Add chain building to TrustedCertificateStore

Since TrustedCertificateStore has information needed, use it to build
certificate chains.

OpenSSL uses Authority Key Identifier in extensions to determine if the
certificate is the same as itself. There are problems with key rotation
when a different certificate serial signs a key with the same subject
identifier. It appears to be the same with the old code, but it may
generate an invalid chain.

(cherry-picked from 3fb088d79e446063ef743362a030e1cfb80b2178)

Change-Id: I8149bed1a0ae537f75da5dc3f3d7e3ccab353f91

0 files changed, 0 insertions, 0 deletions