diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/tortls.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index b4d81de2f3..9ac5c34f26 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -585,8 +585,6 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa, const char *cname_sign, unsigned int cert_lifetime) { - /* OpenSSL generates self-signed certificates with random 64-bit serial - * numbers, so let's do that too. */ #define SERIAL_NUMBER_SIZE 8 time_t start_time, end_time; @@ -614,12 +612,12 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa, goto error; { /* our serial number is 8 random bytes. */ - if (crypto_rand((char *)serial_tmp, sizeof(serial_tmp)) < 0) - goto error; - if (!(serial_number = BN_bin2bn(serial_tmp, sizeof(serial_tmp), NULL))) - goto error; - if (!(BN_to_ASN1_INTEGER(serial_number, X509_get_serialNumber(x509)))) - goto error; + if (crypto_rand((char *)serial_tmp, sizeof(serial_tmp)) < 0) + goto error; + if (!(serial_number = BN_bin2bn(serial_tmp, sizeof(serial_tmp), NULL))) + goto error; + if (!(BN_to_ASN1_INTEGER(serial_number, X509_get_serialNumber(x509)))) + goto error; } if (!(name = tor_x509_name_new(cname))) |