variable in KeyBasedEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya 11aff1f7fe UT: Add tests for EncryptionKey32Bytes 2022-07-19 19:17:18 +05:30
Shreya Malviya 6000fdcaf1 Island: Check type of 'key' in EncryptionKey32Bytes 2022-07-19 19:17:18 +05:30
Shreya Malviya 74cb986e36 Island: Remove SizeError and use ValueError 2022-07-19 19:17:18 +05:30
Shreya Malviya 7f60fb4419 Island: Wrap encryption keys with EncryptionKey32Bytes in RepositoryEncryptor and DataStoreEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya 72222105d6 UT: Change key in test_key_based_encryptor.py (generated using secrets.token_bytes(32)) 2022-07-19 19:17:18 +05:30
Shreya Malviya 4d31e0d56e Island: Switch back to using secrets for encryption key generation instead of cryptography.fernet in DataStoreEncryptor and RepositoryEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya d022c65439 Island: Fix imports in encryption_key_types.py and key_based_encryptor.py 2022-07-19 19:17:18 +05:30
Shreya Malviya 80104381d7 Island: Use EncryptionKey32Bytes in KeyBasedEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya 4e755bbd2f Island: Move SizeError to its own file 2022-07-19 19:17:18 +05:30
Shreya Malviya 0111dea47f Island: Move EncryptionKey32Bytes to its own file 2022-07-19 19:17:18 +05:30
Shreya Malviya d55e7b1455 Island: Create custom type EncryptionKey32Bit 2022-07-19 19:17:18 +05:30
Shreya Malviya cbe842029a Island: Add details about what kind of key is acceptable in KeyBasedEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya bd1c788a4c Island: Add docstrings to KeyBasedEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya ca420b8afc UT: Modify test_key_based_encryptor so it doesn't rely on KeyBasedEncryptor._BLOCK_SIZE 2022-07-19 19:17:18 +05:30
Shreya Malviya 24a119eb81 Island: Remove ununsed _BLOCK_SIZE variable from KeyBasedEncryptor 2022-07-19 19:17:18 +05:30
Shreya Malviya 978057b289 Project: Remove pycryptodome as an Island dependency 2022-07-19 19:17:17 +05:30
Shreya Malviya 53e366a677 Island: Remove unused _KEY_LENGTH_BYTES variables from DataStoreEncryptor and RepositoryEncryptor 2022-07-19 14:51:58 +05:30
Shreya Malviya f8eeda1e6f Island: Use cryptography.fernet to generate key in DataStoreEncryptor
and RepositoryEncryptor

We changed our encryption code to use cryptography.fernet instead of
pycryptodome. Using secrets.token_bytes() with fernet was causing
padding and encoding issues. This is a quicker and easier solution, and
also probably more reliable since everything to do with encryption is
from the same module now.
2022-07-19 14:51:58 +05:30
Shreya Malviya 5eb77dcbb6 UT: Change key in test_key_based_encryptor.py to be URL safe (cryptography.fernet requires this) 2022-07-19 14:51:58 +05:30
Shreya Malviya f542c9d0a8 Island: Fix KeyBasedEncryptor's encrypt function's logic 2022-07-19 14:51:58 +05:30
Shreya Malviya 637926ed09 Island: Extract fernet_object to an object variable in KeyBasedEncryptor 2022-07-19 14:51:58 +05:30
Shreya Malviya 373d34dce6 Island: Use cryptography.fernet for encryption in KeyBasedEncryptor 2022-07-19 14:51:58 +05:30
Shreya Malviya c1449fb897 Island: Remove TODO comment about using cryptography.fernet 2022-07-19 14:51:58 +05:30
Shreya Malviya 09e57541cc Project: Update Island dependencies to add `cryptography` 2022-07-19 14:51:58 +05:30
Shreya Malviya c12e281e4e Island: Use secrets instead of Crypto (pycryptodome) in DataStoreEncryptor 2022-07-19 14:51:58 +05:30
Ilija Lazoroski cc021f33ff UI: Add note about removal of 'weak_password' issue 2022-07-19 10:15:22 +02:00
Ilija Lazoroski b3ec9e340f UI: Fix Credentials parsing to use simplified credentials object 2022-07-18 21:49:24 +02:00
Ilija Lazoroski 57f2c7e058 Island: Fix credentials formatting to use simplified credentials object 2022-07-18 21:48:47 +02:00
Ilija Lazoroski c56b38f695 UI: Add note in StolenPasswords component 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 67e67441c1 UI: Remove unused getCredenatislSecrets function 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 07b4956717 UI: Set stolen_creds issues in state 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 5e1adbb877 UI: Add formatting to StolenPasswordsComponent
This component was used in security and attack report with
two different sets of data. The first one is from the
credentials endpoint which needed formatting and the second
from the telemetry which was already formatted.
2022-07-18 21:23:17 +02:00
Ilija Lazoroski 27c0b838c4 Island: Fix one missed telemetry processor 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 474a26aeff UI: Fix StolenCredentials issue to add if we have any stolen credentials 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 5c765f85c2 UI: Add StolenCredentialsIssue to issues 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 35ed7f60c4 Island: Fix an import in initialize 2022-07-18 21:23:17 +02:00
Ilija Lazoroski c65439e049 UI: Remove WeakPassword issue
* We don't have the passwords used for exploiting the machines
  in the UI
* All it will be reworked
2022-07-18 21:23:17 +02:00
Ilija Lazoroski 1683265868 Island: Rename reporting/stolen_credentials.py to
reporting/format_credentials.py
2022-07-18 21:23:17 +02:00
Ilija Lazoroski 5ebf0ed8f6 Island: Remove StolenCredentials model 2022-07-18 21:23:17 +02:00
Ilija Lazoroski a24bdd43b8 Island: Move credentials parser hack to dirty_hacks function 2022-07-18 21:23:17 +02:00