<required>
# block
aes

# modes
ccm
gcm
cbc
mode_pad

# stream
ctr

# hash
sha2_32
sha2_64
sha3

# mac
cmac
hmac
gmac

# kdf
kdf1_iso18033
sp800_108
sp800_56c

# pbkdf
argon2
argon2fmt

# pk_pad
eme_oaep
emsa_pssr
iso9796

# pubkey
dlies
dh
#dilithium // not (yet) recommended
#dilithium_aes // not (yet) recommended
rsa
dsa
ecdsa
ecgdsa
ecies
eckcdsa
ecdh
#kyber // not (yet) recommended
#kyber_90s // not (yet) recommended
xmss

# rng
auto_rng
hmac_drbg
</required>

<if_available>
# block
aes_ni
aes_vperm
aes_armv8
aes_power8

# modes
ghash_cpu
ghash_vperm

# hash
sha2_32_x86
sha2_32_armv8
sha2_32_bmi2
sha2_64_bmi2
keccak_perm_bmi2

# entropy sources
getentropy
rdseed
win32_stats

# pbkdf
argon2_avx2
argon2_ssse3

# rng
processor_rng
system_rng

# utils
http_util # needed by x509 for OCSP online checks
locking_allocator
simd
</if_available>

<prohibited>
# block
aria
blowfish
camellia
cascade
cast128
des
gost_28147
idea
idea_sse2
kuznyechik
lion
noekeon
noekeon_simd
seed
serpent
serpent_avx2
serpent_simd
shacal2
shacal2_armv8
shacal2_avx2
shacal2_simd
shacal2_x86
sm4
sm4_armv8
threefish_512
twofish

# modes
chacha20poly1305
eax
ocb
siv
cfb

# stream
chacha
chacha_simd32
chacha_avx2
ofb
rc4
salsa20
#shake_cipher # not recommended, but needed for kyber

# kdf
#hkdf // needed for tls 1.3
kdf1
kdf2
prf_x942
sp800_56a

# pubkey
x25519
x448
ec_h2c
ed25519
elgamal
gost_3410
mce
rfc6979
sm2

# pk_pad
#eme_pkcs1 // needed for tls
#emsa_pkcs1 // needed for tls
#eme_raw // allows custom paddings
emsa_raw
emsa_x931

# hash
#blake2 # not recommended, but needed for argon2
comb4p
gost_3411
md4
md5
rmd160
#shake # not recommended, but needed for kyber
skein
#sha1 // needed for x509
sm3
streebog
whirlpool
keccak

# rng
chacha_rng

# mac
blake2mac
poly1305
siphash
x919_mac

# passhash
bcrypt

</prohibited>
