certtool: --to-p12: use modern algorithms by default

Currently certtool uses PKCS12-3DES-SHA1 for encrypting keys in
PKCS#12, while it is suggested to migrate to more modern algorithms,
namely AES-128-CBC with PBKDF2 and SHA-256:
https://bugzilla.redhat.com/show_bug.cgi?id=1759982

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/src/certtool-common.c b/src/certtool-common.c
index 3fd63ab7aad9b604b2c0271a8f88b1177e564027..5e7bc5666c22559f95039162c64ac8439e78b1fe 100644 (file)
--- a/src/certtool-common.c
+++ b/src/certtool-common.c
@@ -1149,11 +1149,7 @@ void dh_info(FILE * infile, FILE * outfile, common_info_st * ci)
 int cipher_to_flags(const char *cipher)
 {
        if (cipher == NULL) {
-#ifdef ENABLE_FIPS140
                return GNUTLS_PKCS_USE_PBES2_AES_128;
-#else /* compatibility mode - most implementations don't support PBES2 with AES */
-               return GNUTLS_PKCS_USE_PKCS12_3DES;
-#endif
        } else if (strcasecmp(cipher, "3des") == 0) {
                return GNUTLS_PKCS_USE_PBES2_3DES;
        } else if (strcasecmp(cipher, "3des-pkcs12") == 0) {

diff --git a/src/certtool.c b/src/certtool.c
index 825a306bc93ac7164be0990f0ee37402d3e292be..1d7a98064d8549f910e1d246bc3a331273ba5e3d 100644 (file)
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -2960,7 +2960,7 @@ void generate_pkcs12(common_info_st * cinfo)
        if (cinfo->hash != GNUTLS_DIG_UNKNOWN)
                mac = (gnutls_mac_algorithm_t)cinfo->hash;
        else
-               mac = GNUTLS_MAC_SHA1;
+               mac = GNUTLS_MAC_SHA256;
 
        if (HAVE_OPT(P12_NAME)) {
                name = OPT_ARG(P12_NAME);