From cc74f8b7e2aab5da7185052519841fcb2e9ba58e Mon Sep 17 00:00:00 2001
From: Vijo Cherian <codervijo@gmail.com>
Date: Tue, 9 May 2017 15:37:28 -0700
Subject: [PATCH] Made CRL related files in the repo, instead of trying to
 generate them

---
 tests/Test-https-crl.px    | 55 ++++----------------------------------
 tests/certs/revoked.crt    | 41 ++++++++++++++++++++++++++++
 tests/certs/revoked.key    | 51 +++++++++++++++++++++++++++++++++++
 tests/certs/revokedcrl.pem | 19 +++++++++++++
 4 files changed, 116 insertions(+), 50 deletions(-)
 create mode 100644 tests/certs/revoked.crt
 create mode 100644 tests/certs/revoked.key
 create mode 100644 tests/certs/revokedcrl.pem

diff --git a/tests/Test-https-crl.px b/tests/Test-https-crl.px
index 1edb422a..f5b2f3c9 100755
--- a/tests/Test-https-crl.px
+++ b/tests/Test-https-crl.px
@@ -5,10 +5,8 @@ use warnings;
 use Socket;
 use WgetFeature qw(https);
 use SSLTest;
-use File::Remove 'remove';
 
 ###############################################################################
-my @tempfiles;
 
 # code, msg, headers, content
 my %urls = (
@@ -37,7 +35,6 @@ if (@ARGV) {
 }
 $srcdir = Cwd::abs_path("$srcdir");
 
-my $cdir = $ENV{'PWD'};
 # HOSTALIASES env variable allows us to create hosts file alias.
 my $testhostname = "WgetTestingServer";
 $ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts";
@@ -54,49 +51,17 @@ unless (inet_ntoa($addr) =~ "127.0.0.1")
     exit 77;
 }
 
-# Create certindex
-push (@tempfiles, "$cdir/certindex");
-open  CERTID, ">", "$cdir/certindex" or
-      warn "Cannot overwrite file $cdir/certindex";
-close CERTID;
-
-# Create certserial
-push (@tempfiles, "$cdir/certserial");
-open  CERTSN, ">", "$cdir/certserial" or
-      warn "Cannot overwrite file $cdir/certserial";
-print CERTSN "1122";
-close CERTSN;
-
-# Create crlnumber
-push (@tempfiles, "$cdir/crlnumber");
-open  CRLN, ">", "$cdir/crlnumber" or
-      warn "Cannot overwrite file $cdir/crlnumber";
-print CRLN "1122";
-close CRLN;
-
-my $caconf     = "$srcdir/certs/rootca.conf";
 my $cacrt      = "$srcdir/certs/test-ca-cert.pem";
 my $cakey      = "$srcdir/certs/test-ca-key.pem";
 
-# Prepare server certificate
-my $servercrt  = "$cdir/tmpserver$$.crt";
-my $serverkey  = "$cdir/tmpserver$$.key";
-my $servercsr  = "$cdir/tmpserver$$.csr";
-push (@tempfiles, $servercrt, $serverkey, $servercsr);
-my $serversubj = "/C=US/ST=CA/L=Server Mystery Spot/O=Serv/CN=".
-                 "$testhostname/emailAddress=servertester";
-my $servercmd  = "openssl genrsa -out $serverkey 4096 && openssl req -new".
-                 " -sha256 -key $serverkey -out $servercsr -days 365 ".
-                 " -subj \"$serversubj\" &&".
-                 "openssl ca -batch -config $caconf -notext -in $servercsr".
-                 " -out $servercrt";
-
-system($servercmd);
+# Use a revoked certificate
+my $servercrt  = "$srcdir/certs/revoked.crt";
+my $serverkey  = "$srcdir/certs/revoked.key";
 
 my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ;
                    openssl rsa  -noout -modulus -in $serverkey | openssl md5) |
                    uniq | wc -l`;
-# Check if certificate and key are made correctly.
+# Check if certificate and key are correct.
 unless(-e $servercrt && -e $serverkey && $servercheck == 1)
 {
     exit 77; # skip
@@ -131,13 +96,8 @@ if ($sslsock->run() != 0)
 }
 
