Remove uploadkeys encryption features

It doesn't really make sense to encrypt the keys, but store the secret literally in the same directory. uploadkeys will now be stored in plaintext. The branch `legacy` has the old code from before this commit.
imgupload-py · Sep 4, 2020 · 565a91e · 565a91e
1 parent 3fcdaa2
commit 565a91e
Show file tree

Hide file tree

Showing 6 changed files with 4 additions and 133 deletions.
diff --git a/.gitignore b/.gitignore
@@ -134,4 +134,3 @@ savelog.log
 uwsgi.log
 settings.py
 functions.py
-secret.key
diff --git a/configtest.py b/configtest.py
@@ -10,7 +10,6 @@
     "SAVELOG": "savelog.log",
     "SAVELOG_CHMOD": "0o644",
     "SAVELOG_KEYPREFIX": 4,
-    "ENCKEY_PATH": "secret.key"
 }
 
 deftypes = {
@@ -20,7 +19,6 @@
     "SAVELOG": str,
     "SAVELOG_CHMOD": int,
     "SAVELOG_KEYPREFIX": int,
-    "ENCKEY_PATH": str,
 }
 
 
@@ -94,16 +92,6 @@
         print("[" + u"\u2713" + "] ROOTURL is good!")
 
 
-# Check if ENCKEY_PATH exists
-enckey_exists = True
-if "ENCKEY_PATH" in checksettings:
-    if not os.path.isfile(settings.ENCKEY_PATH):
-        enckey_exists = False
-        print("[!] The path set in ENCKEY_PATH ('{0}') doesn't exist!".format(settings.ENCKEY_PATH))
-    else:
-        print("[" + u"\u2713" + "] ENCKEY_PATH exists!")
-
-
 # Ask the user if SAVELOG is the intended filename
 if "SAVELOG" in checksettings:
     print("[*] SAVELOG was interpreted to be {0}".format(settings.SAVELOG))
@@ -136,10 +124,6 @@
     summarygood = False
     print("UPLOAD_FOLDER ({0}) does not exist!".format(settings.UPLOAD_FOLDER))
 
-if not enckey_exists:
-    summarygood = False
-    print("ENCKEY_PATH ({0}) does not exist!".format(settings.ENCKEY_PATH))
-
 if not rooturl_good:
     summarygood = False
     print("ROOTURL may cause issues!")

diff --git a/imgupload.py b/imgupload.py
@@ -34,20 +34,13 @@ def upload():
     if request.method == "POST":  # sanity check: make sure it's a POST request
         print("Request method was POST!")
 
-        with open(settings.ENCKEY_PATH,"rb") as enckey: # load encryption key
-            key = enckey.read()
-        f = Fernet(key)
-
-        with open("uploadkeys", "rb") as keyfile:
-            encrypted_data = keyfile.read()
-        decrypted_data = str(f.decrypt(encrypted_data).decode('utf-8'))
-        decrypted_data = decrypted_data.splitlines()
-
-        validkeys = [x.strip("\n") for x in decrypted_data]
+        with open("uploadkeys", "r") as keyfile:  # load valid keys
+            validkeys = keyfile.readlines()
+        validkeys = [x.strip("\n") for x in validkeys]
         while "" in validkeys:
             validkeys.remove("")
-            print("Removed blank key(s)")
         print("Loaded validkeys")
+
         if "uploadKey" in request.form:  # if an uploadKey was provided
             if request.form["uploadKey"] in validkeys:  # check if uploadKey is valid
                 print("Key is valid!")

diff --git a/keygen.py b/keygen.py
diff --git a/requirements.txt b/requirements.txt
@@ -1,3 +1,2 @@
 Flask_API==2.0
-cryptography==3.1
 Flask==1.1.2
diff --git a/settings.py.default b/settings.py.default
@@ -4,4 +4,3 @@ ROOTURL = "https://example.com/"
 SAVELOG = "savelog.log"
 SAVELOG_CHMOD = 0o644
 SAVELOG_KEYPREFIX = 4
-ENCKEY_PATH = "secret.key"