Encryptor doesn't work with UTF-8 characters

[VakarisZ]

Describe the bug

Datastore encryptor breaks when a UTF-8 character is encountered:

This is an important bug, because gathered credentials might contain unicode characters, user can't submit common passwords, for e.g. "slaptažodis" means password in Lithuanian and might be common in Lithuanian networks:

Tasks

• We should write unit tests that reproduce the issue and then swap out the padding functions with functions from Crypto.Util.Padding. (0d) - @shreyamalviya

[mssalvatore]

This is caused by incorrect assumptions in the padding function.

monkey/monkey/monkey_island/cc/server_utils/encryption/key_based_encryptor.py

Lines 40 to 47 in 96c525d

	# TODO: Review and evaluate the security of the padding function
	def _pad(self, message):
	return message + (self._BLOCK_SIZE - (len(message) % self._BLOCK_SIZE)) * chr(
	self._BLOCK_SIZE - (len(message) % self._BLOCK_SIZE)
	)
	def _unpad(self, message: str):
	return message[0 : -ord(message[len(message) - 1])]

The padding function uses len(message), but this assumes that all characters are 1 byte. Unicode characters can be more than 1 byte.

This is probably the solution:

We should write unit tests that reproduce the issue and then swap out the padding functions.