 # Revoke the certificate
-my $crlfile   = "$cdir/servercrl.pem";
-push (@tempfiles, $crlfile);
-my $revokecmd = "openssl ca -config $caconf -revoke $servercrt &&
-                 openssl ca -config $caconf -gencrl -keyfile $cakey ".
-                 "-cert $cacrt -out $crlfile";
+my $crlfile   = "$srcdir/certs/revokedcrl.pem";
 
-system($revokecmd);
 # Check if CRL file is generated.
 unless(-e $crlfile)
 {
@@ -174,8 +134,3 @@ else
   exit 0;
 }
 # vim: et ts=4 sw=4
-
-END {
-    print "remove(@tempfiles);\n";
-    remove(@tempfiles);
-}
diff --git a/tests/certs/revoked.crt b/tests/certs/revoked.crt
new file mode 100644
index 00000000..68845139
--- /dev/null
+++ b/tests/certs/revoked.crt
@@ -0,0 +1,41 @@
+-----BEGIN CERTIFICATE-----
+MIIHOTCCBSGgAwIBAgICESUwDQYJKoZIhvcNAQEFBQAwgZkxCzAJBgNVBAYTAlVT
+MQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dnZXQg
+VGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtX
+Z2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcwHhcN
+MTcwNTA5MjIzMDE5WhcNMTkwNTA5MjIzMDE5WjBiMRowGAYDVQQDDBFXZ2V0VGVz
+dGluZ1NlcnZlcjELMAkGA1UECAwCQ0ExCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcN
+AQkBFgxzZXJ2ZXJ0ZXN0ZXIxDTALBgNVBAoMBFNlcnYwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDOQ+DNimL/GtTaZZotU21lLk4tZnbLrgJkBjlIWQvU
+N91vhjrQqJDK7pwojk5kKZ4RL+ZBPdd0dYgXMNaDflv9mlwlzTIwy0nveY7/APML
+R4p+PtbmKVP3YXe8kLmgkJklWntu6iCVhESO8PJ/It2KUS6bgr/M2zXN6HiPlgns
+IyH1Mo+Nxtvs7Hz+Qc+37rctmgtSR25qfQtqK4MmzeAGcMIG3JRlVT6B1cjlOmIJ
+23+KCd24tng3+G0+4u1FnIQS0Z25yrPWSvRSZJE678zQDDxzd6gGsuQbG/fniTIt
+Csj/9SV+6C12ZIl/j5snzdNJtb72s5BlcTVIiTXXwOxx+1/IKvTRCpGUDF+7jLHF
+68jIIzbP7z2lSWJz70MDzZoyT63rgnlakrwwcvWK45cCuyHVrItPDOcPbiVfJYP7
+OSafzC2NqtK+JdY5/RWhEJIgm86nbPvZCIh9xAVpVXg4NXLvPBW+hwN1V5GFY6Pk
+9LG2IYEedUabHtojFC8JK8A+cHFsVn1Kur5Gn1aqp/lYotIKZ1hWryFB6gmOfK6J
+RI1Vrj/j/hSfFY5yZFRcb1qlP1Z1yi6X6WFlIU10JRB9qr1Pc5ohDDN9fwtL/n5b
+gzPP22NsOcIomf5PdPTjmI2JKe2cQRPZkatNoKqFmgPy6gR+jm2auQkKDzXhP18+
+xwIDAQABo4IBvzCCAbswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqTa7LrpK
