Add default key obfuscation

README.md

@@ -59,6 +59,7 @@ Works on x64 **Linux** , **NAS** solutions based on arm/arm64, **Windows** x64 a
     - Full permissions including destructive operations
   - Encrypted data viewing requires additional password
   - AES-256 keys can't be guessed in executables thanks to Nuitka Commercial compiler
+  - External AES-256 keys are obfuscated
 - Easy configuration via YAML file (or via GUI)
 - Remote automatic self upgrade capacity
   - Included upgrade server ready to run in production
@@ -236,6 +237,8 @@ We also compile our linux target on RHEL 7 in order to be compatible with reason
 arm and arm64 builds are compiled on Debian stretch for use with glibc > 2.24.
 Additionnaly, arm builds are compiled without GUI support since they're supposed to fit on smaller devices like NAS / Raspberries.
 
+On most Linux distributions, you might get your glibc version by running `find /usr -name "libc.so.6" -exec "{}" \;`
+
 ## Smart shield, antivirus and reputation
 
 Official binaries for Windows provided by NetInvent are signed with a certificate, allowing to gain trust and reputation in antivirus analysis.  

SECURITY.md

@@ -54,4 +54,8 @@ Also, when wrong password is entered, we should wait in order to reduce brute fo
 # NPF-SEC-00010: Date attacks
 
 When using retention policies, we need to make sure that current system date is good, in order to avoid wrong retention deletions.  
-When set, an external NTP server is used to get the offset. If offset is high enough (10 min), we avoid executing the retention policies.
+When set, an external NTP server is used to get the offset. If offset is high enough (10 min), we avoid executing the retention policies.
+
+# NPF-SEC-00011: Default AES key obfuscation
+
+Using obfuscation() symmetric function in order to not store the bare AES key.

npbackup/configuration.py

@@ -46,9 +46,12 @@ try:
     except ImportError:
         EARLIER_AES_KEY = None
 except ImportError:
+    # If no private keys are used, then let's use the public ones
     try:
         from npbackup.secret_keys import AES_KEY
+        from npbackup.obfuscation import obfuscation
 
+        AES_KEY = obfuscation(AES_KEY)
         IS_PRIV_BUILD = False
         try:
             from npbackup.secret_keys import EARLIER_AES_KEY

npbackup/key_management.py

@@ -8,6 +8,7 @@ __intname__ = "npbackup.get_key"
 
 import os
 from command_runner import command_runner
+from npbackup.obfuscation import obfuscation
 
 
 def get_aes_key():
@@ -32,4 +33,4 @@ def get_aes_key():
                 msg = f"Cannot run encryption key command: {output}"
                 return False, msg
             key = output
-    return key
+    return obfuscation(key)

npbackup/obfuscation.py

@@ -0,0 +1,20 @@
+#! /usr/bin/env python
+#  -*- coding: utf-8 -*-
+#
+# This file is part of npbackup
+
+__intname__ = "npbackup.obfuscation"
+
+
+# NPF-SEC-00011: Default AES key obfuscation
+
+
+def obfuscation(key: bytes) -> bytes:
+    """
+    Symmetric obfuscation of bytes
+    """
+    if key:
+        keyword = b"/*NPBackup 2024*/"
+        key_length = len(keyword)
+        return bytes(c ^ keyword[i % key_length] for i, c in enumerate(key))
+    return key