diff --git a/example.policy.toml b/example.policy.toml new file mode 100644 index 0000000..150bb9d --- /dev/null +++ b/example.policy.toml @@ -0,0 +1,51 @@ +[hash_algorithms] +md5.collision_resistance = "never" +md5.second_preimage_resistance = "never" +sha1.collision_resistance = "never" +sha1.second_preimage_resistance = "never" +ripemd160.collision_resistance = "never" +ripemd160.second_preimage_resistance = "never" +sha224.collision_resistance = "always" +sha224.second_preimage_resistance = "always" +sha256.collision_resistance = "always" +sha256.second_preimage_resistance = "always" +sha384.collision_resistance = "always" +sha384.second_preimage_resistance = "always" +sha512.collision_resistance = "always" +sha512.second_preimage_resistance = "always" +default_disposition = "never" + +[symmetric_algorithms] +idea = "never" +tripledes = "never" +cast5 = "never" +blowfish = "never" +aes128 = "always" +aes192 = "never" +aes256 = "always" +twofish = "never" +camellia128 = "never" +camellia192 = "never" +camellia256 = "never" +default_disposition = "never" + +[asymmetric_algorithms] +elgamal1024 = "never" +elgamal2048 = "never" +elgamal3072 = "never" +elgamal4096 = "never" +brainpoolp256 = "never" +brainpoolp512 = "never" +rsa1024 = "never" +rsa2048 = "always" +rsa3072 = "always" +rsa4096 = "always" +dsa1024 = "never" +dsa2048 = "never" +dsa3072 = "never" +dsa4096 = "never" +nistp256 = "always" +nistp384 = "always" +nistp521 = "always" +cv25519 = "always" +default_disposition = "never"