20bab0
From cb4a91f8619afbdcba40a513ce1d2e5bd652c511 Mon Sep 17 00:00:00 2001
20bab0
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
20bab0
Date: Mon, 13 Aug 2018 17:27:13 +0200
20bab0
Subject: [PATCH] Generate 2048-bit keys for tests
20bab0
MIME-Version: 1.0
20bab0
Content-Type: text/plain; charset=UTF-8
20bab0
Content-Transfer-Encoding: 8bit
20bab0
20bab0
Distributions are experimenting with OpenSSL configured with security
20bab0
level 2. That requires at least 2048-bit RSA keys otherwise tests
20bab0
fail.
20bab0
20bab0
This patch regenerates testing keys, certificates and revocation lists
20bab0
used in tests to meet the security level. The patch also updates
20bab0
scripts used for generating them.
20bab0
20bab0
Signed-off-by: Petr Písař <ppisar@redhat.com>
20bab0
---
20bab0
 MANIFEST                         |   4 ++++
20bab0
 examples/makecert.pl             |  13 +++++-----
20bab0
 examples/req.conf                |   2 +-
20bab0
 t/data/cert.pem                  |  42 ++++++++++++++++----------------
20bab0
 t/data/key.pem                   |  43 +++++++++++++++++++++------------
20bab0
 t/data/key.pem.e                 |  47 +++++++++++++++++++++++-------------
20bab0
 t/data/test_CA1.conf             |  37 +++++++++++++++++++++++++++++
20bab0
 t/data/test_CA1.crl.der          | Bin 389 -> 438 bytes
20bab0
 t/data/test_CA1.crlnumber        |   1 +
20bab0
 t/data/test_CA1.crt.der          | Bin 550 -> 831 bytes
20bab0
 t/data/test_CA1.crt.pem          |  30 +++++++++++++----------
20bab0
 t/data/test_CA1.key.der          | Bin 610 -> 1190 bytes
20bab0
 t/data/test_CA1.key.pem          |  38 +++++++++++++++++++----------
20bab0
 t/data/test_CA1_index.txt        |   2 ++
20bab0
 t/data/test_CA1_index.txt.attr   |   0
20bab0
 t/data/testcert_wildcard.crt.pem |  50 +++++++++++++++++++++++----------------
20bab0
 t/local/07_sslecho.t             |   2 +-
20bab0
 t/local/50_digest.t              |  22 ++++++++---------
20bab0
 18 files changed, 215 insertions(+), 118 deletions(-)
20bab0
 create mode 100644 t/data/test_CA1.conf
20bab0
 create mode 100644 t/data/test_CA1.crlnumber
20bab0
 create mode 100644 t/data/test_CA1_index.txt
20bab0
 create mode 100644 t/data/test_CA1_index.txt.attr
20bab0
20bab0
diff --git a/MANIFEST b/MANIFEST
20bab0
index 2f18a0a..cedca78 100644
20bab0
--- a/MANIFEST
20bab0
+++ b/MANIFEST
20bab0
@@ -60,12 +60,16 @@ t/data/key.pem.e
20bab0
 t/data/pkcs12-full.p12
20bab0
 t/data/pkcs12-no-chain.p12
20bab0
 t/data/pkcs12-no-passwd.p12
20bab0
+t/data/test_CA1.conf
20bab0
 t/data/test_CA1.crl.der
20bab0
+t/data/test_CA1.crlnumber
20bab0
 t/data/test_CA1.crt.der
20bab0
 t/data/test_CA1.crt.pem
20bab0
 t/data/test_CA1.encrypted_key.pem
20bab0
 t/data/test_CA1.key.der
20bab0
 t/data/test_CA1.key.pem
20bab0
+t/data/test_CA1_index.txt
20bab0
+t/data/test_CA1_index.txt.attr
20bab0
 t/data/testcert_extended.crt.pem
20bab0
 t/data/testcert_extended.crt.pem_dump
20bab0
 t/data/testcert_key_2048.pem
20bab0
diff --git a/examples/makecert.pl b/examples/makecert.pl
20bab0
index 221f720..3fc26ae 100644
20bab0
