From 3daaf3d21dd591a2460aef3434092d19f07c9d20 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Sun, 27 Oct 2013 14:22:02 +0100
Subject: [PATCH] X509 key identifiers depend on SHA1

---
 include/polarssl/x509_crt.h                | 2 ++
 library/x509write_crt.c                    | 2 ++
 programs/x509/cert_write.c                 | 2 ++
 tests/suites/test_suite_x509write.function | 2 +-
 4 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h
index 0c1b9e109..a55667607 100644
--- a/include/polarssl/x509_crt.h
+++ b/include/polarssl/x509_crt.h
@@ -400,6 +400,7 @@ int x509write_crt_set_extension( x509write_cert *ctx,
 int x509write_crt_set_basic_constraints( x509write_cert *ctx,
                                          int is_ca, int max_pathlen );
 
+#if defined(POLARSSL_SHA1_C)
 /**
  * \brief           Set the subjectKeyIdentifier extension for a CRT
  *                  Requires that x509write_crt_set_subject_key() has been
@@ -421,6 +422,7 @@ int x509write_crt_set_subject_key_identifier( x509write_cert *ctx );
  * \return          0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED
  */
 int x509write_crt_set_authority_key_identifier( x509write_cert *ctx );
+#endif /* POLARSSL_SHA1_C */
 
 /**
  * \brief           Set the Key Usage Extension flags
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index c3db3c4e2..86b403421 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -156,6 +156,7 @@ int x509write_crt_set_basic_constraints( x509write_cert *ctx,
                                         0, buf + sizeof(buf) - len, len );
 }
 
+#if defined(POLARSSL_SHA1_C)
 int x509write_crt_set_subject_key_identifier( x509write_cert *ctx )
 {
     int ret;
@@ -202,6 +203,7 @@ int x509write_crt_set_authority_key_identifier( x509write_cert *ctx )
                                    OID_SIZE( OID_AUTHORITY_KEY_IDENTIFIER ),
                                    0, buf + sizeof(buf) - len, len );
 }
+#endif /* POLARSSL_SHA1_C */
 
 int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage )
 {
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index 94dfa1ddc..8e4951e58 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -571,6 +571,7 @@ int main( int argc, char *argv[] )
 
     printf( " ok\n" );
 
+#if defined(POLARSSL_SHA1_C)
     printf( "  . Adding the Subject Key Identifier ..." );
     fflush( stdout );
 
@@ -596,6 +597,7 @@ int main( int argc, char *argv[] )
     }
 
     printf( " ok\n" );
+#endif /* POLARSSL_SHA1_C */
 
     if( opt.key_usage )
     {
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 323361784..8b57f8cce 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -53,7 +53,7 @@ void x509_csr_check( char *key_file, int md_type,
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C:POLARSSL_X509_CRT_WRITE_C */
+/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C:POLARSSL_X509_CRT_WRITE_C:POLARSSL_SHA1_C */
 void x509_crt_check( char *subject_key_file, char *subject_pwd,
                      char *subject_name, char *issuer_key_file,
                      char *issuer_pwd, char *issuer_name,