+PiP4/zI29dHqqxgv/SkwHwYDVR0jBBgwFoAUF+2TQ4+npgB11Oi2gg2IN37AbQgw
+CwYDVR0PBAQDAgGmMBMGA1UdJQQMMAoGCCsGAQUFBwMBMF0GA1UdHwRWMFQwKKAm
+oCSGImh0dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwKKAmoCSGImh0
+dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwHAYDVR0RBBUwE4IRV2dl
+dFRlc3RpbmdTZXJ2ZXIwgcgGCCsGAQUFBwEBBIG7MIG4MC4GCCsGAQUFBzAChiJo
+dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MC4GCCsGAQUFBzAChiJo
+dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MCoGCCsGAQUFBzABhh5o
+dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vb2NzcC8wKgYIKwYBBQUHMAGGHmh0dHA6
+Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzANBgkqhkiG9w0BAQUFAAOCAgEAPUgd
+LtrK+WYYhSJkvsa7pB6hUmZFMiqs1/uJqz8b8Q6uX33IXyg5zmFU07d3uOrFYSXi
+MFMhpw2A/D+CbPECaPEWGXII8dh9WlomxpjpZABZ/cmeG2SM7BxVwjIjACscXogJ
+A/Gm7I0hhvYSZ/G+kFbYbSf/Pj7Rz/4KW6WSwwQK23ab00MXBM6jWEueAeWebzeW
+rzWgyyy+GiqgLqQAKQrYtD51uF5Co+S0e2wazORLakvdF/USCBQwX+Pla09Wyf+b
+0HBqNjuxQc278/69Xp0mg8k67oUrWt3zgJ8kDhNIGvLnCB+0595G/z+7+mxdEztc
+BavKAMEDWTSCClwxO6lBQR7+oiNWdaaqHP1SS8sckjtt2jTbmjmRzWWkU+xSIlt2
+waIXS/BYRbyhLuWfxivvRjS7eQogeSP0rtZj/upBwM4xKVPF0bal/LMyEfrY3qV5
+8YXXFhnoVr7q3t0YaioIZXY35QcA5aR+P4XyLnzCTVuKUi172BS8KJBXMijEXxta
+rRQxtHLQeYB5eP/MaC2qMJH/OMR3A9Z7sXYbp/YuE+V/MxcGwAoHWKxMeKtdF420
+HGeKfzMla6uJQk26VEFAt+TYV2KUriPWyL/IPDzAjrSPMF9ZDIMhqELjFYCRGPwc
+X6txpIEgZCGdJWK0H3et8ZSe469AED6oqTfn44w=
+-----END CERTIFICATE-----
diff --git a/tests/certs/revoked.key b/tests/certs/revoked.key
new file mode 100644
index 00000000..2f416059
--- /dev/null
+++ b/tests/certs/revoked.key
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJJwIBAAKCAgEAzkPgzYpi/xrU2mWaLVNtZS5OLWZ2y64CZAY5SFkL1Dfdb4Y6
+0KiQyu6cKI5OZCmeES/mQT3XdHWIFzDWg35b/ZpcJc0yMMtJ73mO/wDzC0eKfj7W
+5ilT92F3vJC5oJCZJVp7buoglYREjvDyfyLdilEum4K/zNs1zeh4j5YJ7CMh9TKP
+jcbb7Ox8/kHPt+63LZoLUkduan0LaiuDJs3gBnDCBtyUZVU+gdXI5TpiCdt/ignd
+uLZ4N/htPuLtRZyEEtGducqz1kr0UmSROu/M0Aw8c3eoBrLkGxv354kyLQrI//Ul
+fugtdmSJf4+bJ83TSbW+9rOQZXE1SIk118DscftfyCr00QqRlAxfu4yxxevIyCM2
+z+89pUlic+9DA82aMk+t64J5WpK8MHL1iuOXArsh1ayLTwznD24lXyWD+zkmn8wt
