Island: Modify ConfigurationImport and ConfigurationExport to work without PasswordBasedStringEncryptor

2022-06-27 12:07:58 -07:00 · 2022-06-27 12:07:58 -07:00 · 5c5ae5bb0d
parent 3c41bada56
commit 5c5ae5bb0d
2 changed files with 2 additions and 36 deletions
--- a/monkey/monkey_island/cc/resources/configuration_export.py
+++ b/monkey/monkey_island/cc/resources/configuration_export.py
@ -1,10 +1,5 @@
-import json
-
-from flask import request
-
 from monkey_island.cc.resources.AbstractResource import AbstractResource
 from monkey_island.cc.resources.request_authentication import jwt_required
-from monkey_island.cc.server_utils.encryption import PasswordBasedStringEncryptor
 from monkey_island.cc.services.config import ConfigService


@ -13,17 +8,8 @@ class ConfigurationExport(AbstractResource):

    @jwt_required
    def post(self):
-        data = json.loads(request.data)
-        should_encrypt = data["should_encrypt"]
-
        plaintext_config = ConfigService.get_config()

        config_export = plaintext_config
-        if should_encrypt:
-            password = data["password"]
-            plaintext_config = json.dumps(plaintext_config)

-            pb_encryptor = PasswordBasedStringEncryptor(password)
-            config_export = pb_encryptor.encrypt(plaintext_config)
-
-        return {"config_export": config_export, "encrypted": should_encrypt}
+        return {"config_export": config_export, "encrypted": False}
--- a/monkey/monkey_island/cc/resources/configuration_import.py
+++ b/monkey/monkey_island/cc/resources/configuration_import.py
@ -8,12 +8,7 @@ from flask import request
 from common.utils.exceptions import InvalidConfigurationError
 from monkey_island.cc.resources.AbstractResource import AbstractResource
 from monkey_island.cc.resources.request_authentication import jwt_required
-from monkey_island.cc.server_utils.encryption import (
-    InvalidCiphertextError,
-    InvalidCredentialsError,
-    PasswordBasedStringEncryptor,
-    is_encrypted,
-)
+from monkey_island.cc.server_utils.encryption import InvalidCiphertextError, InvalidCredentialsError
 from monkey_island.cc.services.config import ConfigService

 logger = logging.getLogger(__name__)
@ -75,9 +70,6 @@ class ConfigurationImport(AbstractResource):
    def _get_plaintext_config_from_request(request_contents: dict) -> dict:
        try:
            config = request_contents["config"]
-            if ConfigurationImport.is_config_encrypted(request_contents["config"]):
-                pb_encryptor = PasswordBasedStringEncryptor(request_contents["password"])
-                config = pb_encryptor.decrypt(config)
            return json.loads(config)
        except (JSONDecodeError, InvalidCiphertextError):
            logger.exception(
@ -89,15 +81,3 @@ class ConfigurationImport(AbstractResource):
    def import_config(config_json):
        if not ConfigService.update_config(config_json, should_encrypt=True):
            raise InvalidConfigurationError
-
-    @staticmethod
-    def is_config_encrypted(config: str):
-        try:
-            if config.startswith("{"):
-                return False
-            elif is_encrypted(config):
-                return True
-            else:
-                raise InvalidConfigurationError
-        except Exception:
-            raise InvalidConfigurationError