diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2015-02-17 11:51:34 +1300 |
|---|---|---|
| committer | Volker Lendecke <vl@samba.org> | 2015-02-17 11:45:15 +0100 |
| commit | 76c7918e01205fb38534170e56fc68553c3abf79 (patch) | |
| tree | 81e0673d844ded4b3827d7b3b2c104e8601d09cb /lib | |
| parent | 41c4666a726d3fbe234bcb8b38bd24c62799598f (diff) | |
| download | samba-76c7918e01205fb38534170e56fc68553c3abf79.tar.gz samba-76c7918e01205fb38534170e56fc68553c3abf79.tar.xz samba-76c7918e01205fb38534170e56fc68553c3abf79.zip | |
lib/crypto: Document what crypto code is used for, and if GnuTLS supports it
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Feb 17 11:45:15 CET 2015 on sn-devel-104
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/crypto/REQUIREMENTS | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/lib/crypto/REQUIREMENTS b/lib/crypto/REQUIREMENTS new file mode 100644 index 0000000000..d0b175f68f --- /dev/null +++ b/lib/crypto/REQUIREMENTS @@ -0,0 +1,97 @@ +A list of the crypto operations that we require, and what uses them. + +This list is to allow research into using external crypto libraries. +Those possibly supported in the git version of GnuTLS are indicated as '# GNUTLS' + +ARCFOUR (RC4) + - the old SamOEMHash + - Password encryption on SAMR for password set/get + - NETLOGON SamLogon session keys + - Schannel + - genrate_random_data() + + # GNUTLS + +DES + - NTLM challenge-response + - LSA QuerySecret et al + - NETLOGON SamLogon session keys + - ServerGetTrustInfo returned passwords + - RID encryption of passwords + +3DES + - NETLOGON Credentials + +CRC32 + - DRSUAPI replication replicated secrets + +AES CFB8 + - SCHANNEL + - NETLOGON SamLogon session keys + +AES 128 + - SMB VFS traffic analyzer + +AES128 CCM + - SMB2 2.24 SMB encryption + # GNUTLS + +AES128 GCM + - SMB2 3.10 SMB encryption + # GNUTLS + +AES128 CMAC + - SMB2 0x224 SMB Signing + +MD4 + - NTLM password hash + - genrate_random_number() + +MD5 + - NTLM2 + - SCHANNEL + - NTLMSSP + - NETLOGON computer credentials + - DRSUAPI blob encryption + - SAMR/wkssvc password change/set encryption + - vfs_fruit + - vfs_streams_xattr + - passdb old password history format + - dsdb password_hash module + - SMB1 SMB signing + - NTP ntp_signd + + # GNUTLS + +HMAC-MD5 + - NTLMv2 + + # GNUTLS + +HMACSHA256 + - SMB2 < 2.24 SMB signing + - SMB2 Key derivation + + # GNUTLS + +HMACSHA1 + - BackupKey ServerWrap + + # GNUTLS + +SHA256 + - Security Descriptor hash for vfs_acl_xattr + - oLschema2ldif + + # GNUTLS + +SHA512 + - SMB2 Pre-auth integrity verification + - BackupKey ClientWrap + + # GNUTLS + +RSA + - BackupKey ClientWrap + + # GNUTLS |