tests: Add ability to create sub-certificates in IdentityManagementFixture

Change-Id: Ie49a66c7a85d7e5639e69ed9ead31479fa8307f3
diff --git a/tests/identity-management-fixture.cpp b/tests/identity-management-fixture.cpp
index 8c9f410..0b296f7 100644
--- a/tests/identity-management-fixture.cpp
+++ b/tests/identity-management-fixture.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2016 Regents of the University of California.
+ * Copyright (c) 2013-2017 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -81,5 +81,33 @@
   }
 }
 
+bool
+IdentityManagementFixture::addSubCertificate(const Name& identity, const Name& issuer,
+                                             const KeyParams& params)
+{
+  if (!m_keyChain.doesIdentityExist(issuer))
+    return false;
+  if (!m_keyChain.doesIdentityExist(identity)) {
+    addIdentity(identity, params);
+  }
+  Name identityKeyName;
+  try {
+    identityKeyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
+  }
+  catch (const ndn::SecPublicInfo::Error&) {
+    identityKeyName = m_keyChain.generateRsaKeyPairAsDefault(identity, true);
+  }
+  std::vector<ndn::CertificateSubjectDescription> subjectDescription;
+  shared_ptr<ndn::IdentityCertificate> identityCert =
+    m_keyChain.prepareUnsignedIdentityCertificate(identityKeyName,
+                                                  issuer,
+                                                  time::system_clock::now(),
+                                                  time::system_clock::now() + time::days(7300),
+                                                  subjectDescription);
+  m_keyChain.sign(*identityCert, security::signingByIdentity(issuer));
+  m_keyChain.addCertificateAsIdentityDefault(*identityCert);
+  return true;
+}
+
 } // namespace tests
 } // namespace ndn
diff --git a/tests/identity-management-fixture.hpp b/tests/identity-management-fixture.hpp
index 4df61bf..d792a3f 100644
--- a/tests/identity-management-fixture.hpp
+++ b/tests/identity-management-fixture.hpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2016 Regents of the University of California.
+ * Copyright (c) 2013-2017 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -23,6 +23,7 @@
 #define NDN_TESTS_IDENTITY_MANAGEMENT_FIXTURE_HPP
 
 #include "security/key-chain.hpp"
+#include "security/signing-helpers.hpp"
 #include <vector>
 
 #include "boost-test.hpp"
@@ -57,6 +58,18 @@
   bool
   saveIdentityCertificate(const Name& identity, const std::string& filename, bool wantAdd = false);
 
+  /** \brief issue a certificate for \p identity signed by \p issuer
+   *
+   *  If identity does not exist, it is created.
+   *  A new key is generated as the default key for identity.
+   *  A default certificate for the key is signed by the issuer using its default certificate.
+   *
+   *  \return whether success
+   */
+  bool
+  addSubCertificate(const Name& identity, const Name& issuer,
+                    const KeyParams& params = KeyChain::DEFAULT_KEY_PARAMS);
+
 protected:
   KeyChain m_keyChain;