From 0ac9e5f7094fd9d83b3c0bdfe96c971b23385016 Mon Sep 17 00:00:00 2001
From: larabr <7375870+larabr@users.noreply.github.com>
Date: Fri, 1 Mar 2024 14:17:12 +0100
Subject: [PATCH] Only add SHA3 preferences to v6 keys

To ensure compatibility with older mobile clients, which may not
support verifying SHA3 message signatures
---
 src/key/factory.js  |  3 +--
 test/general/key.js | 12 ++++++++++--
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/key/factory.js b/src/key/factory.js
index 9843ad1ca..e1faeefc9 100644
--- a/src/key/factory.js
+++ b/src/key/factory.js
@@ -220,8 +220,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options, conf
       // prefer fast asm.js implementations (SHA-256)
       enums.hash.sha256,
       enums.hash.sha512,
-      enums.hash.sha3_256,
-      enums.hash.sha3_512
+      ...(secretKeyPacket.version === 6 ? [enums.hash.sha3_256, enums.hash.sha3_512] : [])
     ], config.preferredHashAlgorithm);
     signatureProperties.preferredCompressionAlgorithms = createPreferredAlgos([
       enums.compression.uncompressed,
diff --git a/test/general/key.js b/test/general/key.js
index 4990bef0f..086579605 100644
--- a/test/general/key.js
+++ b/test/general/key.js
@@ -2261,7 +2261,11 @@ function versionSpecificTests() {
         ]);
       }
       const hash = openpgp.enums.hash;
-      expect(selfSignature.preferredHashAlgorithms).to.eql([hash.sha256, hash.sha512, hash.sha3_256, hash.sha3_512]);
+      expect(selfSignature.preferredHashAlgorithms).to.eql(
+        openpgp.config.v6Keys ?
+          [hash.sha256, hash.sha512, hash.sha3_256, hash.sha3_512] :
+          [hash.sha256, hash.sha512]
+      );
       const compr = openpgp.enums.compression;
       expect(selfSignature.preferredCompressionAlgorithms).to.eql([compr.uncompressed, compr.zlib, compr.zip]);
 
@@ -2316,7 +2320,11 @@ function versionSpecificTests() {
         ]);
       }
       const hash = openpgp.enums.hash;
-      expect(selfSignature.preferredHashAlgorithms).to.eql([hash.sha224, hash.sha256, hash.sha512, hash.sha3_256, hash.sha3_512]);
+      expect(selfSignature.preferredHashAlgorithms).to.eql(
+        openpgp.config.v6Keys ?
+          [hash.sha224, hash.sha256, hash.sha512, hash.sha3_256, hash.sha3_512] :
+          [hash.sha224, hash.sha256, hash.sha512]
+      );
       const compr = openpgp.enums.compression;
       expect(selfSignature.preferredCompressionAlgorithms).to.eql([compr.zlib, compr.uncompressed, compr.zip]);