certtool: --to-p12: use modern algorithms by default

Currently certtool uses PKCS12-3DES-SHA1 for encrypting keys in
PKCS#12, while it is suggested to migrate to more modern algorithms,
namely AES-128-CBC with PBKDF2 and SHA-256:
https://bugzilla.redhat.com/show_bug.cgi?id=1759982

Signed-off-by: Daiki Ueno <ueno@gnu.org>

2 files changed, 1 insertions, 5 deletions

diff --git a/src/certtool-common.c b/src/certtool-common.c
index 3fd63ab7aa..5e7bc5666c 100644
--- a/src/certtool-common.c
+++ b/src/certtool-common.c
@@ -1149,11 +1149,7 @@ void dh_info(FILE * infile, FILE * outfile, common_info_st * ci)
 int cipher_to_flags(const char *cipher)
 {
 	if (cipher == NULL) {
-#ifdef ENABLE_FIPS140
 		return GNUTLS_PKCS_USE_PBES2_AES_128;
-#else /* compatibility mode - most implementations don't support PBES2 with AES */
-		return GNUTLS_PKCS_USE_PKCS12_3DES;
-#endif
 	} else if (strcasecmp(cipher, "3des") == 0) {
 		return GNUTLS_PKCS_USE_PBES2_3DES;
 	} else if (strcasecmp(cipher, "3des-pkcs12") == 0) {
diff --git a/src/certtool.c b/src/certtool.c
index 825a306bc9..1d7a98064d 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -2960,7 +2960,7 @@ void generate_pkcs12(common_info_st * cinfo)
 	if (cinfo->hash != GNUTLS_DIG_UNKNOWN)
 		mac = (gnutls_mac_algorithm_t)cinfo->hash;
 	else
-		mac = GNUTLS_MAC_SHA1;
+		mac = GNUTLS_MAC_SHA256;
 
 	if (HAVE_OPT(P12_NAME)) {
 		name = OPT_ARG(P12_NAME);