myproxy-server uses old cipher for storing private key

[msalle]

myproxy-server - when storing locally a private key in its /var/lib/myproxy/ directory as a .creds file - is using an old cipher, via EVP_des_ede3_cbc() in ssl_private_key_store_to_file(), ssl_utils.c line 812 and ssl_proxy_to_pem(), ssl_utils.c line 1131

It reads using PEM_read_PrivateKey() in ssl_private_key_load_from_file(), ssl_utils.c lines 743-744 and PEM_read_bio_PrivateKey() in ssl_proxy_from_pem(), ssl_utils.c lines 927-928 which are generic enough to read other formats too. I've checked briefly by manually exchanging the private key in /var/lib/myproxy/*.creds into one created using -aes256 or -camellia256 and myproxy-server is able to read both of them. So replacing with e.g.

cipher = EVP_aes_256_cbc();

should work fine

[fscheiner]

@msalle : Hm, maybe we should check the whole GCT for calls to old/deprecated encryption functions? Reminds me of #202.