--- a/examples/makecert.pl
20bab0
+++ b/examples/makecert.pl
20bab0
@@ -25,18 +25,17 @@ open (REQ, "|$exe_path req -config $conf "
20bab0
       . "-x509 -days 3650 -new -keyout $key $egd >$cert")
20bab0
     or die "cant open req. check your path ($!)";
20bab0
 print REQ <
20bab0
-XX
20bab0
+PL
20bab0
+Peoples Republic of Perl
20bab0
+Net::
20bab0
 Net::SSLeay
20bab0
-test land
20bab0
-Test City
20bab0
-Net::SSLeay Organization
20bab0
-Test Unit
20bab0
+Net::SSLeay developers
20bab0
 127.0.0.1
20bab0
-sampo\@iki.fi
20bab0
+rafl\@debian.org
20bab0
 DISTINGUISHED_NAME
20bab0
     ;
20bab0
 close REQ;
20bab0
-system "$exe_path verify $cert";  # Just to check
20bab0
+system "$exe_path verify -CAfile $cert $cert";  # Just to check
20bab0
 
20bab0
 # Generate an encrypted password too
20bab0
 system "$exe_path rsa -in $key -des -passout pass:secret -out $key.e"; 
20bab0
diff --git a/examples/req.conf b/examples/req.conf
20bab0
index 0e102c1..da4510e 100644
20bab0
--- a/examples/req.conf
20bab0
+++ b/examples/req.conf
20bab0
@@ -5,7 +5,7 @@
20bab0
 
20bab0
 ####################################################################
20bab0
 [ req ]
20bab0
-default_bits            = 1024
20bab0
+default_bits            = 2048
20bab0
 default_keyfile         = privkey.pem
20bab0
 distinguished_name      = req_distinguished_name
20bab0
 attributes              = req_attr
20bab0
diff --git a/t/data/cert.pem b/t/data/cert.pem
20bab0
index f9ebbf1..2dbc59a 100644
20bab0
--- a/t/data/cert.pem
20bab0
+++ b/t/data/cert.pem
20bab0
@@ -1,23 +1,23 @@
20bab0
 -----BEGIN CERTIFICATE-----
20bab0
-MIID7DCCA1WgAwIBAgIJAMGt8vPHln6wMA0GCSqGSIb3DQEBBQUAMIGrMQswCQYD
20bab0
-VQQGEwJQTDEhMB8GA1UECBMYUGVvcGxlcyBSZXB1YmxpYyBvZiBQZXJsMQ4wDAYD
20bab0
-VQQHEwVOZXQ6OjEUMBIGA1UEChMLTmV0OjpTU0xlYXkxHzAdBgNVBAsTFk5ldDo6
20bab0
-U1NMZWF5IGRldmVsb3BlcnMxEjAQBgNVBAMTCTEyNy4wLjAuMTEeMBwGCSqGSIb3
20bab0
-DQEJARYPcmFmbEBkZWJpYW4ub3JnMB4XDTA2MDcxNDAyMjU0OFoXDTE2MDcxMTAy
20bab0
-MjU0OFowgasxCzAJBgNVBAYTAlBMMSEwHwYDVQQIExhQZW9wbGVzIFJlcHVibGlj
20bab0
-IG9mIFBlcmwxDjAMBgNVBAcTBU5ldDo6MRQwEgYDVQQKEwtOZXQ6OlNTTGVheTEf
20bab0
-MB0GA1UECxMWTmV0OjpTU0xlYXkgZGV2ZWxvcGVyczESMBAGA1UEAxMJMTI3LjAu
20bab0
-MC4xMR4wHAYJKoZIhvcNAQkBFg9yYWZsQGRlYmlhbi5vcmcwgZ8wDQYJKoZIhvcN
20bab0
-AQEBBQADgY0AMIGJAoGBALmepX0NR6d7PL576bH95Y4QYlMdbIB/AD8j1+Lb4t9s
20bab0
-xarNhUh1BeloaEktxIKhVIYW7F8NTQC852zULg9bJkKO9DOgr6AO6gBhu2+NCJsq
20bab0
-8oSUEDfAbUzbxdweMHzHjBrvNRaVyhHYebtok+/a+1rqACHRRjE06D2YLl3lW2uD
20bab0
-AgMBAAGjggEUMIIBEDAdBgNVHQ4EFgQUYL9/vBs4R9mn8bOgubigAZpN3KAwgeAG
20bab0
-A1UdIwSB2DCB1YAUYL9/vBs4R9mn8bOgubigAZpN3KChgbGkga4wgasxCzAJBgNV
20bab0
-BAYTAlBMMSEwHwYDVQQIExhQZW9wbGVzIFJlcHVibGljIG9mIFBlcmwxDjAMBgNV
20bab0
-BAcTBU5ldDo6MRQwEgYDVQQKEwtOZXQ6OlNTTGVheTEfMB0GA1UECxMWTmV0OjpT
20bab0
-U0xlYXkgZGV2ZWxvcGVyczESMBAGA1UEAxMJMTI3LjAuMC4xMR4wHAYJKoZIhvcN
20bab0
-AQkBFg9yYWZsQGRlYmlhbi5vcmeCCQDBrfLzx5Z+sDAMBgNVHRMEBTADAQH/MA0G
20bab0
-CSqGSIb3DQEBBQUAA4GBABBpVOWkoAuAdcYhd9FCbeXXluZ8eECV5x2tnCVl52F5
20bab0
-59M9r4C47Hacdx/B62YkrIo5i0Q7Ppjln+Iq4hdzoqAwnlqpm3hYs/W+BSh77P3b
20bab0
