[PATCH] Encrypt secret attributes on disk

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] Encrypt secret attributes on disk

Samba - samba-technical mailing list
Patch set to encrypt the samba secret attributes on disk.  This is
intended to mitigate the inadvertent disclosure of the sam.ldb file, and
to mitigate memory read attacks.

Currently the key file is stored in the same directory as sam.ldb but
this could be changed at a later date to use an HSM or similar mechanism
to protect the key.

Data is encrypted with AES 128 GCM. The encryption uses gnutls where
available and if it supports AES 128 GCM AEAD modes, otherwise nettle is
used.

Review and push appreciated

Gary.

encrypted-secrets.patch.txt (152K) Download Attachment
signature.asc (484 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] Encrypt secret attributes on disk

Samba - samba-technical mailing list
On Fri, 2017-12-15 at 15:22 +1300, Gary Lockyer via samba-technical
wrote:

> Patch set to encrypt the samba secret attributes on disk.  This is
> intended to mitigate the inadvertent disclosure of the sam.ldb file, and
> to mitigate memory read attacks.
>
> Currently the key file is stored in the same directory as sam.ldb but
> this could be changed at a later date to use an HSM or similar mechanism
> to protect the key.
>
> Data is encrypted with AES 128 GCM. The encryption uses gnutls where
> available and if it supports AES 128 GCM AEAD modes, otherwise nettle is
> used.

Thanks Gary,

There are some interesting ways this could be extended, but this is a
really good start.  

Reviewed-by: Andrew Bartlett <[hidden email]>

I've pushed it to autobuild.

Andrew Bartlett
--
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba