From c31e8e7409bf0b2104cd6be89d5608edfe089c3f Mon Sep 17 00:00:00 2001
From: Erik Weber <terbolous@gmail.com>
Date: Thu, 5 Feb 2015 11:31:42 +0100
Subject: [PATCH] CLOUDSTACK-8215: Change Date calculation to Joda DateTime

(cherry picked from commit 03e07c41b5835e2a2007d132a0987cc371537ada)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../cloudstack/utils/auth/SAMLUtils.java       | 18 ++++--------------
 1 file changed, 4 insertions(+), 14 deletions(-)

diff --git a/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java b/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
index 7ad74bc19cc..a6d2d347be4 100644
--- a/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
+++ b/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
@@ -25,6 +25,7 @@ import org.apache.log4j.Logger;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.x509.X509V1CertificateGenerator;
 import org.joda.time.DateTime;
+import org.joda.time.DateTimeZone;
 import org.opensaml.Configuration;
 import org.opensaml.common.SAMLVersion;
 import org.opensaml.common.xml.SAMLConstants;
@@ -89,8 +90,6 @@ import java.security.cert.X509Certificate;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
-import java.util.Calendar;
-import java.util.Date;
 import java.util.zip.Deflater;
 import java.util.zip.DeflaterOutputStream;
 
@@ -315,25 +314,16 @@ public class SAMLUtils {
     }
 
     public static X509Certificate generateRandomX509Certificate(KeyPair keyPair) throws NoSuchAlgorithmException, NoSuchProviderException, CertificateEncodingException, SignatureException, InvalidKeyException {
-        Date referenceDate = new Date();
-        Calendar validityBeginDate = Calendar.getInstance();
-        validityBeginDate.setTime(referenceDate);
-        validityBeginDate.add(Calendar.DAY_OF_YEAR, -1);
-
-        Calendar validityEndDate = Calendar.getInstance();
-        validityEndDate.setTime(referenceDate);
-        validityEndDate.add(Calendar.YEAR, 3);
-
+        DateTime now = DateTime.now(DateTimeZone.UTC);
         X500Principal dnName = new X500Principal("CN=ApacheCloudStack");
         X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
         certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
         certGen.setSubjectDN(dnName);
         certGen.setIssuerDN(dnName);
-        certGen.setNotBefore(validityBeginDate.getTime());
-        certGen.setNotAfter(validityEndDate.getTime());
+        certGen.setNotBefore(now.minusDays(1).toDate());
+        certGen.setNotAfter(now.plusYears(3).toDate());
         certGen.setPublicKey(keyPair.getPublic());
         certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
-
         return certGen.generate(keyPair.getPrivate(), "BC");
     }