-3Tuzcp4K4nlidow/1/leUf9H/MJIbj0qS8ZNp6SvRt/D+PXl0TWKeQIgw3WkT+ea
20bab0
+MIID1DCCArwCCQCTdQYIPzlw2TANBgkqhkiG9w0BAQsFADCBqzELMAkGA1UEBhMC
20bab0
+UEwxITAfBgNVBAgMGFBlb3BsZXMgUmVwdWJsaWMgb2YgUGVybDEOMAwGA1UEBwwF
20bab0
+TmV0OjoxFDASBgNVBAoMC05ldDo6U1NMZWF5MR8wHQYDVQQLDBZOZXQ6OlNTTGVh
20bab0
+eSBkZXZlbG9wZXJzMRIwEAYDVQQDDAkxMjcuMC4wLjExHjAcBgkqhkiG9w0BCQEW
20bab0
+D3JhZmxAZGViaWFuLm9yZzAeFw0xODA4MTMxNTQxMDdaFw0yODA4MTAxNTQxMDda
20bab0
+MIGrMQswCQYDVQQGEwJQTDEhMB8GA1UECAwYUGVvcGxlcyBSZXB1YmxpYyBvZiBQ
20bab0
+ZXJsMQ4wDAYDVQQHDAVOZXQ6OjEUMBIGA1UECgwLTmV0OjpTU0xlYXkxHzAdBgNV
20bab0
+BAsMFk5ldDo6U1NMZWF5IGRldmVsb3BlcnMxEjAQBgNVBAMMCTEyNy4wLjAuMTEe
20bab0
+MBwGCSqGSIb3DQEJARYPcmFmbEBkZWJpYW4ub3JnMIIBIjANBgkqhkiG9w0BAQEF
20bab0
+AAOCAQ8AMIIBCgKCAQEAuObAe3+RV9kcYqaOHq+Re5pTLA781MYVzNfttL2Vmay7
20bab0
+kIxQIzlBoXyo84hEGXlTgFNcq7gb30h1qEt8+lcddYlB3V/kvRBcP6oH4kEL8KVS
20bab0
+dkBTCZFo3UN18OEteywi24va1iJn/2yJXtgdQZFkfak5CFWqm9WVABFUtRXhfSYW
20bab0
+L6QtzfbikNaeXQU7ofQBVoRw4weiNXPC4kNb9ZHR/D8DngJ1Rqn9Ki5zBhRyy1w7
20bab0
+AIUBasKV9AX0xh7im3ycd4CcpdIE82zunv2nx4gKevJEXZsZB+5eSGqYnVjPpiq9
20bab0
+G2EDomC53fhLr34t3UUnH3OF+jsvfDn/rzQI0D00EwIDAQABMA0GCSqGSIb3DQEB
20bab0
+CwUAA4IBAQA26/P5LxK269AUNEVhNyypaDXu9eMVCwxuh1eqVtu6BsCG1BVWz6JX
20bab0
+jOt3dWRbxHqLjeZkMFGHke/K484/bgdeHDQy7i9+P2J7pEOx2knUEYVkfMfxUHP4
20bab0
+58kyzIbsK03HrzA27gkO8ANZsdVfvbDBbAYIPtDJixuAG7meqURWQx9lpS0n2Qi5
20bab0
+naBrXIa2+nM5GVrGcs4DPCLNXcYE4rzJovnNAttWs35XMuWeU7WdIvmmzBGZ3VC1
20bab0
+mvwV8qf3vNmjsmcBkuoVACJHMEX56VPf3Ouv4GEKtoeQLUA7RvG609QumyR9sgtx
20bab0
+N8R5wURTonbHZj57d9ZRRUw91907BBJJ
20bab0
 -----END CERTIFICATE-----
20bab0
diff --git a/t/data/key.pem b/t/data/key.pem
20bab0
index abc7faa..ec5701b 100644
20bab0
--- a/t/data/key.pem
20bab0
+++ b/t/data/key.pem
20bab0
@@ -1,15 +1,28 @@
20bab0
------BEGIN RSA PRIVATE KEY-----
20bab0
-MIICXQIBAAKBgQC5nqV9DUenezy+e+mx/eWOEGJTHWyAfwA/I9fi2+LfbMWqzYVI
20bab0
-dQXpaGhJLcSCoVSGFuxfDU0AvOds1C4PWyZCjvQzoK+gDuoAYbtvjQibKvKElBA3
20bab0
-wG1M28XcHjB8x4wa7zUWlcoR2Hm7aJPv2vta6gAh0UYxNOg9mC5d5VtrgwIDAQAB
20bab0
-AoGBAIl4hoW0BSJz8gv9R5nMOWvalIeL3iTYaj1Y9XWNdlwUedzC83gzOxqfecTg
20bab0
-wY4hn7DjX1ISTrpCLX97MVWsIwuY4ltmPykoPtVShZvpVF48H8CUqeY9q8zUybpI
20bab0
-w1MS010A4+mvIJjbOukerKiIIueCEo+WmVaM9wnke4R3CRyJAkEA9tnCKwgm+EON
20bab0
-LMWdM7ANTWzBbp1K51fgyceGPfTurakXfivz7xFKaXWQwICj1cyvgKoXPYqkb+8C
20bab0
-vOu/qLbMXQJBAMB/5g5SaBJEbHWKGhB5bmwmota+LgZtRiJcsABCqm3Bvm+qMG12
20bab0
-U+/22Nv0b49LJGuj/2ZiZFGrG3oNXmjKmV8CQCeACvEF2e6KKLIMYS5fMpG8IGvJ
20bab0
-4a2JQ2AmfFW3tuW1FBxNfjg4JRchB+u16gGRQlgtX5CqecurjF2cv8uIjMUCQHyp
20bab0
-FwnFUgIqb3Z61cA/c0P0jVW12UZuM5IDJjM0+PuVEUdtFml8zITE/dELbceFKPPQ
20bab0
-Q5BBPagpv+R9jdsdAM8CQQDwsZea0tdwI1QevKCu0qoR/+Uu3MtoiyC3GGYoXMFK
20bab0
-CS+3apsVr26N555UngM+gk18N1wpiBY5L/rlPd6XiQ47
20bab0
------END RSA PRIVATE KEY-----
20bab0
+-----BEGIN PRIVATE KEY-----
20bab0
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC45sB7f5FX2Rxi
20bab0
+po4er5F7mlMsDvzUxhXM1+20vZWZrLuQjFAjOUGhfKjziEQZeVOAU1yruBvfSHWo
20bab0
+S3z6Vx11iUHdX+S9EFw/qgfiQQvwpVJ2QFMJkWjdQ3Xw4S17LCLbi9rWImf/bIle
20bab0
+2B1BkWR9qTkIVaqb1ZUAEVS1FeF9JhYvpC3N9uKQ1p5dBTuh9AFWhHDjB6I1c8Li
