From 6260a9a9b99ce72e65b4786c16eb74b9afd575de Mon Sep 17 00:00:00 2001
From: Cameron Katri <me@cameronkatri.com>
Date: Mon, 21 Mar 2022 23:45:29 -0400
Subject: Remove support for EOL OpenSSL 0.9

OpenSSL 0.9.8 has been out of support since 2016. Nobody should be using
it anymore and has numerous vulnerabilites.

Revert "Port hash agility support to use OpenSSL 0.9.x :D."

This reverts commit 7818dc9c76ef1a007aa725286b8113b2341ebc11.
---
 ldid.cpp | 14 ++------------
 1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/ldid.cpp b/ldid.cpp
index 13eab12..f65b084 100644
--- a/ldid.cpp
+++ b/ldid.cpp
@@ -1862,12 +1862,8 @@ class Signature {
         for (unsigned i(0), e(sk_X509_num(certs)); i != e; i++)
             _assert(PKCS7_add_certificate(value_, sk_X509_value(certs, e - i - 1)));
 
-        // XXX: this is the same as PKCS7_sign_add_signer(value_, stuff, stuff, NULL, PKCS7_NOSMIMECAP)
-        _assert(X509_check_private_key(stuff, stuff));
-        auto info(PKCS7_add_signature(value_, stuff, stuff, EVP_sha1()));
+        auto info(PKCS7_sign_add_signer(value_, stuff, stuff, NULL, PKCS7_NOSMIMECAP));
         _assert(info != NULL);
-        _assert(PKCS7_add_certificate(value_, stuff));
-        _assert(PKCS7_add_signed_attribute(info, NID_pkcs9_contentType, V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data)));
 
         PKCS7_set_detached(value_, 1);
 
@@ -1883,13 +1879,7 @@ class Signature {
             throw;
         }
 
-        // XXX: this is the same as PKCS7_final(value_, data, PKCS7_BINARY)
-        BIO *bio(PKCS7_dataInit(value_, NULL));
-        _assert(bio != NULL);
-        _scope({ BIO_free_all(bio); });
-        SMIME_crlf_copy(data, bio, PKCS7_BINARY);
-        BIO_flush(bio);
-        _assert(PKCS7_dataFinal(value_, bio));
+        _assert(PKCS7_final(value_, data, PKCS7_BINARY));
     }
 
     ~Signature() {
-- 
cgit v1.2.3-56-ge451