p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Island: Improve code quality of credentials encryption/decryption

This commit is contained in:
Mike Salvatore 2022-07-14 14:29:06 -04:00
parent add6ca3941
commit 0687b010ff
1 changed files with 9 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
monkey/monkey_island/cc/repository/mongo_credentials_repository.py
View File

@ -71,19 +71,16 @@ class MongoCredentialsRepository(ICredentialsRepository):
except Exception as err: except Exception as err:
raise StorageError(err) raise StorageError(err)
# NOTE: The encryption/decryption is complicated and also full of mostly duplicated code. Rather # TODO: If possible, implement the encryption/decryption as a decorator so it can be reused with
# than spend the effort to improve them now, we can revisit them when we resolve #2072.
# Resolving #2072 will make it easier to simplify these methods and remove duplication.
#
# If possible, implement the encryption/decryption as a decorator so it can be reused with
# different ICredentialsRepository implementations # different ICredentialsRepository implementations
def _encrypt_credentials_mapping(self, mapping: Mapping[str, Any]) -> Mapping[str, Any]: def _encrypt_credentials_mapping(self, mapping: Mapping[str, Any]) -> Mapping[str, Any]:
encrypted_mapping: Dict[str, Any] = {} encrypted_mapping: Dict[str, Any] = {}
for secret_or_identity, credentials_component in mapping.items(): for secret_or_identity, credentials_component in mapping.items():
encrypted_component = {} encrypted_component = {
for key, value in credentials_component.items(): key: self._repository_encryptor.encrypt(value.encode())
encrypted_component[key] = self._repository_encryptor.encrypt(value.encode()) for key, value in credentials_component.items()
}
encrypted_mapping[secret_or_identity] = encrypted_component encrypted_mapping[secret_or_identity] = encrypted_component
@ -93,10 +90,10 @@ class MongoCredentialsRepository(ICredentialsRepository):
decrypted_mapping: Dict[str, Any] = {} decrypted_mapping: Dict[str, Any] = {}
for secret_or_identity, credentials_component in mapping.items(): for secret_or_identity, credentials_component in mapping.items():
decrypted_mapping[secret_or_identity] = [] decrypted_component = {
decrypted_component = {} key: self._repository_encryptor.decrypt(value).decode()
for key, value in credentials_component.items(): for key, value in credentials_component.items()
decrypted_component[key] = self._repository_encryptor.decrypt(value).decode() }
decrypted_mapping[secret_or_identity] = decrypted_component decrypted_mapping[secret_or_identity] = decrypted_component