20bab0
+Q1v1kdH8PwOeAnVGqf0qLnMGFHLLXDsAhQFqwpX0BfTGHuKbfJx3gJyl0gTzbO6e
20bab0
+/afHiAp68kRdmxkH7l5IapidWM+mKr0bYQOiYLnd+Euvfi3dRScfc4X6Oy98Of+v
20bab0
+NAjQPTQTAgMBAAECggEAS1aCEQ/eWav12+A/QhOJNJKh1u7YZ526XjeQ/DbPEMmH
20bab0
+txLkyCVZL4JKmMfp73M26a+Nr84ZVTYB8qunZZ0/PJfLhXbADaTv4WTXR4H3ansC
20bab0
+CXqWGuzrjFQjZx1o2aoXHdtzNBLaywEfS8zExuWFy4m62kGFfW9eAaQOHqamtMWx
20bab0
+jt4x8EIfNOZh74TvGw4LtO6y2lFMRmyXcgKS5yKk3uGCfQqOPs3+cWqAzKzD5Pna
20bab0
+5X+NOW5f/6uTQXSJGpgwEi9CAkbWFhqtrpcI14QLXh3shOv/Woh2bNtH8dIhuQ61
20bab0
+Ii6y4p6AkS9jcO5TYeyYRUpf93NM5pwpL0Vi8cKb2QKBgQDiXy3Ah4N8MRRx7WFa
20bab0
+QW+nSqwuYzeq1q9/zOwxpcZo15+wO+XD7196iwos2pjihnprzEbKM5K38Ed14fZF
20bab0
+nwLomYvJRDo7+EI5WHHp0UHzS4K9g70jszx6dV1O0Ili3B/2vc3BAP4btVT40SO2
20bab0
+mchuZsfzENCqXjIfLclDWgvuPwKBgQDRGhBbSSdaEuT04XeVLh30uN2trlsCch1H
20bab0
+K9TNjSBmG8oFu71sse7qDRq5M6ocvUb408F7khMyu+TkXmJvr8vYwQUS3tGobx0O
20bab0
+8ItOdezKE3VKwIOjG7FVlHigI5cp4VMbQkhnogiOa4RSuMFyHPA2qoOB8c/LBDtS
20bab0
+jC/0EmztLQKBgQDFr3i0+aLJgdLo6vRpbVukLIHQwLSMbI82fC6H7M0oIaVCsgwk
20bab0
+35Xx3ho0sXFx4R5npSzsx70JBLxjJcF7azGPDwgT65Evbc3nZmWUWznMzdSOy80Q
20bab0
+sCXQi03A1jwkKTeAsqBMPCGs8N4TrBAUFpgCUZ+rlLOlFD2RHNr2Bl0E4QKBgB6g
20bab0
+YartMQ1ZXR2c9IXuJkcU2Ks6sWvPSQiGm/mrZQZvpYxnbhxAh4zSdIqRzaW992o0
20bab0
+oc82mwdATAtC48oWBpZt1w9ngW/ZLnlktBK+5PrIFNLpFZ7LTJMLVwulituAfEqu
20bab0
+z6oWKoipqMzw8KyFHo3zNaXPxC6pJQM3M0LdfATVAoGANlsxozI12NnDxI/Mpo8A
20bab0
+jWU2usnWvZmzgnwdXvUsTmsX4CMFe5AdOwtmLo7FRHf/Zk7mPtwv/L+25qVNm1Tk
20bab0
+xwrWe3HDhIB007EQUTbEBLgLC6MFNBrGnTA4aeAqTzzddlElDEl+GugjFTDqu92X
20bab0
+PRJOiNmYxBriKl5Gtren1a0=
20bab0
+-----END PRIVATE KEY-----
20bab0
diff --git a/t/data/key.pem.e b/t/data/key.pem.e
20bab0
index 04d8745..d64ec53 100644
20bab0
--- a/t/data/key.pem.e
20bab0
+++ b/t/data/key.pem.e
20bab0
@@ -1,17 +1,30 @@
20bab0
------BEGIN ENCRYPTED PRIVATE KEY-----
20bab0
-MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIFe4I0QEObHsCAggA
20bab0
-MBQGCCqGSIb3DQMHBAgHBvJrPU9U8wSCAoCkU4ujuUqqzCPpTCWMjdvohENVjF5p
20bab0
-bEt31lo+IP/eVCdJLd3sbQhmv0JjTAE2CGnYlapF28WS2ZCCZfSEkNyY4yI/1Cqa
20bab0
-VdHEJ+7QzVkDQJkYmgvXOFJbEXW7uY5TFsI4MFm1bXwAiU7ZXq1kQt3amMGKdUEG
20bab0
-uGNf1D3OH2RTRfdPZSZYI0WQjLbj4q2v1winMU4Kf0Y0LNNYEsiReFzyKAxwCZ0q
20bab0
-01aoNxga7cSWTnwzwXvzgev2rjx2t/0cxK/IrUyVAk97po7jYZ09ug8MRS7mXi0x
20bab0
-t9zsTK9GRKSazlUdJlHOn0QmC5deDBUmOdYWFSSsKGTTOZeBr29UtcdNzMPNVpOs
20bab0
-pHVUVZRBfLWUDeXSksTVhOAcf06NzkhTJ9mcKUqao++pTQgeKJke4/9QL+mqMDNL
20bab0
-4KKn0VQbAbaWupTYVLLG8V4WdSQOoCZQbD86Ss8mFX2oRoB9PBe4hbTrHkCdMuHm
20bab0
-XjfPAU8Z5ys+IQAcRbVAbOGPoFjGMEwFxl8bn1JTSWhbBDATdbyvstpmlTIsGuBH
20bab0
-7tRU68UFK8pIPCX9MNQkpdAq6Yzl3H05mKyoJqYrYnX9xlqOVhgkHv35RWkxfnyz
20bab0
-efnOMzAHn22h2hqCuxqLydyMSKlE0x9jDAgEChTKzwZCg0D461G3aj3b9MG7QvKz
20bab0
-+sOI5+28g+wpVuv+6DNFgizOlndyY6Y8+lU4k87UeL1Mc/lcZMB60hj4ZkEYoGyK
20bab0
-s0UHtqaq82XlZf3OL3aouQojGBw9DGo/1KWISuM1I3ZCxlqh1uEG3rMnaSTjI6Ao
20bab0
-yClYz274wOXPOhvfcoczs9++IXzltKzuFZeLJ0K+gsKTlk+eGhN0lzav
20bab0
------END ENCRYPTED PRIVATE KEY-----
20bab0
+-----BEGIN RSA PRIVATE KEY-----
20bab0
+Proc-Type: 4,ENCRYPTED
20bab0
+DEK-Info: DES-CBC,DE6A2C7184BF2F32
20bab0
