mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
42d5b06d7a
Holger Hetterich told me in a personal email that he does not have time to care about this project anymore and that he is fine to remove it from Samba. Why the removal? It contains homegrown crypto that would need to be thoroughly audited and/or fixed. And if it's neither maintained nor widely used I'd rather have it removed. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Nov 11 00:23:35 CET 2015 on sn-devel-104
116 lines
1.8 KiB
Plaintext
116 lines
1.8 KiB
Plaintext
A list of the crypto operations that we require, and what uses them.
|
|
|
|
This list is to allow research into using external crypto libraries.
|
|
Those possibly supported in the git version of GnuTLS are indicated as '# GNUTLS'
|
|
Those possibly supported in the git version of nettle are indicated as '# NETTLE'
|
|
|
|
ARCFOUR (RC4)
|
|
- the old SamOEMHash
|
|
- Password encryption on SAMR for password set/get
|
|
- NETLOGON SamLogon session keys
|
|
- Schannel
|
|
- genrate_random_data()
|
|
|
|
# GNUTLS
|
|
# NETTLE
|
|
|
|
DES
|
|
- NTLM challenge-response
|
|
- LSA QuerySecret et al
|
|
- NETLOGON SamLogon session keys
|
|
- ServerGetTrustInfo returned passwords
|
|
- RID encryption of passwords
|
|
|
|
# NETTLE
|
|
|
|
3DES
|
|
- NETLOGON Credentials
|
|
|
|
# NETTLE
|
|
|
|
CRC32
|
|
- DRSUAPI replication replicated secrets
|
|
|
|
AES CFB8
|
|
- SCHANNEL
|
|
- NETLOGON SamLogon session keys
|
|
|
|
# NETTLE (AES-NI available)
|
|
|
|
AES128 CCM
|
|
- SMB2 2.24 SMB encryption
|
|
|
|
# GNUTLS
|
|
# NETTLE (AES-NI available)
|
|
|
|
AES128 GCM
|
|
- SMB2 3.10 SMB encryption
|
|
|
|
# GNUTLS
|
|
# NETTLE (AES-NI available)
|
|
|
|
AES128 CMAC
|
|
- SMB2 0x224 SMB Signing
|
|
|
|
MD4
|
|
- NTLM password hash
|
|
- genrate_random_number()
|
|
|
|
# NETTLE
|
|
|
|
MD5
|
|
- NTLM2
|
|
- SCHANNEL
|
|
- NTLMSSP
|
|
- NETLOGON computer credentials
|
|
- DRSUAPI blob encryption
|
|
- SAMR/wkssvc password change/set encryption
|
|
- vfs_fruit
|
|
- vfs_streams_xattr
|
|
- passdb old password history format
|
|
- dsdb password_hash module
|
|
- SMB1 SMB signing
|
|
- NTP ntp_signd
|
|
|
|
# GNUTLS
|
|
# NETTLE
|
|
|
|
HMAC-MD5
|
|
- NTLMv2
|
|
|
|
# GNUTLS
|
|
# NETTLE
|
|
|
|
HMACSHA256
|
|
- SMB2 < 2.24 SMB signing
|
|
- SMB2 Key derivation
|
|
|
|
# GNUTLS
|
|
# NETTLE
|
|
|
|
HMACSHA1
|
|
- BackupKey ServerWrap
|
|
|
|
# GNUTLS
|
|
# NETTLE
|
|
|
|
SHA256
|
|
- Security Descriptor hash for vfs_acl_xattr
|
|
- oLschema2ldif
|
|
|
|
# GNUTLS
|
|
# NETTLE
|
|
|
|
SHA512
|
|
- SMB2 Pre-auth integrity verification
|
|
- BackupKey ClientWrap
|
|
|
|
# GNUTLS
|
|
# NETTLE
|
|
|
|
RSA
|
|
- BackupKey ClientWrap
|
|
|
|
# GNUTLS
|
|
# NETTLE
|