apps: Change default cipher to aes-256-cbc for req, cms and smime apps

Update `CHANGES.md` and `NEWS.md`; remove `no-des` guard from req, cms,
and smime apps

Update MAN pages for default cipher; fix styling by removing braces around single statements

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25839)

3 files changed, 17 insertions, 12 deletions

diff --git a/doc/man1/openssl-cms.pod.in b/doc/man1/openssl-cms.pod.in
index da819a047b..f6b3a4c7d6 100644
--- a/doc/man1/openssl-cms.pod.in
+++ b/doc/man1/openssl-cms.pod.in
@@ -406,16 +406,16 @@ One or more certificate filenames may be given.
 
 =item B<-I<cipher>>
 
-The encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
-or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
+The encryption algorithm to use. For example, AES (256 bits) - B<-aes256>
+or triple DES (168 bits) - B<-des3>. Any standard algorithm name (as used by the
 EVP_get_cipherbyname() function) can also be used preceded by a dash, for
 example B<-aes-128-cbc>. See L<openssl-enc(1)> for a list of ciphers
 supported by your version of OpenSSL.
 
-Currently the AES variants with GCM mode are the only supported AEAD
+Currently, the AES variants with GCM mode are the only supported AEAD
 algorithms.
 
-If not specified triple DES is used. Only used with B<-encrypt> and
+If not specified, AES-256-CBC is used as the default. Only used with B<-encrypt> and
 B<-EncryptedData_create> commands.
 
 =item B<-wrap> I<cipher>
@@ -896,6 +896,8 @@ L<ossl_store-file(7)>
 
 =head1 HISTORY
 
+The default encryption cipher was changed from 3DES to AES-256 in OpenSSL 3.5.
+
 The use of multiple B<-signer> options and the B<-resign> command were first
 added in OpenSSL 1.0.0.
 
diff --git a/doc/man1/openssl-req.pod.in b/doc/man1/openssl-req.pod.in
index 5cb3004d3f..f49730e454 100644
--- a/doc/man1/openssl-req.pod.in
+++ b/doc/man1/openssl-req.pod.in
@@ -90,8 +90,7 @@ The data is a PKCS#10 object.
 =item B<-cipher> I<name>
 
 Specify the cipher to be used for encrypting the private key.
-The default cipher is 3DES (DES-EDE3-CBC).
-If no cipher is specified, 3DES will be used by default.
+If no cipher is specified, AES-256-CBC will be used by default.
 You can override this by providing any valid OpenSSL cipher name.
 
 =item B<-in> I<filename>
@@ -836,6 +835,8 @@ L<x509v3_config(5)>
 
 =head1 HISTORY
 
+The default encryption cipher was changed from 3DES to AES-256 in OpenSSL 3.5.
+
 The B<-section> option was added in OpenSSL 3.0.0.
 
 The B<-multivalue-rdn> option has become obsolete in OpenSSL 3.0.0 and
diff --git a/doc/man1/openssl-smime.pod.in b/doc/man1/openssl-smime.pod.in
index 330ddf2f87..845fb74e31 100644
--- a/doc/man1/openssl-smime.pod.in
+++ b/doc/man1/openssl-smime.pod.in
@@ -167,13 +167,13 @@ default digest algorithm for the signing key will be used (usually SHA1).
 
 =item B<-I<cipher>>
 
-The encryption algorithm to use. For example DES  (56 bits) - B<-des>,
-triple DES (168 bits) - B<-des3>,
-EVP_get_cipherbyname() function) can also be used preceded by a dash, for
-example B<-aes-128-cbc>. See L<openssl-enc(1)> for list of ciphers
-supported by your version of OpenSSL.
+The encryption algorithm to use. For example, DES (56 bits) - B<-des>,
+triple DES (168 bits) - B<-des3>, or AES (256 bits) - B<-aes256>.
+Any standard algorithm name (as used by the EVP_get_cipherbyname() function)
+can also be used, preceded by a dash, for example B<-aes-128-cbc>.
+See L<openssl-enc(1)> for a list of ciphers supported by your version of OpenSSL.
 
-If not specified triple DES is used. Only used with B<-encrypt>.
+If not specified, AES-256-CBC is used as the default. Only used with B<-encrypt>.
 
 =item B<-nointern>
 
@@ -468,6 +468,8 @@ L<ossl_store-file(7)>
 
 =head1 HISTORY
 
+The default encryption cipher was changed from 3DES to AES-256 in OpenSSL 3.5.
+
 The use of multiple B<-signer> options and the B<-resign> command were first
 added in OpenSSL 1.0.0