diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/x509_ca.cpp | 6 | ||||
-rw-r--r-- | src/x509self.cpp | 4 |
2 files changed, 6 insertions, 4 deletions
diff --git a/src/x509_ca.cpp b/src/x509_ca.cpp index e7557cea5..024803ab4 100644 --- a/src/x509_ca.cpp +++ b/src/x509_ca.cpp @@ -43,6 +43,7 @@ X509_CA::X509_CA(const X509_Certificate& c, * Sign a PKCS #10 certificate request * *************************************************/ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req, + RandomNumberGenerator& rng, const X509_Time& not_before, const X509_Time& not_after) { @@ -70,7 +71,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req, extensions.add( new Cert_Extension::Subject_Alternative_Name(req.subject_alt_name())); - return make_cert(signer, ca_sig_algo, req.raw_public_key(), + return make_cert(signer, rng, ca_sig_algo, req.raw_public_key(), not_before, not_after, cert.subject_dn(), req.subject_dn(), extensions); @@ -80,6 +81,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req, * Create a new certificate * *************************************************/ X509_Certificate X509_CA::make_cert(PK_Signer* signer, + RandomNumberGenerator& rng, const AlgorithmIdentifier& sig_algo, const MemoryRegion<byte>& pub_key, const X509_Time& not_before, @@ -88,8 +90,6 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer, const X509_DN& subject_dn, const Extensions& extensions) { - RandomNumberGenerator& rng = global_state().prng_reference(); - const u32bit X509_CERT_VERSION = 3; const u32bit SERIAL_BITS = 128; diff --git a/src/x509self.cpp b/src/x509self.cpp index b9e558b7a..9e035ff7d 100644 --- a/src/x509self.cpp +++ b/src/x509self.cpp @@ -91,7 +91,9 @@ X509_Certificate create_self_signed_cert(const X509_Cert_Options& opts, extensions.add( new Cert_Extension::Basic_Constraints(opts.is_CA, opts.path_limit)); - return X509_CA::make_cert(signer.get(), sig_algo, pub_key, + RandomNumberGenerator& rng = global_state().prng_reference(); + + return X509_CA::make_cert(signer.get(), rng, sig_algo, pub_key, opts.start, opts.end, subject_dn, subject_dn, extensions); |