NFD » ndn-cxx

When an identity has a default key, but no associated certificate, signing with the identity will result in generating another key and self-signed certificate. Instead, a self-signed certificate should be created in this case.

To reproduce issue (http://gerrit.named-data.net/#/c/2692/1/tests/unit-tests/security/key-chain.t.cpp@422),

KeyChain keyChain;
Name ecdsaIdentity = Name("/ndn/test/ecdsa").appendVersion();
Name ecdsaKeyName = keyChain.generateEcdsaKeyPairAsDefault(ecdsaIdentity, false, 256);
BOOST_CHECK_NO_THROW(keyChain.sign(data, signingByIdentity(ecdsaIdentity)));
BOOST_CHECK_EQUAL(data.getSignature().getType(),
                  KeyChain::getSignatureType(EcdsaKeyParams().getKeyType(), DIGEST_ALGORITHM_SHA256));
BOOST_CHECK(ecdsaIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));

if no certificate is available for the default key and its type does not corresponds to the DEFAULT_KEY_PARAMS a new pair of DEFAULT_KEY_PARAMS keys is created, set as default and used for
signing. Solved by checking the type of key of the default key pair for the identity.