diff --git a/src/key/factory.js b/src/key/factory.js index 102f94f4f..1ab3806b5 100644 --- a/src/key/factory.js +++ b/src/key/factory.js @@ -191,10 +191,9 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) { ], config.aead_mode); } signaturePacket.preferredHashAlgorithms = createdPreferredAlgos([ - // prefer fast asm.js implementations (SHA-256). SHA-1 will not be secure much longer...move to bottom of list + // prefer fast asm.js implementations (SHA-256) enums.hash.sha256, - enums.hash.sha512, - enums.hash.sha1 + enums.hash.sha512 ], config.prefer_hash_algorithm); signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([ enums.compression.zlib, diff --git a/test/general/key.js b/test/general/key.js index fb53dd2c5..eed17a550 100644 --- a/test/general/key.js +++ b/test/general/key.js @@ -1981,7 +1981,7 @@ function versionSpecificTests() { expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.eax, aead.ocb]); } const hash = openpgp.enums.hash; - expect(key.users[0].selfCertifications[0].preferredHashAlgorithms).to.eql([hash.sha256, hash.sha512, hash.sha1]); + expect(key.users[0].selfCertifications[0].preferredHashAlgorithms).to.eql([hash.sha256, hash.sha512]); const compr = openpgp.enums.compression; expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zlib, compr.zip, compr.uncompressed]); @@ -2031,7 +2031,7 @@ function versionSpecificTests() { expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.experimental_gcm, aead.eax, aead.ocb]); } const hash = openpgp.enums.hash; - expect(key.users[0].selfCertifications[0].preferredHashAlgorithms).to.eql([hash.sha224, hash.sha256, hash.sha512, hash.sha1]); + expect(key.users[0].selfCertifications[0].preferredHashAlgorithms).to.eql([hash.sha224, hash.sha256, hash.sha512]); const compr = openpgp.enums.compression; expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zlib, compr.zip, compr.uncompressed]);