From 7ccd6549c4c4bd4ad9a9dae5d25e2dfdd7d7746a Mon Sep 17 00:00:00 2001
From: larabr <7375870+larabr@users.noreply.github.com>
Date: Thu, 26 Mar 2020 18:03:02 +0100
Subject: [PATCH] Remove 3DES and CAST5 from default preferred symmetric
 algorithms (#1068)

---
 src/key/factory.js  | 4 +---
 test/general/key.js | 4 ++--
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/key/factory.js b/src/key/factory.js
index 1ab3806b5..be9eda104 100644
--- a/src/key/factory.js
+++ b/src/key/factory.js
@@ -180,9 +180,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
       // prefer aes256, aes128, then aes192 (no WebCrypto support: https://www.chromium.org/blink/webcrypto#TOC-AES-support)
       enums.symmetric.aes256,
       enums.symmetric.aes128,
-      enums.symmetric.aes192,
-      enums.symmetric.cast5,
-      enums.symmetric.tripledes
+      enums.symmetric.aes192
     ], config.encryption_cipher);
     if (config.aead_protect) {
       signaturePacket.preferredAeadAlgorithms = createdPreferredAlgos([
diff --git a/test/general/key.js b/test/general/key.js
index 692b3f381..a9e46550d 100644
--- a/test/general/key.js
+++ b/test/general/key.js
@@ -1814,7 +1814,7 @@ function versionSpecificTests() {
       expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_communication).to.equal(keyFlags.encrypt_communication);
       expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage);
       const sym = openpgp.enums.symmetric;
-      expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes256, sym.aes128, sym.aes192, sym.cast5, sym.tripledes]);
+      expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes256, sym.aes128, sym.aes192]);
       if (openpgp.config.aead_protect) {
         const aead = openpgp.enums.aead;
         expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.eax, aead.ocb]);
@@ -1864,7 +1864,7 @@ function versionSpecificTests() {
       expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_communication).to.equal(keyFlags.encrypt_communication);
       expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage);
       const sym = openpgp.enums.symmetric;
-      expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes192, sym.aes256, sym.aes128, sym.cast5, sym.tripledes]);
+      expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes192, sym.aes256, sym.aes128]);
       if (openpgp.config.aead_protect) {
         const aead = openpgp.enums.aead;
         expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.experimental_gcm, aead.eax, aead.ocb]);