On Wed, Jan 27, 2021 at 06:05:08PM +0100, Stefan Weil wrote: > Am 27.01.21 um 17:53 schrieb Daniel P. Berrangé: > > > In $QEMU.git/crypto/init.c can you uncomment the "#define DEBUG_GNUTLS" > > line and then re-build and re-run the test case. > > > > There's a bunch of debug logs in code paths from > > gnutls_x509_crt_privkey_sign > > that might give us useful info. > > > > Regards, > > Daniel > > > % LANG=C.UTF-8 tests/test-crypto-tlscredsx509 > # random seed: R02S9b95072a368ad370cdd4c780b8074596 > 3: ASSERT: mpi.c[wrap_nettle_mpi_print]:60 > 3: ASSERT: mpi.c[wrap_nettle_mpi_print]:60 > 2: signing structure using RSA-SHA256 > 3: ASSERT: common.c[_gnutls_x509_der_encode]:855 > 3: ASSERT: sign.c[_gnutls_x509_pkix_sign]:174 > 3: ASSERT: x509_write.c[gnutls_x509_crt_privkey_sign]:1834 > 3: ASSERT: x509_write.c[gnutls_x509_crt_sign2]:1152 > Bail out! FATAL-CRITICAL: Failed to sign certificate ASN1 parser: Value is > not valid.
So it shows its failing inside a asn1_der_coding call, but I can't see why it would fail, especially if the same test suite passes fine on macOS x86_64 hosts. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
