| 1 | A list of the crypto operations that we require, and what uses them.
|
|---|
| 2 |
|
|---|
| 3 | This list is to allow research into using external crypto libraries.
|
|---|
| 4 | Those possibly supported in the git version of GnuTLS are indicated as '# GNUTLS'
|
|---|
| 5 | Those possibly supported in the git version of nettle are indicated as '# NETTLE'
|
|---|
| 6 |
|
|---|
| 7 | ARCFOUR (RC4)
|
|---|
| 8 | - the old SamOEMHash
|
|---|
| 9 | - Password encryption on SAMR for password set/get
|
|---|
| 10 | - NETLOGON SamLogon session keys
|
|---|
| 11 | - Schannel
|
|---|
| 12 | - genrate_random_data()
|
|---|
| 13 |
|
|---|
| 14 | # GNUTLS
|
|---|
| 15 | # NETTLE
|
|---|
| 16 |
|
|---|
| 17 | DES
|
|---|
| 18 | - NTLM challenge-response
|
|---|
| 19 | - LSA QuerySecret et al
|
|---|
| 20 | - NETLOGON SamLogon session keys
|
|---|
| 21 | - ServerGetTrustInfo returned passwords
|
|---|
| 22 | - RID encryption of passwords
|
|---|
| 23 |
|
|---|
| 24 | # NETTLE
|
|---|
| 25 |
|
|---|
| 26 | 3DES
|
|---|
| 27 | - NETLOGON Credentials
|
|---|
| 28 |
|
|---|
| 29 | # NETTLE
|
|---|
| 30 |
|
|---|
| 31 | CRC32
|
|---|
| 32 | - DRSUAPI replication replicated secrets
|
|---|
| 33 |
|
|---|
| 34 | AES CFB8
|
|---|
| 35 | - SCHANNEL
|
|---|
| 36 | - NETLOGON SamLogon session keys
|
|---|
| 37 |
|
|---|
| 38 | # NETTLE (AES-NI available)
|
|---|
| 39 |
|
|---|
| 40 | AES128 CCM
|
|---|
| 41 | - SMB2 2.24 SMB encryption
|
|---|
| 42 |
|
|---|
| 43 | # GNUTLS
|
|---|
| 44 | # NETTLE (AES-NI available)
|
|---|
| 45 |
|
|---|
| 46 | AES128 GCM
|
|---|
| 47 | - SMB2 3.10 SMB encryption
|
|---|
| 48 |
|
|---|
| 49 | # GNUTLS
|
|---|
| 50 | # NETTLE (AES-NI available)
|
|---|
| 51 |
|
|---|
| 52 | AES128 CMAC
|
|---|
| 53 | - SMB2 0x224 SMB Signing
|
|---|
| 54 |
|
|---|
| 55 | MD4
|
|---|
| 56 | - NTLM password hash
|
|---|
| 57 | - genrate_random_number()
|
|---|
| 58 |
|
|---|
| 59 | # NETTLE
|
|---|
| 60 |
|
|---|
| 61 | MD5
|
|---|
| 62 | - NTLM2
|
|---|
| 63 | - SCHANNEL
|
|---|
| 64 | - NTLMSSP
|
|---|
| 65 | - NETLOGON computer credentials
|
|---|
| 66 | - DRSUAPI blob encryption
|
|---|
| 67 | - SAMR/wkssvc password change/set encryption
|
|---|
| 68 | - vfs_fruit
|
|---|
| 69 | - vfs_streams_xattr
|
|---|
| 70 | - passdb old password history format
|
|---|
| 71 | - dsdb password_hash module
|
|---|
| 72 | - SMB1 SMB signing
|
|---|
| 73 | - NTP ntp_signd
|
|---|
| 74 |
|
|---|
| 75 | # GNUTLS
|
|---|
| 76 | # NETTLE
|
|---|
| 77 |
|
|---|
| 78 | HMAC-MD5
|
|---|
| 79 | - NTLMv2
|
|---|
| 80 |
|
|---|
| 81 | # GNUTLS
|
|---|
| 82 | # NETTLE
|
|---|
| 83 |
|
|---|
| 84 | HMACSHA256
|
|---|
| 85 | - SMB2 < 2.24 SMB signing
|
|---|
| 86 | - SMB2 Key derivation
|
|---|
| 87 |
|
|---|
| 88 | # GNUTLS
|
|---|
| 89 | # NETTLE
|
|---|
| 90 |
|
|---|
| 91 | HMACSHA1
|
|---|
| 92 | - BackupKey ServerWrap
|
|---|
| 93 |
|
|---|
| 94 | # GNUTLS
|
|---|
| 95 | # NETTLE
|
|---|
| 96 |
|
|---|
| 97 | SHA256
|
|---|
| 98 | - Security Descriptor hash for vfs_acl_xattr
|
|---|
| 99 | - oLschema2ldif
|
|---|
| 100 |
|
|---|
| 101 | # GNUTLS
|
|---|
| 102 | # NETTLE
|
|---|
| 103 |
|
|---|
| 104 | SHA512
|
|---|
| 105 | - SMB2 Pre-auth integrity verification
|
|---|
| 106 | - BackupKey ClientWrap
|
|---|
| 107 |
|
|---|
| 108 | # GNUTLS
|
|---|
| 109 | # NETTLE
|
|---|
| 110 |
|
|---|
| 111 | RSA
|
|---|
| 112 | - BackupKey ClientWrap
|
|---|
| 113 |
|
|---|
| 114 | # GNUTLS
|
|---|
| 115 | # NETTLE
|
|---|