+jarSviXWOf0VoRCSIJvOp2z72QiIfcQFaVV4ODVy7zwVvocDdVeRhWOj5PSxtiGB
+HnVGmx7aIxQvCSvAPnBxbFZ9Srq+Rp9Wqqf5WKLSCmdYVq8hQeoJjnyuiUSNVa4/
+4/4UnxWOcmRUXG9apT9Wdcoul+lhZSFNdCUQfaq9T3OaIQwzfX8LS/5+W4Mzz9tj
+bDnCKJn+T3T045iNiSntnEET2ZGrTaCqhZoD8uoEfo5tmrkJCg814T9fPscCAwEA
+AQKCAgAEWkxZKg1ywrcxMKmzQSpy0ypVLO9e1vo38CWvUCm+vbsPim6dTqFXlvd2
+p6Ih3Pr38+HRCKQOUhigHKi6N6VrUaGWLqFbhD64LgGFghie6VCT33Gbg83Az66+
+LPOt3r9MmX83VPuBDDyCI7WKV0sDizkHkRfJE+srwDcjGJB3CjrCOOHspQCpHEh6
++RqQEBqPfMu2XcmHt8HQ6MAoxnluyVxe1rLO/KCIDuHhbHz7JkWnvROPvVIGJFjx
+1coaCPaEiyXf8NYgtI45WuPxsXPKBCgWa7UBBy9nHwz5Ntz3NF4PgLXc2rty3yZD
+qd0lVuOZj5tLC3kFmwD72eFn/ys+JtIw9a2wwQ1sGbNa764yY4T3GWLJ6HgHHhPk
+D94PC7wfBFzoZtUoZrE0T4XP8TrM730SERj0HCNfURnYlYR6mqj+0pVTHZaeXEho
+NZdDgdWP0b8v+EZky1L5pgM761GtJ9vKHZMMBj0/hVULIkpVcf5gs5fwGiXzj/o6
+CcSoLP4JvFm8nINH302dBzS0o2bW4fZehvRtiapdu6kXE9k7ZsnpFcvMCxmtHJGd
+p3yRyhqO5CEMVJOVJSpNQqRueyd8X6QRbuFsGG+FcBOTe9DxIcdzKkwHRAo1osRw
+mPF85QzsgF7tWw/AoYzi5FupLud7HUNg4ucQS6NZdKM+DvEzcQKCAQEA7tPxo01m
+z3MAJdHtyG8PE66SNCXBDyoIYhXl1EiYppPn75jjOnaIK0sRSJF9DX6rt+7OX6Jd
+InhqEJKFk22pJ7lcACBZl0Obg9RBTd2hNKWkH5oRvPOHwGC8NF34HDxpgY6utw3Z
+LiLr8nwLZkd7FXGi6GFL0wB2YQhXqn2cJvPSgnNE8HQINU5OHfEMPRhikat8+OoJ
+ZVgm8kQ5N7sy6Up9G2OCF8iV/qkSLYyVATN/5SZmLohSWlSJZIfMJe1tEexSOQEM
+8wQxgBaJNqBXeeEOR7XIrbCcc50ZZ6INzR1Hdakyd27Qi8gOJqCKkAOS8bwlGzMb
+5Na7xm4/GQn5eQKCAQEA3RiO6x66Pmsuz4Q+2+3sZFipX9D1GRnMRVSsgd/HjtZk
+8NkaGXI2NA5GdVXmZrWl/65kAcDsh93+rv1X7hKYkTkpOE+G1Zkj8mLgEN3V0nh9
+WoPcrqthzvRNUUuklJCuxAGA3mgKIUuSW4oBnBgop5EFtz9Y0aai/wP0gdAp4/7S
+CR2g910KgvDtbsAp93hTBrzzu/+Engar5mdZKvqCl7uOxWqSmeaPD1tucraDX0e5
+rd3KE/vXd9RSlcWiJmKkqEiNnsQ2XnwjiE0jJdJdH5z+Vo7OqfexXDsydtFKrmke
+2ZQ+eajLU7iXipiYpM+wWkwGGdUFdJAi+N7T6KUqPwKCAQAe03Zt+JCbmCFdwFHr
+vAH7LV4rou/fUDKSznbCxrgFUDPwphA2PJRo2iCZ+EVm14G8lPNIPsG8sEQobXEW
+TWI3AWLRlVta/dv10RC4xzGGhRbBCXbep6RO/W1taO+cXWPU2CDO+dedb956hu5F
+vlYxt2AqlFxgGMAu2A/QrrPYB0KVmeE9FAz3LGtCzBkjTaFzYeoYisS5sv4b6Rhl
+jCEPIZEyVs602SwbGaGCBZI5/Ha2khVATlIq3Jx7QFfmUVXxqUoXl34fY9wrxzzg
+syN3VMguE1WaraAUACQGT1FutyfBFRyxc7kxQZop/DDGU9/Emd9EOn2QNPM5soMs
