Island: Add TODO about using secrets vs pycryptodome

2022-06-30 08:30:30 -04:00 · 2022-06-30 08:30:30 -04:00 · 3d5d563164
parent fe36f863b5
commit 3d5d563164
1 changed files with 1 additions and 0 deletions
--- a/monkey/monkey_island/cc/server_utils/encryption/data_store_encryptor.py
+++ b/monkey/monkey_island/cc/server_utils/encryption/data_store_encryptor.py
@ -37,6 +37,7 @@ class DataStoreEncryptor(IEncryptor):
        return KeyBasedEncryptor(plaintext_key)

    def _create_key(self) -> KeyBasedEncryptor:
+        # TODO: Can we just use secrets.token_bytes(DataStoreEncryptor._KEY_LENGTH_BYTES)?
        plaintext_key = Random.new().read(DataStoreEncryptor._KEY_LENGTH_BYTES)

        encrypted_key = self._password_based_encryptor.encrypt(plaintext_key)