From: Arne Schwabe <arne@rfc2549.org>
Date: Thu, 28 Jul 2022 14:51:58 +0000 (+0200)
Subject: Fix wrong default algorithm in openssl pkcs12 help
X-Git-Tag: openssl-3.2.0-alpha1~2308
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=72a85c17aae602e881c917c3f6e93bd7f7260093;p=thirdparty%2Fopenssl.git

Fix wrong default algorithm in openssl pkcs12 help

The default that pkcs12 -export uses is SHA256 and not SHA1.

CLA: Trivial

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18904)
---

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 645e30e72f8..0338ff30d6e 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -144,7 +144,7 @@ const OPTIONS pkcs12_options[] = {
      "Encrypt output with 3DES (default PBES2 with PBKDF2 and AES-256 CBC)"},
 #endif
     {"macalg", OPT_MACALG, 's',
-     "Digest algorithm to use in MAC (default SHA1)"},
+     "Digest algorithm to use in MAC (default SHA256)"},
     {"iter", OPT_ITER, 'p', "Specify the iteration count for encryption and MAC"},
     {"noiter", OPT_NOITER, '-', "Don't use encryption iteration"},
     {"nomaciter", OPT_NOMACITER, '-', "Don't use MAC iteration)"},