From e4c9d9fa344293fdd0a624b68d27bd7a06fe8c66 Mon Sep 17 00:00:00 2001
From: Christian Hohnstaedt <christian@hohnstaedt.de>
Date: Sat, 5 Oct 2024 10:32:30 +0200
Subject: [PATCH] Add SHA3 hash algorithms

---
 changelog       |  1 +
 lib/digest.cpp  |  5 ++++-
 lib/pki_evp.cpp |  2 ++
 lib/pki_key.cpp | 16 +++++++++++-----
 4 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/changelog b/changelog
index 72d10732..2e3671d3 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,4 @@
+ * Add SHA3 algorithms to th select box
  * Close #593: App freezes/crashes when trying to export certain keys
  * Close #306 #537: Allow Database-driver options in config file
  * Close #537: macos: Compile mariadb-connector and qsqlmysql
diff --git a/lib/digest.cpp b/lib/digest.cpp
index 5e101882..822373c1 100644
--- a/lib/digest.cpp
+++ b/lib/digest.cpp
@@ -13,7 +13,10 @@
 
 const QList<int> digest::all_digests(
 	{ NID_md5, NID_ripemd160, NID_sha1,
-	  NID_sha224, NID_sha256, NID_sha384, NID_sha512
+	  NID_sha224, NID_sha256, NID_sha384, NID_sha512,
+#ifndef LIBRESSL_VERSION_NUMBER
+	  NID_sha3_224, NID_sha3_256, NID_sha3_384, NID_sha3_512,
+#endif
 });
 
 int digest::default_md(NID_sha256);
diff --git a/lib/pki_evp.cpp b/lib/pki_evp.cpp
index 4fd33b7a..83955cfe 100644
--- a/lib/pki_evp.cpp
+++ b/lib/pki_evp.cpp
@@ -979,6 +979,8 @@ void pki_evp::writeSSH2private(XFile &file) const
 	} else
 #endif
 		writeKey(file, nullptr, nullptr, true);
+
+	EVP_PKEY_free(pkey);
 }
 
 bool pki_evp::verify(EVP_PKEY *pkey) const
diff --git a/lib/pki_key.cpp b/lib/pki_key.cpp
index 08ad4556..03d1a82a 100644
--- a/lib/pki_key.cpp
+++ b/lib/pki_key.cpp
@@ -389,19 +389,25 @@ QByteArray pki_key::ed25519PrivKey(const EVP_PKEY *) const
 QList<int> pki_key::possibleHashNids()
 {
 	QList<int> nids;
+	QList<int> allSha2 = { NID_sha224, NID_sha256, NID_sha384, NID_sha512 };
+#ifndef LIBRESSL_VERSION_NUMBER
+	QList<int> allSha3 = { NID_sha3_224, NID_sha3_256, NID_sha3_384, NID_sha3_512 };
+#else
+	QList<int> allSha3;
+#endif
 
 	switch (EVP_PKEY_type(getKeyType())) {
 		case EVP_PKEY_RSA:
-			nids << NID_md5 << NID_ripemd160 << NID_sha1 << NID_sha224 << NID_sha256 <<
-				NID_sha384 << NID_sha512;
+			nids << NID_md5 << NID_ripemd160 << NID_sha1;
+			nids += allSha2 + allSha3;
 			break;
 		case EVP_PKEY_DSA:
-			nids << NID_sha1 << NID_sha256;
+			nids << NID_sha1 << NID_sha224 << NID_sha256;
 			break;
 #ifndef OPENSSL_NO_EC
 		case EVP_PKEY_EC:
-			nids << NID_sha1 << NID_sha224 << NID_sha256 <<
-				NID_sha384 << NID_sha512;
+			nids << NID_sha1;
+			nids += allSha2 + allSha3;
 			break;
 #ifdef EVP_PKEY_ED25519
 		case EVP_PKEY_ED25519: