Modify X509_CA::make_cert and X509_CA::sign_request to take a RNG reference

argument in favor of referencing the global PRNG argument
author: lloyd <[email protected]> 2008-06-11 01:15:31 +0000
committer: lloyd <[email protected]> 2008-06-11 01:15:31 +0000
commit: 184fe79523ad605ea3c820b83e984362433b2a7a (patch)
tree: feca060d82d2e0cbdbddc2f29f00c7b7db682974 /src
parent: 7253964aba9ca41a88261557d8cd91df39cd4b88 (diff)
2 files changed, 6 insertions, 4 deletions
diff --git a/src/x509_ca.cpp b/src/x509_ca.cpp
index e7557cea5..024803ab4 100644
--- a/src/x509_ca.cpp
+++ b/src/x509_ca.cpp
@@ -43,6 +43,7 @@ X509_CA::X509_CA(const X509_Certificate& c,
 * Sign a PKCS #10 certificate request            *
 *************************************************/
 X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
+                                       RandomNumberGenerator& rng,
                                        const X509_Time& not_before,
                                        const X509_Time& not_after)
    {
@@ -70,7 +71,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
    extensions.add(
       new Cert_Extension::Subject_Alternative_Name(req.subject_alt_name()));
 
-   return make_cert(signer, ca_sig_algo, req.raw_public_key(),
+   return make_cert(signer, rng, ca_sig_algo, req.raw_public_key(),
                     not_before, not_after,
                     cert.subject_dn(), req.subject_dn(),
                     extensions);
@@ -80,6 +81,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
 * Create a new certificate                       *
 *************************************************/
 X509_Certificate X509_CA::make_cert(PK_Signer* signer,
+                                    RandomNumberGenerator& rng,
                                     const AlgorithmIdentifier& sig_algo,
                                     const MemoryRegion<byte>& pub_key,
                                     const X509_Time& not_before,
@@ -88,8 +90,6 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
                                     const X509_DN& subject_dn,
                                     const Extensions& extensions)
    {
-   RandomNumberGenerator& rng = global_state().prng_reference();
-
    const u32bit X509_CERT_VERSION = 3;
    const u32bit SERIAL_BITS = 128;
 
diff --git a/src/x509self.cpp b/src/x509self.cpp
index b9e558b7a..9e035ff7d 100644
--- a/src/x509self.cpp
+++ b/src/x509self.cpp
@@ -91,7 +91,9 @@ X509_Certificate create_self_signed_cert(const X509_Cert_Options& opts,
    extensions.add(
       new Cert_Extension::Basic_Constraints(opts.is_CA, opts.path_limit));
 
-   return X509_CA::make_cert(signer.get(), sig_algo, pub_key,
+   RandomNumberGenerator& rng = global_state().prng_reference();
+
+   return X509_CA::make_cert(signer.get(), rng, sig_algo, pub_key,
                              opts.start, opts.end,
                              subject_dn, subject_dn,
                              extensions);
author	lloyd <[email protected]>	2008-06-11 01:15:31 +0000
committer	lloyd <[email protected]>	2008-06-11 01:15:31 +0000
commit	184fe79523ad605ea3c820b83e984362433b2a7a (patch)
tree	feca060d82d2e0cbdbddc2f29f00c7b7db682974 /src
parent	7253964aba9ca41a88261557d8cd91df39cd4b88 (diff)