Island: Add TODO about cryptography.fernet

This commit is contained in:
Mike Salvatore 2022-06-30 08:45:20 -04:00
parent 3d5d563164
commit ebaa68ad51
1 changed files with 4 additions and 0 deletions

View File

@ -27,6 +27,10 @@ class KeyBasedEncryptor(IEncryptor):
def __init__(self, key: bytes): def __init__(self, key: bytes):
self._key = key self._key = key
# TODO: Let's use cryptography.fernet. It's simpler for us and we're less likely to screw
# something up. The main drawback to fernet is that it uses AES-128, which is not
# quantum-safe. At the present time, human error is probably a greater risk than quantum
# computers.
def encrypt(self, plaintext: str) -> str: def encrypt(self, plaintext: str) -> str:
cipher_iv = Random.new().read(AES.block_size) cipher_iv = Random.new().read(AES.block_size)
cipher = AES.new(self._key, AES.MODE_CBC, cipher_iv) cipher = AES.new(self._key, AES.MODE_CBC, cipher_iv)