From b84c8889a35a8e56969d0f27f22cf197576f0728 Mon Sep 17 00:00:00 2001
From: Erik Weber <terbolous@gmail.com>
Date: Thu, 5 Feb 2015 09:54:49 +0100
Subject: [PATCH] SAML changing date calculation

Signed-off-by: Erik Weber <terbolous@gmail.com>
---
 .../apache/cloudstack/utils/auth/SAMLUtils.java  | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java b/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
index 01388071341..7ad74bc19cc 100644
--- a/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
+++ b/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
@@ -89,6 +89,7 @@ import java.security.cert.X509Certificate;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
+import java.util.Calendar;
 import java.util.Date;
 import java.util.zip.Deflater;
 import java.util.zip.DeflaterOutputStream;
@@ -314,15 +315,22 @@ public class SAMLUtils {
     }
 
     public static X509Certificate generateRandomX509Certificate(KeyPair keyPair) throws NoSuchAlgorithmException, NoSuchProviderException, CertificateEncodingException, SignatureException, InvalidKeyException {
-        Date validityBeginDate = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000);
-        Date validityEndDate = new Date(System.currentTimeMillis() + 3 * 365 * 24 * 60 * 60 * 1000);
+        Date referenceDate = new Date();
+        Calendar validityBeginDate = Calendar.getInstance();
+        validityBeginDate.setTime(referenceDate);
+        validityBeginDate.add(Calendar.DAY_OF_YEAR, -1);
+
+        Calendar validityEndDate = Calendar.getInstance();
+        validityEndDate.setTime(referenceDate);
+        validityEndDate.add(Calendar.YEAR, 3);
+
         X500Principal dnName = new X500Principal("CN=ApacheCloudStack");
         X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
         certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
         certGen.setSubjectDN(dnName);
         certGen.setIssuerDN(dnName);
-        certGen.setNotBefore(validityBeginDate);
-        certGen.setNotAfter(validityEndDate);
+        certGen.setNotBefore(validityBeginDate.getTime());
+        certGen.setNotAfter(validityEndDate.getTime());
         certGen.setPublicKey(keyPair.getPublic());
         certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");