aboutsummaryrefslogtreecommitdiffstats
path: root/src/build-data/policy/modern.txt
blob: ac99f440d34c93d9abf350c1b25ec01729b89758 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

<required>
aes
serpent
threefish
chacha

sha2_32
sha2_64
blake2
skein
keccak

gcm
ocb
chacha20poly1305

kdf2
hkdf
cmac
hmac
poly1305
siphash

pbkdf2
bcrypt
compression

# required for private key encryption
pbes2

curve25519
ecdh
ecdsa
rsa
rfc6979

eme_oaep
emsa_pssr
emsa1

auto_rng
hmac_drbg

ffi
</required>

<if_available>
tls
prf_tls

clmul
locking_allocator

aes_ni
aes_ssse3
serpent_simd
threefish_avx2

simd

rdrand_rng
system_rng

# entropy sources
beos_stats
cryptoapi_rng
darwin_secrandom
dev_random
proc_walk
rdrand
rdseed
win32_stats
</if_available>

<prohibited>
cast
des
gost_28147
idea
idea_sse2
kasumi
lion
misty1
rc4
seed
xtea
xtea_simd

cbc_mac
x919_mac

# MD5 and SHA1 are broken but not prohibited. They are widely in use
# in non-crypto contexts and are required by TLS currently
md2
md4
rmd128
has160
gost_3411

cfb
ecb
ofb

elgamal
rw
nr
gost_3410

emsa_x931
pbkdf1
prf_x942
x931_rng

passhash9
cryptobox

# questionable entropy sources
egd
unix_procs
</prohibited>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 02:32:20 +0000