gpg: For de-vs use AES-128 instead of 3DES as implicit preference.

* g10/pkclist.c (select_algo_from_prefs): Change implicit cipher algorithm. -- Although 3DES is still a compliant algorithm, some other software does not consider it has compliant but also does not set preference accordingly. Thus it is better to switch the implicit cipher algorithm similar to what we already did with SHA-1. Note that in GnuPG 2.3 3DES is already not anymore used here. GnuPG-bug-id: 6063
2025-01-08 12:44:23 +01:00 · 2022-10-10 11:20:16 +02:00 · 2022-10-10 11:20:16 +02:00 · 5df1c247be
commit 5df1c247be
parent 94092793f6
1 changed files with 10 additions and 2 deletions
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -1479,8 +1479,16 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype,
 	     --pgp2 mode is on.  This was a 2440 thing that was
 	     dropped from 4880 but is still relevant to GPG's 1991
 	     support.  All this doesn't mean IDEA is actually
-	     available, of course. */
-          implicit=CIPHER_ALGO_3DES;
+	     available, of course.
+
+             Because "de-vs" compliance will soon not anymore allow
+             3DES it does not make sense to assign 3DES as implicit
+             algorithm.  Instead it is better to use AES-128 as
+             implicit algorithm here.   */
+          if (opt.compliance == CO_DE_VS)
+            implicit = CIPHER_ALGO_AES;
+          else
+            implicit=CIPHER_ALGO_3DES;

 	  break;