PrakashK94
PrakashK94
In this file libspdm/os_stub/openssllib/openssl/crypto/x509/x509_vfy.c file, static int build_chain(X509_STORE_CTX *ctx); static int check_chain_extensions(X509_STORE_CTX *ctx); The above two function returns 0, thus it doesn't proceed to validate chain.
How to fix this then?
I found the place where it fails, even after giving the correct buffers in openssllib functions. ``` static int build_chain(X509_STORE_CTX *ctx) This line, returns ok = 0 because of that...
Do you have test certificate chain that has been validated with SPDM responder validator tool which uses openssl 1.1.1q?
Test certificates are not present in this format right?
I checked with this certificate chain after adding the certificate chain header, https://github.com/DMTF/libspdm/blob/main/unit_test/sample_key/ecp384/bundle_responder.certchain.der still it doesn't work. Certificate verification was not passed with LIBSPDM 2.3.0 code base which uses openssl...
Any other tool available? Have you ever verified it using openssl verify tool? Can you share an example?