+
20bab0
+8lCM0W2c5qeihKEHkyx67fid9BP2Mds+Bw3IZrPscojIk8vyIyPtCypmi7c6ABGc
20bab0
+ovoCMjZiYcLaXksfw53Gkf1hGvWvZsVFU2HF5+aelYEsdZWjad8zzu3fGpCQFzs9
20bab0
+w4p1S1AX7/BYIWsyNG2O2FeraOkw/rsojKegUXpa2RQl8H/YaTqEWBeP5ZPLn1b+
20bab0
+eH9VcY2UMxMDq3Q7IUilrWTNDrjEVtxODSfIrxt0gyhkeupLmvVc2HXa5S6ZAECU
20bab0
+kW3pvppsJwlSlpiBqfhdEa3RenGywpHnPssckcPgSNGIMysDgf97KEEHbxcVLc1Y
20bab0
+u7IPdK2VWTWUpq+vJVJQWeMwtoI2g+2Kohmnkz9ZIAZPoXEIf5V7WP5NdgD0x9uF
20bab0
+B8anLXY7NAgC0Ea6G75mH2eDErzOEAdnt8A6lXr8i35ObX4HphRk71PZ9yLh5dkG
20bab0
+ACp6ISxIRmy4amR4ga4V2H0RNYszthMT1d4QNK1eWK9lCzk078c4ZXRMz9wqGFcG
20bab0
+nDY3qS77nZZATZiY6pLRcOXB4jX+NmBH2k3zUrN3OqQcEfxnPU2rqmKPQL0xRROZ
20bab0
+f7/xNul6OIj491OlXCMLY4fOmS2ynMb84UUBqBwYCPb+NFJUjRDWigPenKuoweS3
20bab0
+3KaVkTff+Jh/OfIr8JV4nYUN/bz7sfKV7wFd+RBwoxuUaOolJ0l4KTX9NR3HJlUc
20bab0
+71PoQe0LaWit77i/DsfNGs2oDPjOM7KYawlS2o8qYaHjpU2wyWq3Z+dkpPmJs+nw
20bab0
+eDQgZkLCniu5q0MCCex1AODEF1fq8mLaJiGu03iR12jf1wdlHlsBS9DuzUc8/JxC
20bab0
+llgaykLoVM0DihtNwlxsvKCo2ySWbzPC7g0YgtcF7AxskJ5K1khsZWCyDjOaD56m
20bab0
+6JejpU3KqoXWDRLIR+TR6Y4coyEr/LI/uCEuiM9jzmLZtT0/IFg2CXz03eLg3MjO
20bab0
+7Z1XGKjuZC+2GbY4TNo3BtQNl5dhC8drddWcD1VvkBjTiJ3JRFTrzZwKpaGNUKUU
20bab0
+86lkqcbVSwJ5CbxnddtTZ1wmUUKybY41O59HNNGtYjnSgqvshXop8+sAgBPYghwc
20bab0
+YPT/mgpFbXhpbII7rGbepEAckRzBEbGBgAK68ck3EbxpPnwX0zELFCpBZV0mEoUK
20bab0
+AWhM6+08r9eb2X1ly0ubs81GJ2FyvTXHOrvoS/FcMjnz6uh6AQtl1qJGOneB43u3
20bab0
+QHQMe9vP5syX5uFkOSVdwz1kk5HJ8ynemrEPNtHY3QnrzjeXuuOEmKmn9u7OXear
20bab0
+aI4F9kifAl4qrrYGnvMtNQ3ENJwg3bH1gR+oyRG7WE+HYV3JA2bYgunXzUcnE27I
20bab0
+GeoAcf9QFMqhG8Q7G14sApXHJn9hdMOS7q8XhnTn+rzzWszu0KqHRfpS7OYd6aDQ
20bab0
+uzjVca9VS/ReLhKv3TvZXUhBY8V5+a1zdWvciyhvJNPci0KZIj9eaPgOQVcHboEd
20bab0
+23JmLSJzqE2/+ym0O/6p3Llst1EiVJTnDUsf27KWyJvzA7EVdORoXM+Zt2gxMdYx
20bab0
+lzYtPsSfhVURYUnRsWWO3q4T76JKz67PRkq/Na2FzEW4HnYTGb7uqQ==
20bab0
+-----END RSA PRIVATE KEY-----
20bab0
diff --git a/t/data/test_CA1.conf b/t/data/test_CA1.conf
20bab0
new file mode 100644
20bab0
index 0000000..f2be31c
20bab0
--- /dev/null
20bab0
+++ b/t/data/test_CA1.conf
20bab0
@@ -0,0 +1,37 @@
20bab0
+# Generating CA certificate.
20bab0
+# openssl req -x509 -days 36160 -key test_CA1.key.pem -out test_CA1.crt.pem -config test_CA1.conf
20bab0
+# 
20bab0
+# Generating CRL in PEM format.
20bab0
+# First you need to reset serial number in test_CA1.crlnumber to match tests before:
20bab0
+# echo 02 >test_CA1.crlnumber
20bab0
+# Then generate CRL in DER format:
20bab0
+# openssl ca -config test_CA1.conf -gencrl -out test_CA1.crl.pem
20bab0
+# Finally convert it to DER format into test_CA1.crl.der:
20bab0
+# openssl crl -inform pem -outform der <test_CA1.crl.pem >test_CA1.crl.der
20bab0
+#
20bab0
+[ req ]
20bab0
+distinguished_name     = req_distinguished_name
20bab0
+prompt                 = no
20bab0
+x509_extensions        = req_ext
20bab0
+
20bab0
+[ req_distinguished_name ]
20bab0
+C                      = US
20bab0
+O                      = Demo1
20bab0
+CN                     = CA1
20bab0
+
20bab0
+[ req_ext ]
20bab0
+basicConstraints=critical,CA:TRUE
20bab0
+keyUsage=keyCertSign,cRLSign
20bab0
