diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 0f0703f4b2..d1c716b8a4 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -134,7 +134,6 @@ int main( void ) " basic_constraints=%%d default: 1\n" \ " Possible values: 0, 1\n" \ " (Considered for v3 only)\n"\ - " sig_alg=%%s default: SHA-256\n" \ " key_usage=%%s default: (empty)\n" \ " Comma-separated-list of values:\n" \ " digital_signature\n" \ @@ -190,7 +189,6 @@ struct options int basic_constraints; /* add basic constraints ext to CRT */ int version; /* CRT version */ mbedtls_md_type_t md; /* Hash used for signing */ - mbedtls_md_type_t sig_alg; /* MD to use generating signature */ unsigned char key_usage; /* key usage flags */ mbedtls_asn1_sequence *ext_key_usage; /* extended key usages */ unsigned char ns_cert_type; /* NS cert type */ @@ -286,7 +284,6 @@ int main( int argc, char *argv[] ) opt.selfsign = DFL_SELFSIGN; opt.is_ca = DFL_IS_CA; opt.max_pathlen = DFL_MAX_PATHLEN; - opt.sig_alg = DFL_SIG_ALG; opt.key_usage = DFL_KEY_USAGE; opt.ext_key_usage = DFL_EXT_KEY_USAGE; opt.ns_cert_type = DFL_NS_CERT_TYPE; @@ -416,17 +413,6 @@ int main( int argc, char *argv[] ) goto usage; } } - else if( strcmp( p, "sig_alg") == 0 ) - { - if( strcmp( q, "SHA-1" ) == 0 ) - opt.sig_alg = MBEDTLS_MD_SHA1; - else if( strcmp( q, "SHA-256" ) == 0 ) - opt.sig_alg = MBEDTLS_MD_SHA256; - else if( strcmp( q, "MD5" ) == 0 ) - opt.sig_alg = MBEDTLS_MD_MD5; - else - goto usage; - } else if( strcmp( p, "key_usage" ) == 0 ) { while( q != NULL ) @@ -746,8 +732,6 @@ int main( int argc, char *argv[] ) mbedtls_printf( " ok\n" ); } - mbedtls_x509write_crt_set_md_alg( &crt, opt.sig_alg ); - #if defined(MBEDTLS_SHA1_C) if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && opt.subject_identifier != 0 )