aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/x509_ca.cpp6
-rw-r--r--src/x509self.cpp4
2 files changed, 6 insertions, 4 deletions
diff --git a/src/x509_ca.cpp b/src/x509_ca.cpp
index e7557cea5..024803ab4 100644
--- a/src/x509_ca.cpp
+++ b/src/x509_ca.cpp
@@ -43,6 +43,7 @@ X509_CA::X509_CA(const X509_Certificate& c,
* Sign a PKCS #10 certificate request *
*************************************************/
X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
+ RandomNumberGenerator& rng,
const X509_Time& not_before,
const X509_Time& not_after)
{
@@ -70,7 +71,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
extensions.add(
new Cert_Extension::Subject_Alternative_Name(req.subject_alt_name()));
- return make_cert(signer, ca_sig_algo, req.raw_public_key(),
+ return make_cert(signer, rng, ca_sig_algo, req.raw_public_key(),
not_before, not_after,
cert.subject_dn(), req.subject_dn(),
extensions);
@@ -80,6 +81,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
* Create a new certificate *
*************************************************/
X509_Certificate X509_CA::make_cert(PK_Signer* signer,
+ RandomNumberGenerator& rng,
const AlgorithmIdentifier& sig_algo,
const MemoryRegion<byte>& pub_key,
const X509_Time& not_before,
@@ -88,8 +90,6 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
const X509_DN& subject_dn,
const Extensions& extensions)
{
- RandomNumberGenerator& rng = global_state().prng_reference();
-
const u32bit X509_CERT_VERSION = 3;
const u32bit SERIAL_BITS = 128;
diff --git a/src/x509self.cpp b/src/x509self.cpp
index b9e558b7a..9e035ff7d 100644
--- a/src/x509self.cpp
+++ b/src/x509self.cpp
@@ -91,7 +91,9 @@ X509_Certificate create_self_signed_cert(const X509_Cert_Options& opts,
extensions.add(
new Cert_Extension::Basic_Constraints(opts.is_CA, opts.path_limit));
- return X509_CA::make_cert(signer.get(), sig_algo, pub_key,
+ RandomNumberGenerator& rng = global_state().prng_reference();
+
+ return X509_CA::make_cert(signer.get(), rng, sig_algo, pub_key,
opts.start, opts.end,
subject_dn, subject_dn,
extensions);