security: Change the starting time of NLSR certificate Change-Id: I787964cb0200c6c91dea070154c91e5c55b8b478

commit: 191f5fa878eb2f99e8d60f5f3d65ad23a8504753 [log] [tgz]
author: Yingdi Yu <yuyingdi@gmail.com> Wed Aug 06 17:08:52 2014 -0700
committer: Alex Afanasyev <alexander.afanasyev@ucla.edu> Fri Aug 08 11:29:46 2014 -0700
tree: d61bf36b1c80963cc3f5935e8f1245e402080768
parent: dcee936fe32829e7700f2b219381973a4e1edc2c [diff] [blame]
diff --git a/src/nlsr.cpp b/src/nlsr.cpp
index 4065482..e98def2 100644
--- a/src/nlsr.cpp
+++ b/src/nlsr.cpp

@@ -158,7 +158,18 @@
 
   ndn::Name keyName = m_keyChain.generateRsaKeyPairAsDefault(m_defaultIdentity, true);
 
-  ndn::shared_ptr<ndn::IdentityCertificate> certificate = m_keyChain.selfSign(keyName);
+  ndn::shared_ptr<ndn::IdentityCertificate> certificate =
+    ndn::make_shared<ndn::IdentityCertificate>();
+  ndn::shared_ptr<ndn::PublicKey> pubKey = m_keyChain.getPublicKey(keyName);
+  Name certificateName = keyName.getPrefix(-1);
+  certificateName.append("KEY").append(keyName.get(-1)).append("ID-CERT").appendVersion();
+  certificate->setName(certificateName);
+  certificate->setNotBefore(time::system_clock::now() - time::days(1));
+  certificate->setNotAfter(time::system_clock::now() + time::days(7300)); // ~20 years
+  certificate->setPublicKeyInfo(*pubKey);
+  certificate->addSubjectDescription(CertificateSubjectDescription(ndn::oid::ATTRIBUTE_NAME,
+                                                                   keyName.toUri()));
+  certificate->encode();
   m_keyChain.signByIdentity(*certificate, m_confParam.getRouterPrefix());
 
   m_keyChain.addCertificateAsIdentityDefault(*certificate);
commit	191f5fa878eb2f99e8d60f5f3d65ad23a8504753	[log] [tgz]
author	Yingdi Yu <yuyingdi@gmail.com>	Wed Aug 06 17:08:52 2014 -0700
committer	Alex Afanasyev <alexander.afanasyev@ucla.edu>	Fri Aug 08 11:29:46 2014 -0700
tree	d61bf36b1c80963cc3f5935e8f1245e402080768
parent	dcee936fe32829e7700f2b219381973a4e1edc2c [diff] [blame]