From 184fe79523ad605ea3c820b83e984362433b2a7a Mon Sep 17 00:00:00 2001
From: lloyd <lloyd@randombit.net>
Date: Wed, 11 Jun 2008 01:15:31 +0000
Subject: Modify X509_CA::make_cert and X509_CA::sign_request to take a RNG
 reference argument in favor of referencing the global PRNG argument

---
 src/x509_ca.cpp  | 6 +++---
 src/x509self.cpp | 4 +++-
 2 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/x509_ca.cpp b/src/x509_ca.cpp
index e7557cea5..024803ab4 100644
--- a/src/x509_ca.cpp
+++ b/src/x509_ca.cpp
@@ -43,6 +43,7 @@ X509_CA::X509_CA(const X509_Certificate& c,
 * Sign a PKCS #10 certificate request            *
 *************************************************/
 X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
+                                       RandomNumberGenerator& rng,
                                        const X509_Time& not_before,
                                        const X509_Time& not_after)
    {
@@ -70,7 +71,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
    extensions.add(
       new Cert_Extension::Subject_Alternative_Name(req.subject_alt_name()));
 
-   return make_cert(signer, ca_sig_algo, req.raw_public_key(),
+   return make_cert(signer, rng, ca_sig_algo, req.raw_public_key(),
                     not_before, not_after,
                     cert.subject_dn(), req.subject_dn(),
                     extensions);
@@ -80,6 +81,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
 * Create a new certificate                       *
 *************************************************/
 X509_Certificate X509_CA::make_cert(PK_Signer* signer,
+                                    RandomNumberGenerator& rng,
                                     const AlgorithmIdentifier& sig_algo,
                                     const MemoryRegion<byte>& pub_key,
                                     const X509_Time& not_before,
@@ -88,8 +90,6 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
                                     const X509_DN& subject_dn,
                                     const Extensions& extensions)
    {
-   RandomNumberGenerator& rng = global_state().prng_reference();
-
    const u32bit X509_CERT_VERSION = 3;
    const u32bit SERIAL_BITS = 128;
 
diff --git a/src/x509self.cpp b/src/x509self.cpp
index b9e558b7a..9e035ff7d 100644
--- a/src/x509self.cpp
+++ b/src/x509self.cpp
@@ -91,7 +91,9 @@ X509_Certificate create_self_signed_cert(const X509_Cert_Options& opts,
    extensions.add(
       new Cert_Extension::Basic_Constraints(opts.is_CA, opts.path_limit));
 
-   return X509_CA::make_cert(signer.get(), sig_algo, pub_key,
+   RandomNumberGenerator& rng = global_state().prng_reference();
+
+   return X509_CA::make_cert(signer.get(), rng, sig_algo, pub_key,
                              opts.start, opts.end,
                              subject_dn, subject_dn,
                              extensions);
-- 
cgit v1.2.3