aes serpent threefish_512 chacha sha2_32 sha2_64 blake2 skein keccak sha3 gcm ocb chacha20poly1305 kdf2 hkdf cmac hmac poly1305 siphash pbkdf2 bcrypt # required for private key encryption pbes2 ed25519 curve25519 ecdh ecdsa rsa rfc6979 eme_oaep emsa_pssr emsa1 auto_rng hmac_drbg ffi tls prf_tls newhope ed25519 clmul clmul_ssse3 pmull locking_allocator http_util # needed by x509 for OCSP online checks aes_ni aes_ssse3 aes_armv8 aes_power8 serpent_simd serpent_avx2 threefish_512_avx2 chacha_simd32 chacha_avx2 sha1_sse2 sha1_x86 sha1_armv8 sha2_32_x86 sha2_32_armv8 sha2_32_bmi2 sha2_64_bmi2 sha3_bmi2 simd sessions_sql certstor_sql rdrand_rng system_rng # entropy sources dev_random proc_walk rdrand rdseed win32_stats # Just say no to TLS 1.0 tls_cbc cast128 cast256 des gost_28147 idea idea_sse2 kasumi lion misty1 rc4 seed xtea cbc_mac x919_mac # MD5 and SHA1 are broken but not prohibited. They are widely in use # in non-crypto contexts and are required by TLS currently md4 gost_3411 cfb ofb elgamal gost_3410 emsa_x931 pbkdf1 prf_x942 passhash9 cryptobox