+subjectKeyIdentifier=hash
20bab0
+authorityKeyIdentifier=keyid,issuer
20bab0
+
20bab0
+[ ca ]
20bab0
+default_ca = test_CA1
20bab0
+
20bab0
+[ test_CA1 ]
20bab0
+database = test_CA1_index.txt
20bab0
+crlnumber = test_CA1.crlnumber
20bab0
+certificate = test_CA1.crt.pem
20bab0
+private_key = test_CA1.key.pem
20bab0
+default_md = sha256
20bab0
+default_crl_days = 30
20bab0
diff --git a/t/data/test_CA1.crl.der b/t/data/test_CA1.crl.der
20bab0
index 5f2cf7cda71eb473f8732060d87718b8be25bf1b..c3948335cddf709f0d88598194ea850b95b64e62 100644
20bab0
GIT binary patch
20bab0
literal 438
20bab0
zcmXqLV%%iVIGc%)(SVnYQ>)FR?K>|cBR4C9fwm#H0Vf-CC<~h~Q)sXup8*eu!^Oku
20bab0
zlA4=uXvky01>!UFFgrUMit`#;7+4sZ7#bNH7+OYwxt4~;P_BWFfd~_`kVzy^+{nP#
20bab0
zz|z3bz{1!f3L*+p4G}dkwJ^1eS^%^OY__Zj3o{cV6Pml2n;01xvTf1={1^(`!uN&U
20bab0
zy1D$z!<Cg6SKXJYe_)m%u2i&hx$w*Mtm7u^0`)bmk)HzAeR^7&sls7f;Sty{)$O>d
20bab0
zK(NAL+o-QKJDKL{$5%W%Qu_a~6<1Vi_y3ulM^4A+rC2{Xxz3Sk=7bfy^F)@hzK|@D
20bab0
zIBXx|tdyzu%S1
20bab0
zAFWz8#q@n#{F{oGe49k3&zt*D&*
20bab0
za=9_x`Et5_YZzl&o=;QT
20bab0
CGn?E1
20bab0
20bab0
literal 389
20bab0
zcmXqLVr(>Me9gqjXu!+HsnzDu_MMlJk(HIfK--YpfRl|ml!Z;0DKyxS&wvNS;Sy$b
20bab0
zNzKhSG~_Yh0`ZxJnVlUC#d!^l42%sd4Gaw|3=E>cToWJ@!ZoNduwh~rGKoZ1W^55<
20bab0
zpawQWR+NRAi;>wt0%)GB1dE^qzmWloaS+`QQ$dy(m|B=xqUvVErW>dZ=$HjSmqY9k
20bab0
zVPR%sWJ2>Nb7LdJ&gZOGTXHu?F8yjC8E|4>4tL(IwIUA6Q%e5DS9)(%=5@V%dy&E=
20bab0
zSKXJ3wr|=fQak06ZIn{w&XC=a;nwl02@A_^UFh+h^6s&p_s$s0;$jc4!gm(uR;hk)
20bab0
u(v$Eiu=u;vQ^{mgDnm=ScfrSX`&!d>w`Z+0OaHazVsy4$i0A>|I~f3)J7|*t
20bab0
20bab0
diff --git a/t/data/test_CA1.crlnumber b/t/data/test_CA1.crlnumber
20bab0
new file mode 100644
20bab0
index 0000000..9e22bcb
20bab0
--- /dev/null
20bab0
+++ b/t/data/test_CA1.crlnumber
20bab0
@@ -0,0 +1 @@
20bab0
+02
20bab0
diff --git a/t/data/test_CA1.crt.der b/t/data/test_CA1.crt.der
20bab0
index 8031955a343260c858d3ad207938f08543809bc4..01e7c745fd99c3233f5c8f0eb92484471f1e6a85 100644
20bab0
GIT binary patch
20bab0
literal 831
20bab0
zcmXqLVzxGDVp3kf%*4pV#L4h!Rc|(n^zzjPylk9WZ60mkc^MhGSs4tp4Y>_C*_cCF
20bab0
z*o2uvgAMr%ct9L39#)ss+
20bab0
z&>ScL<bVZ8Gp>nI3E4S}tPIRejQk7+O^jSjO^l2TFU4Y)bsjn9&-i?Hs&q=A15=@=
20bab0
z>!IHz*TPipFv*?#_mQLg?FFOSz&z8$bK7_>$0fIRaD}fpv*~_bxOZ0cy%0&egJN#}
20bab0
zKNCM@Ox<%qIaoMK@qxr|xm7W5Y%lt)y1rb@J$vriJwGNiRH$tDSiYiu;hOK!PafU1
20bab0
zlq<aHe>9kFVb+~F8uRvY&x*OmFzF`O(*s9plJf8Fz9y%jc=nWP#JjsJOs}NF)SK?z
20bab0
zNUGiO(PP?rFZT)3+dC%tPFbMQ?N#0)%3;^m?lbM@orSCR9z4++IHj({jYGv~-icmc
20bab0
zfpvf8KCW2g_>)&a=TTf~!bI1kP`MjlUw_`co?pCvPg?%ub5j;dJ8fiQW@KPooL~@V
20bab0
zzz>WBSz$)T|17Kq%s|S38zjKb!UBw4HUn7@hmS>!MPzaDm*x*!=2i(vU5$O%@%4J~
20bab0
ziZFizd62X+i-dt#19k
20bab0
zC}eum<CIDJCRr>g$ts?a!4s2uWUb7RTOM13ub+P~&%i3Ge_C(*xwEf-i|w9$T}<k>
20bab0
zo?TQ_
20bab0
zxb~fjo%PaY@r^%ca(8`aD_yLgSGFPNM<#0)mrKTHfe#%A6q|0T3C&%)R5PW=YNA*f
20bab0
zXWKQ+{r64yD)oN-VDV6>EX`T*;OXQ)mF+%LbM!lRzT`|ip?rv|%0uzc{hXLA`3a>v
20bab0
l%Vo_{f4yg3QW-yG+pTNNPH}S6KC2$lyK_)5e5FtFCIFX)M(Y3o
20bab0
20bab0
literal 550
20bab0
zcmXqLVp1|_V(ebP%*4pV#4KbIX28qFsnzDu_MMlJk(HIfK--YpfRl|ml!Z;0DKyxS
20bab0
z&wvNS;Sy$bNzKhSG~_Yh0`ZxJnVlUC4HU$A4UG&8fe;L$B>0UCfxyTZh)gX_Eu%;?
