diff options
| author | Werner Koch <[email protected]> | 2014-08-18 09:45:00 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-12-17 15:03:45 +0000 |
| commit | fc30a414d8d6586207444356ec270bd3fe0f6e68 (patch) | |
| tree | 88adabaf9f41880b6419b4e3d9fa423275b97071 | |
| parent | Pass DBUS_SESSION_BUS_ADDRESS for gnome3 (diff) | |
| download | gnupg-fc30a414d8d6586207444356ec270bd3fe0f6e68.tar.gz gnupg-fc30a414d8d6586207444356ec270bd3fe0f6e68.zip | |
gpg: Change default cipher for --symmetric from CAST5 to AES-128.
* g10/main.h (DEFAULT_CIPHER_ALGO): Change to AES or CAST5 or 3DES
depending on configure options.
* g10/gpg.c (main): Set opt.s2k_cipher_algo to DEFAULT_CIPHER_ALGO.
--
(cherry picked from commit 57df1121c18b004dd763b35eabf7b51fc9e8ec38)
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | doc/gpg.texi | 2 | ||||
| -rw-r--r-- | g10/gpg.c | 6 | ||||
| -rw-r--r-- | g10/main.h | 11 |
3 files changed, 11 insertions, 8 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi index 27ae18c76..0b8beed1e 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -11,7 +11,7 @@ @c Begin algorithm defaults -@set DEFSYMENCALGO CAST5 +@set DEFSYMENCALGO AES128 @c End algorithm defaults @@ -1883,11 +1883,7 @@ main (int argc, char **argv ) opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */ opt.s2k_mode = 3; /* iterated+salted */ opt.s2k_count = 96; /* 65536 iterations */ -#ifdef USE_CAST5 - opt.s2k_cipher_algo = CIPHER_ALGO_CAST5; -#else - opt.s2k_cipher_algo = CIPHER_ALGO_3DES; -#endif + opt.s2k_cipher_algo = DEFAULT_CIPHER_ALGO; opt.completes_needed = 1; opt.marginals_needed = 3; opt.max_cert_depth = 5; diff --git a/g10/main.h b/g10/main.h index dbc8d8f10..21ec1f077 100644 --- a/g10/main.h +++ b/g10/main.h @@ -26,11 +26,18 @@ #include "keydb.h" /* It could be argued that the default cipher should be 3DES rather - than CAST5, and the default compression should be 0 + than AES128, and the default compression should be 0 (i.e. uncompressed) rather than 1 (zip). However, the real world issues of speed and size come into play here. */ -#define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5 +#if USE_AES +# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_AES +#elif USE_CAST5 +# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5 +#else +# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_3DES +#endif + #define DEFAULT_DIGEST_ALGO DIGEST_ALGO_SHA1 #define DEFAULT_COMPRESS_ALGO COMPRESS_ALGO_ZIP #define DEFAULT_S2K_DIGEST_ALGO DIGEST_ALGO_SHA1 |