The road to removing Samba's internal copy of AES (and perhaps DES?)

Andrew Bartlett abartlet at
Mon Sep 2 02:03:57 UTC 2019


I wanted to write to update the list on where we at at with removing
cryptographic code from Samba.

We now absolutely rely on GnuTLS 3.4.7 or later, which has allowed use
to delete a great deal of such duplicate code.

We do still have AES code, for the AES CFB8 and CMAC functions.

These could probably be open-coded against raw AES routines from
GnuTLS, but for now I would rather not go down that route. 

The operating systems that do not supply that[1], in our CI system are:
 - CentOS7
 - Ubuntu 16.04
 - Ubuntu 18.04
 - Debian 9

By April 2020 we should have a new Ubuntu LTS, Debian 10 is already out
and CentOS8 will be available.  (And we already backport GnuTLS for
CentOS7 regardless). 

So I would propose we remove the fallback internal code after Ubuntu
20.04 is released, or discuss it earlier if we can get a newer backport
package for the above.  

On a related note, I plan to experiment with implementing our DES code
via GnuTLS using the CBC-DES cipher and an all-zero IV.  That may let
us remove that code as well, becoming essentially crypto-free and
therefore honouring FIPS mode correctly in all cases.  Do let me know
if you happen to experiment in this area so I don't double-up!


Andrew Bartlett

[1] configure shows:
No gnutls support for AES CFB8
No gnutls support for AES CMAC

Andrew Bartlett
Authentication Developer, Samba Team
Samba Development and Support, Catalyst IT

More information about the samba-technical mailing list