20bab0
zu5muHYZzG>m>YW;3>rI`8XFl-$1E`8ZhxQoW%}E^(-)5zuP)O~a+#rP@aTeGoWJ{(
20bab0
zXgP
20bab0
z6AYd>+1ym_Q+4dv5G%?1N@UH{9~UgOTc3yPDo=c}pQWZ+
20bab0
zW@KPo9Apq+zz+-nSz$)T|17Kq%s|RO79_yOBE}+eLgv;au9Y4fR%K
20bab0
zFyIDB^Ruu3gPhGkkc~5;&4aP+hZ7?sNQi+Q*~`EPU
20bab0
zU&)qLWwX%VOp&>{f_e+(4r{n*-`?}`mBQ3BKfT4BAKFhfzu$ALtxWyw`TX372cgWX
20bab0
zDrFZW@R#+3|K8E
20bab0
TT4H7auk;zVYy%?~W2K7#io&(K
20bab0
20bab0
diff --git a/t/data/test_CA1.crt.pem b/t/data/test_CA1.crt.pem
20bab0
index 20196a8..bf94476 100644
20bab0
--- a/t/data/test_CA1.crt.pem
20bab0
+++ b/t/data/test_CA1.crt.pem
20bab0
@@ -1,14 +1,20 @@
20bab0
 -----BEGIN CERTIFICATE-----
20bab0
-MIICIjCCAYugAwIBAgIDEjRWMA0GCSqGSIb3DQEBBQUAMCsxCzAJBgNVBAYTAlVT
20bab0
-MQ4wDAYDVQQKEwVEZW1vMTEMMAoGA1UEAxMDQ0ExMCAXDTEyMDEwMTAwMDAwMFoY
20bab0
-DzIxMTExMjMxMjM1OTU5WjArMQswCQYDVQQGEwJVUzEOMAwGA1UEChMFRGVtbzEx
20bab0
-DDAKBgNVBAMTA0NBMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy1ygNguH
20bab0
-72n0l+1uy9HEM6t2LWJEmC0w4tAuXk9H1FseQMV28eBQXdyg3wK+yli6l6c9k9Aj
20bab0
-HAZ/6TXTVmOxtTgkXbvHlwcE3pTiHJSvZWGQMORCPNkjjiVBiLBdGQ3qFKyV+NA5
20bab0
-K4XnVy0jkeS/BHx7KO7m+DOLVow8FO1CstUCAwEAAaNSMFAwDwYDVR0TAQH/BAUw
20bab0
-AwEB/zAdBgNVHQ4EFgQUyBzakgqpSAg6dnYVOATxNNkV0CAwCwYDVR0PBAQDAgEG
20bab0
-MBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQUFAAOBgQBG1QBfo1kZRN50
20bab0
-/a3ZoQufIj0FJLMS/WkUnW0RLqEewyhEK9u86eoglcz5SxdD4T+VN9+MxoZ2J83P
20bab0
-b21Y4FUDqnkdoGAPdoxX+7iLQcxVoMK72n72QSSzvfnjsr9+pazLp1P6ZK9epbZf
20bab0
-s2WM0ty3a+sYmXANG8wGazAyRDMi0Q==
20bab0
+MIIDOzCCAiOgAwIBAgIJAPKqjWsEG6erMA0GCSqGSIb3DQEBCwUAMCsxCzAJBgNV
20bab0
+BAYTAlVTMQ4wDAYDVQQKDAVEZW1vMTEMMAoGA1UEAwwDQ0ExMCAXDTE4MDgxNDA5
20bab0
+MjUwOVoYDzIxMTcwODE1MDkyNTA5WjArMQswCQYDVQQGEwJVUzEOMAwGA1UECgwF
20bab0
+RGVtbzExDDAKBgNVBAMMA0NBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
20bab0
+ggEBAOkWXaaJxMZPAeebZRtkUUACcUlFwvt01lYk3AIeyf7xCHft0DJ9UW41Yc62
20bab0
+DNNeY4WICleozLLfbldLalveVBk+wRZGT/lh8WiVvNAjUxNaIeAY+x6qXOw90U6q
20bab0
+16cWR2udzbz4kIB4JLDxd6h/oaz3W+Ti3TkecdlPxVMGoWrcnCievQuaXNYAktkK
20bab0
+5cDEfGJv3bvWHiAhzcolWO7dBALqG1Yngt7YYn248UiWr0pHkBu3iJJNlKAoi0p3
20bab0
+hBUIPoaHTJb53KGqvcHIhVGUfnRGCCQynsiNTRCu/J3jeKJB+Q0QLOJedWCRRWJV
20bab0
+Htj16/O7rw8Xf7xmb5POlKEbQrECAwEAAaNgMF4wDwYDVR0TAQH/BAUwAwEB/zAL
20bab0
+BgNVHQ8EBAMCAQYwHQYDVR0OBBYEFKNz9IPwtJ16EBrVXeGI9ddzqFZPMB8GA1Ud
20bab0
+IwQYMBaAFKNz9IPwtJ16EBrVXeGI9ddzqFZPMA0GCSqGSIb3DQEBCwUAA4IBAQDg
20bab0
+AwYC+oQhav6jtTIkWmac8ykSc53JhvKclfSPElSXguNkkr6SOKR0anOYaAxcZcSt
20bab0
+HMTaSLVT18/gnjA6Wo+WjYfOzev7Frub1xYa2y4+WlpZkh3gBqdXkvNK9UV+/5Ay
20bab0
+v6DZ9QUfWNVw6M24IZrmEfIuoMcmKeVP3raXx8QKvspdmuk8o9j8zG269wZ1oy9u
20bab0
+drBs+GkFagpEaPMQ8IjAIYLaJhKdpaUpZIw6kRZ2CYbWKb/fNA55Lvr4BEggeXVs
20bab0
+qODlk/x5h0yVbC+JuekJYcgjwgp6SCHC32xcah+Qdbl3HTZl+u8DpHlflLba1gNC
20bab0
+Xh6W8yXELtzBEVepTGOy
20bab0
 -----END CERTIFICATE-----
20bab0
diff --git a/t/data/test_CA1.key.der b/t/data/test_CA1.key.der
20bab0
index f47e283ca3590063a86aa5297bf1ef0c1981b945..59d9ea111028173c4c6e1e720d8c21d216b0fb55 100644
20bab0
GIT binary patch
20bab0
literal 1190
20bab0
