Bug #3438
Updated by Alex Afanasyev almost 9 years ago
When an identity has a default key, but no associated certificate, signing with the identity will result in generating another key and self-signed certificate. Instead, a self-signed certificate should be created in this case. To reproduce issue (http://gerrit.named-data.net/#/c/2692/1/tests/unit-tests/security/key-chain.t.cpp@422), ```cpp KeyChain keyChain; Name ecdsaIdentity = Name("/ndn/test/ecdsa").appendVersion(); Name ecdsaKeyName = keyChain.generateEcdsaKeyPairAsDefault(ecdsaIdentity, false, 256); BOOST_CHECK_NO_THROW(keyChain.sign(data, signingByIdentity(ecdsaIdentity))); BOOST_CHECK_EQUAL(data.getSignature().getType(), KeyChain::getSignatureType(EcdsaKeyParams().getKeyType(), DIGEST_ALGORITHM_SHA256)); BOOST_CHECK(ecdsaIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName())); ``` if no certificate is available for the default key and its type does not corresponds to the `DEFAULT_KEY_PARAMS` a new pair of `DEFAULT_KEY_PARAMS` keys is created, set as default and used for signing. Solved by checking the type of key of the default key pair for the identity.