diff options
author | Cameron Katri <me@cameronkatri.com> | 2022-03-21 23:45:29 -0400 |
---|---|---|
committer | Cameron Katri <me@cameronkatri.com> | 2022-03-21 23:45:29 -0400 |
commit | 6260a9a9b99ce72e65b4786c16eb74b9afd575de (patch) | |
tree | 14b95bfeb39a05256083f2838bc78838bd500125 | |
parent | 10f4c5e49fa2f50ca3f0be7fb70fcc303e381dc3 (diff) | |
download | ldid-6260a9a9b99ce72e65b4786c16eb74b9afd575de.tar.gz ldid-6260a9a9b99ce72e65b4786c16eb74b9afd575de.tar.zst ldid-6260a9a9b99ce72e65b4786c16eb74b9afd575de.zip |
Remove support for EOL OpenSSL 0.9
OpenSSL 0.9.8 has been out of support since 2016. Nobody should be using
it anymore and has numerous vulnerabilites.
Revert "Port hash agility support to use OpenSSL 0.9.x :D."
This reverts commit 7818dc9c76ef1a007aa725286b8113b2341ebc11.
-rw-r--r-- | ldid.cpp | 14 |
1 files changed, 2 insertions, 12 deletions
@@ -1862,12 +1862,8 @@ class Signature { for (unsigned i(0), e(sk_X509_num(certs)); i != e; i++) _assert(PKCS7_add_certificate(value_, sk_X509_value(certs, e - i - 1))); - // XXX: this is the same as PKCS7_sign_add_signer(value_, stuff, stuff, NULL, PKCS7_NOSMIMECAP) - _assert(X509_check_private_key(stuff, stuff)); - auto info(PKCS7_add_signature(value_, stuff, stuff, EVP_sha1())); + auto info(PKCS7_sign_add_signer(value_, stuff, stuff, NULL, PKCS7_NOSMIMECAP)); _assert(info != NULL); - _assert(PKCS7_add_certificate(value_, stuff)); - _assert(PKCS7_add_signed_attribute(info, NID_pkcs9_contentType, V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data))); PKCS7_set_detached(value_, 1); @@ -1883,13 +1879,7 @@ class Signature { throw; } - // XXX: this is the same as PKCS7_final(value_, data, PKCS7_BINARY) - BIO *bio(PKCS7_dataInit(value_, NULL)); - _assert(bio != NULL); - _scope({ BIO_free_all(bio); }); - SMIME_crlf_copy(data, bio, PKCS7_BINARY); - BIO_flush(bio); - _assert(PKCS7_dataFinal(value_, bio)); + _assert(PKCS7_final(value_, data, PKCS7_BINARY)); } ~Signature() { |