From 95e77ed46af09dd71dc1ca1868b894266e93da01 Mon Sep 17 00:00:00 2001
From: larabr <7375870+larabr@users.noreply.github.com>
Date: Thu, 26 Mar 2020 18:03:02 +0100
Subject: [PATCH] Remove 3DES and CAST5 from default preferred symmetric
 algorithms (#1068)

---
 src/key/factory.js  | 4 +---
 test/general/key.js | 4 ++--
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/key/factory.js b/src/key/factory.js
index 1ab3806b5..be9eda104 100644
--- a/src/key/factory.js
+++ b/src/key/factory.js
@@ -180,9 +180,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
       // prefer aes256, aes128, then aes192 (no WebCrypto support: https://www.chromium.org/blink/webcrypto#TOC-AES-support)
       enums.symmetric.aes256,
       enums.symmetric.aes128,
-      enums.symmetric.aes192,
-      enums.symmetric.cast5,
-      enums.symmetric.tripledes
+      enums.symmetric.aes192
     ], config.encryption_cipher);
     if (config.aead_protect) {
       signaturePacket.preferredAeadAlgorithms = createdPreferredAlgos([
diff --git a/test/general/key.js b/test/general/key.js
index eed17a550..745a7ddc3 100644
--- a/test/general/key.js
+++ b/test/general/key.js
@@ -1975,7 +1975,7 @@ function versionSpecificTests() {
       expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_communication).to.equal(keyFlags.encrypt_communication);
       expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage);
       const sym = openpgp.enums.symmetric;
-      expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes256, sym.aes128, sym.aes192, sym.cast5, sym.tripledes]);
+      expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes256, sym.aes128, sym.aes192]);
       if (openpgp.config.aead_protect) {
         const aead = openpgp.enums.aead;
         expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.eax, aead.ocb]);
@@ -2025,7 +2025,7 @@ function versionSpecificTests() {
       expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_communication).to.equal(keyFlags.encrypt_communication);
       expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage);
       const sym = openpgp.enums.symmetric;
-      expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes192, sym.aes256, sym.aes128, sym.cast5, sym.tripledes]);
+      expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes192, sym.aes256, sym.aes128]);
       if (openpgp.config.aead_protect) {
         const aead = openpgp.enums.aead;
         expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.experimental_gcm, aead.eax, aead.ocb]);