aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/x509_ca.h10
-rw-r--r--src/x509_ca.cpp42
2 files changed, 10 insertions, 42 deletions
diff --git a/include/x509_ca.h b/include/x509_ca.h
index 8dd89755b..f799b05d8 100644
--- a/include/x509_ca.h
+++ b/include/x509_ca.h
@@ -30,16 +30,6 @@ class X509_CA
static X509_Certificate make_cert(PK_Signer*, const AlgorithmIdentifier&,
const MemoryRegion<byte>&,
- const MemoryRegion<byte>&,
- const X509_Time&, const X509_Time&,
- const X509_DN&, const X509_DN&,
- bool, u32bit, const AlternativeName&,
- const AlternativeName&,
- Key_Constraints,
- const std::vector<OID>&);
-
- static X509_Certificate make_cert(PK_Signer*, const AlgorithmIdentifier&,
- const MemoryRegion<byte>&,
const X509_Time&, const X509_Time&,
const X509_DN&, const X509_DN&,
const class Extensions&);
diff --git a/src/x509_ca.cpp b/src/x509_ca.cpp
index ac3faa7ac..8b4cb07f0 100644
--- a/src/x509_ca.cpp
+++ b/src/x509_ca.cpp
@@ -89,52 +89,30 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
X509_Time not_before(current_time);
X509_Time not_after(current_time + expire_time);
- return make_cert(signer, ca_sig_algo, req.raw_public_key(),
- cert.subject_key_id(), not_before, not_after,
- cert.subject_dn(), req.subject_dn(),
- req.is_CA(), req.path_limit(), req.subject_alt_name(),
- AlternativeName(), constraints, req.ex_constraints());
- }
-
-/*************************************************
-* Create a new certificate *
-*************************************************/
-X509_Certificate X509_CA::make_cert(PK_Signer* signer,
- const AlgorithmIdentifier& sig_algo,
- const MemoryRegion<byte>& pub_key,
- const MemoryRegion<byte>& auth_key_id,
- const X509_Time& not_before,
- const X509_Time& not_after,
- const X509_DN& issuer_dn,
- const X509_DN& subject_dn,
- bool is_CA, u32bit path_limit,
- const AlternativeName& subject_alt,
- const AlternativeName& issuer_alt,
- Key_Constraints constraints,
- const std::vector<OID>& ex_constraints)
- {
Extensions extensions;
// POLICY: which extensions
- extensions.add(new Cert_Extension::Subject_Key_ID(pub_key));
- extensions.add(new Cert_Extension::Authority_Key_ID(auth_key_id));
+ extensions.add(new Cert_Extension::Subject_Key_ID(req.raw_public_key()));
+ extensions.add(new Cert_Extension::Authority_Key_ID(cert.subject_key_id()));
extensions.add(
- new Cert_Extension::Basic_Constraints(is_CA, path_limit));
+ new Cert_Extension::Basic_Constraints(req.is_CA(), req.path_limit()));
- extensions.add(new Cert_Extension::Key_Usage(constraints));
+ extensions.add(new Cert_Extension::Key_Usage(req.constraints()));
extensions.add(
- new Cert_Extension::Extended_Key_Usage(ex_constraints));
+ new Cert_Extension::Extended_Key_Usage(req.ex_constraints()));
extensions.add(
- new Cert_Extension::Subject_Alternative_Name(subject_alt));
+ new Cert_Extension::Subject_Alternative_Name(req.subject_alt_name()));
+ /*
extensions.add(
new Cert_Extension::Issuer_Alternative_Name(issuer_alt));
+ */
- return make_cert(signer, sig_algo, pub_key,
+ return make_cert(signer, ca_sig_algo, req.raw_public_key(),
not_before, not_after,
- issuer_dn, subject_dn,
+ cert.subject_dn(), req.subject_dn(),
extensions);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 08:59:51 +0000