+bTApAoIBAAZnMaxphWdNX1uvLsrbxx7Y2n7l5FNHxfy0CRLx0iu21dGL2A+omR1E
+1JGNXVDYLeiLumW6mp8MtNWIjMVeUIDUMPdqhjMlbj8U0fxrEEg6KRc3/moomHqP
+5LVYBXov/n+6s2q9hJ2WPLTd+FH2+SZxMsMt2Hqp4sqT6L7hsnTh6l9NNl4zmZxV
+MeslMZHzMCRf0Ic/TS3ub4gKsjBmdOXEDsx0264NWVNOiJJV6tQVlbENXU7a2lCk
+G4gu4xVNggtFnqRcdl6iJb1KzpvHzd6eg1cqZ53QiJhtNnbudMU8UiJnArAvTUQt
+cmYXKUSMp0TWMs8ItlG74udmPKjeL60CggEAdUp2FbZZEB3/G8tR7Z5slF925zXK
+N8ku/qOUEk3d76kcqYi9XJLmyJAXu9PhQnsN8DpfThOqJUXCh9xtk+1AiHTdXk8m
+BP7RE2oI2aoT9lO0ozwFJBFRRCkd6zTtYJYUbwIk1nayro83xl/AQPF2wRm5unKU
+xl5KJ8I2GCUw4Bh5Gjwk21y6XpPsjO8tfbO5jrAIQVTqab3hAcBouwQNsxNpunJm
+BaP+XYTBNM+HVamwLwDQgtVxPb8WUX8TSTuFv99jpWBYhlhq/OUcbo8f1D7miIFt
+b6UYNl1ofvBtqjlNz3NKJ+S57AN+jcdQfOG8xAiKPWCj1QnVc3aJdr+8bQ==
+-----END RSA PRIVATE KEY-----
diff --git a/tests/certs/revokedcrl.pem b/tests/certs/revokedcrl.pem
new file mode 100644
index 00000000..f863d665
--- /dev/null
+++ b/tests/certs/revokedcrl.pem
@@ -0,0 +1,19 @@
+-----BEGIN X509 CRL-----
+MIIDCjCB8wIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMxCzAJBgNV
+BAgMAkNBMREwDwYDVQQHDAhTYW4gSm9zZTEgMB4GA1UECgwXV2dldCBUZXN0aW5n
+IERlcGFydG1lbnQxEDAOBgNVBAsMB1Rlc3RpbmcxFDASBgNVBAMMC1dnZXRUZXN0
+aW5nMSAwHgYJKoZIhvcNAQkBFhFidWdzLXdnZXRAZ251Lm9yZxcNMTcwNTA5MjIz
+MjEyWhcNMTkwNTA5MjIzMjEyWjAVMBMCAhElFw0xNzA1MDkyMjMxMDBaoA4wDDAK
+BgNVHRQEAwIBADANBgkqhkiG9w0BAQUFAAOCAgEADReMcnUQbWyXE1xYcPHlSAfh
+bBBY2w7e/CUeuCXaalaM9cfdMz0trR+JApdoBg/g+UV/+q8xYXEeQM7wKXOXOax4
+tYpS3+EdCpm1r+e4hhuGBMp01qtoJD8v5y3a77ujXWldgCEJHz05qjtpBkya775V
+w1UzLsbh6DVgrwSEOgMJHYfgJHuPwfD4PpCTSbAUSwNrHXIbDG6zPVyoBpl8WRCc
+4uDWVeh2+N0fmTucbm3x1dBnOol1JXI7LvnVDr+mtQVcHLD9OknNylmLOiuMrpmc
+9PENMdbgRKA4kkHcV9lg37elYubaIBA48Vkssnr90wU6nITLabojWYNEspjqQejG
+QOE78ASG0bS8O4vKxCVx4pX/ZQwcO9BeCnuIOsTlV2KUYiCA6yxNPkPoBjpdfOAB
+j3hu+Jk3S0aX6At1AHDvmtWErEnH4B0gGopt8VJL1ZBEglb9rUIg5OlbTr+x5vIX
+7FVuxhZYSxl1AYGqajmcLIwvucidaIlwtgFGeZR8GZ0y3aFdIoKO8V+wyNEPjI5I
+i9tvavJ23nlYFTQJwNgESIR0voipoiiYeSa8cED28rHfkQvnY2iNsCO+ztxZvC70
+4K0CAIbfhYx1eeIakeFFHdIGPSXf+oFGomij0yt3bZC2h4sFhsr7sYUIMb5KlSSW
+mZ3uHBLaS0xQ9p1vSRo=
+-----END X509 CRL-----