diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java index da3393a79..6b20c1384 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java @@ -81,7 +81,7 @@ public class PgpSecurityConstants { // MD2: not used widely // TIGER_192: not used widely // HAVAL_5_160: not used widely - HashAlgorithmTags.SHA256, // compatibility for old Mailvelope versions + HashAlgorithmTags.SHA256, // solid default HashAlgorithmTags.SHA384, // affine padding attacks; unproven status of RSA-PKCSv15 HashAlgorithmTags.SHA512 // SHA224: issues with collision resistance of 112-bits, Not used widely @@ -177,7 +177,7 @@ public class PgpSecurityConstants { * (Most preferred is first) */ public static final int[] PREFERRED_HASH_ALGORITHMS = new int[]{ - HashAlgorithmTags.SHA512, // If possible use SHA-512, this is state of the art! + HashAlgorithmTags.SHA256, }; /** @@ -196,7 +196,7 @@ public class PgpSecurityConstants { /** * Hash algorithm used to certify public keys */ - public static final int CERTIFY_HASH_ALGO = HashAlgorithmTags.SHA512; + public static final int CERTIFY_HASH_ALGO = HashAlgorithmTags.SHA256; /** @@ -213,7 +213,7 @@ public class PgpSecurityConstants { * Always use SHA-512! * We always ignore the preferred hash algos of the recipient! */ - public static final int DEFAULT_HASH_ALGORITHM = HashAlgorithmTags.SHA512; + public static final int DEFAULT_HASH_ALGORITHM = HashAlgorithmTags.SHA256; public interface OpenKeychainHashAlgorithmTags extends HashAlgorithmTags { int USE_DEFAULT = -1; @@ -254,9 +254,9 @@ public class PgpSecurityConstants { * Yahoo's End-to-End: 96=0x60 (65536 iterations) (https://github.com/yahoo/end-to-end/blob/master/src/javascript/crypto/e2e/openpgp/keyring.js) */ public static final int SECRET_KEY_ENCRYPTOR_S2K_COUNT = 0x90; - public static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA512; + public static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA256; public static final int SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO = SymmetricKeyAlgorithmTags.AES_256; - public static final int SECRET_KEY_BINDING_SIGNATURE_HASH_ALGO = HashAlgorithmTags.SHA512; + public static final int SECRET_KEY_BINDING_SIGNATURE_HASH_ALGO = HashAlgorithmTags.SHA256; // NOTE: only SHA1 is supported for key checksum calculations in OpenPGP, // see http://tools.ietf.org/html/rfc488 0#section-5.5.3 public static final int SECRET_KEY_SIGNATURE_CHECKSUM_HASH_ALGO = HashAlgorithmTags.SHA1; diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java index 94b7e72d1..fda0752c8 100644 --- a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java +++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java @@ -256,7 +256,7 @@ public class PgpKeyOperationTest { PGPSecretKey secretKey = ((PGPSecretKeyRing) result.getRing().mRing).getSecretKey(); assertEquals(S2K.SALTED_AND_ITERATED, secretKey.getS2K().getType()); - assertEquals(HashAlgorithmTags.SHA512, secretKey.getS2K().getHashAlgorithm()); + assertEquals(HashAlgorithmTags.SHA256, secretKey.getS2K().getHashAlgorithm()); assertEquals(-1, secretKey.getS2K().getProtectionMode()); assertEquals(SecretKeyPacket.USAGE_CHECKSUM, secretKey.getS2KUsage()); }