zcmV;X1X=qqf&`)h0RRGm0RaH%7G0)^#Kunn=bL34WKlo@aY;qO`*hY;B-{cX$^P*O
20bab0
zckR$JeNk>TVa~P;(_UkRhzeJz%(CBZS4(PJ-c%Vr!4^hO`C;*BmAud+QxjSt;28TJ
20bab0
zs$A?n(N3z@rxr(Roz1-Xkbrn3u<>`Of1#}RTjb*1IUaG@PsLLPp=#WmD4x9wnq1ZZ
20bab0
zlGzI7z{GrFZ{54r9v~sj$|YFt-2?*a8&)TR-q>P&xbaAquS!Rd8@Gs(O_ZQ0i%NHd
20bab0
z6$n0thfJ3F+@Y$y!N`SClzwzZ2qZF|$c;@9uKb
20bab0
zyRQ!yf4pXIlg^Z(8$z)H0|5X50)hbmZusd5dm1KKLrvqH6_|rwcuPB3ZDo$o
20bab0
zrvw1b{QE3SEnT3&S;YZIhkvrRt3rdi3~{*6%a-6C`7$=s_8zm|G66?&N*d5qKpit*
20bab0
zd^J~ZXTUI#fi(ZYGXE$FMBq}bpQ0S77QgS7%CJdiGBunTuDzWT6D4_y_v0=eh0|-F
20bab0
z4LTW^i0x}hP6sZXZM0qYyS4Chmt@{SrVE0;CrezwV7nv-o7#*FVrySyvn;
20bab0
zKdIWZ!;vary&01xX$CvipiQ{j_d&otAm~-blKpK?3^#Rd%wr)Q`6(Jtor7p<`D~tu
20bab0
zn={#4m5Sr>r8o_`bK_}^-kRm%0)c@5_lO}qDXFA+69pqis@XK5Zt9P6>eWhsat4Mw
20bab0
z>-Jh8^bgLA1c+!a4(9g96RrOhEyK@nA0jc$=LmS|_FvW_dn?7JcZ*ml8dXDWJK^47
20bab0
zF!D1T&av8Xuu)7_*zK~S!`*S}7=DN6gKQQ0<)rt2qobj~XlLA)Zw}ZZbfwB20)c@5
20bab0
z@ejL}jhdZAB~SViby=b*wtDO2`6nq>X9$yQ{J|wmjuegURG7J_r4d>PTh^I4)C?Q*
20bab0
z9)Veux$pD=*W~t~fc3D2LC(V9)3%*NbWD_@PSuC5aq5mV{dADtK;!->+`VD6eMs3r
20bab0
z>tv8Zly{`|`pbq6?6z3BPwceJbg!1B0)c>OnzB=!%DPz1Jd5Z;OPHXh>3ez8rdzt8
20bab0
z>ldlW>A6}3#u%Wp?p{Q7UnDu2v&i@eCRzc*#+vB$fG^eIKGEc~7vQ5jtv*+Z+=YL<
20bab0
z
20bab0
zfq*;V#Gk31cH^$WCq>?n-H)#v>Fj@46BN6Xjmym)&Au+JJalkJU>97e>dTnKzFRku
20bab0
zs(->
20bab0
z2oLaSlFWBSAzhgNW!2wDjMBT``6;mS&0zw8fCO%29Nhc7wI$JrU0>U-3ulc3C-6jZ
20bab0
z@Xa5J4~-GMFDGKVjdT%l6+scKi(o>4^t-B*j_mPRlXLiWs^#?&amp{}6`gNSrD!Fs
20bab0
z6Q1~>kmz>A=cmsy`o;aNZ|s@8XEs$`9qUEZ`V1-=dlq~O$gm&Y!T7wdiWgQ#Jr
20bab0
EJ2kXXod5s;
20bab0
20bab0
literal 610
20bab0
zcmV-o0-gOZf&yLw0RRGlfdI=~pf(GK?`iax?QYA_#51dQEn-BNEimHHE?!SZ)LR}v
20bab0
z#dh)FP+i=h-vYkMSh|;|J(JKQ90q^sHPcpOv9&lPUAxDZ2L#@f;vAH(Wnqvo
20bab0
zBaS6Oh_GE54eAuEmH5y(D~0D*EhCZSzXW`HDDLL?GmBP?JQVFhveg0u0RRC4fq*)^
20bab0
zp(UFI12~pN|8*VrlXTq_KplScc`*Wk;IgW*b9-^@fm}|OT!0V8gF`mD84#n^(J4(=
20bab0
zrn8mgRREfnCh$#Inpqu
20bab0
zW_7`Vb_B#w%86AetP(}7f#rgDg$)8h0Qp?AsUgVO$H98kPEyeRi{hsD#@mP966F~Q
20bab0
zh9>xazG-J6cx0ZM|Fn$ONT|>~UES-}LGo_SzNV{ytC(g?*8)KR(8hC!krOVdrh*Ks
20bab0
zd`0U%Xz1ZNDdpp(Q-ZHDAc~L2!3|vwNCvtUWL8u7>(Z4GjRs)xCH|#FF!a58{W&}{
20bab0
z0zm+n1A9Wx<*{9*1xyFCRMgl~1D9zM%W(zs!=IYCha^1D
20bab0
zKnD$s%^(~3Uh~1H)-_=QK>*1?1kQO&Oo%Q5-^0(KcMVE}bJ%YaHAjLWP*J)Z*iCOl
20bab0
zI+!uWic4hG^Gw;tz5A6uxa7VAqrLZAb?m`@6A=PI0MW|-r=v@lMzw7_Wv4G)sakMm
20bab0
w4XEt$gdSh2A*|=jsV7%bB;&F&mlQ=Y8`dPBSMURc#tTr?jsQ)2o|)<zV1+>_GXMYp
20bab0
20bab0
diff --git a/t/data/test_CA1.key.pem b/t/data/test_CA1.key.pem
20bab0
index 78f0c3b..f3bd4a0 100644
20bab0
--- a/t/data/test_CA1.key.pem
20bab0
+++ b/t/data/test_CA1.key.pem
20bab0
@@ -1,15 +1,27 @@
20bab0
 -----BEGIN RSA PRIVATE KEY-----
20bab0
-MIICXgIBAAKBgQDLXKA2C4fvafSX7W7L0cQzq3YtYkSYLTDi0C5eT0fUWx5AxXbx
20bab0
-4FBd3KDfAr7KWLqXpz2T0CMcBn/pNdNWY7G1OCRdu8eXBwTelOIclK9lYZAw5EI8
20bab0
-2SOOJUGIsF0ZDeoUrJX40DkrhedXLSOR5L8EfHso7ub4M4tWjDwU7UKy1QIDAQAB
20bab0
-AoGAOryhJZsFAziWRf91HfeTdN0UQB1+9HkxAoHgsqqxc3tx7IFcTpZcgA/Gg0M2
20bab0
-uhkQo9bRKU1XprOV5FUAmpYm8E1YmlkdjbkT/JAA2/s4hJH3Z5Bp6rngQzqb1cqw
20bab0
-6Wcfg7n5w6TVAX4Jk2Z1wYF2BMRQyolVKawSRa2B5YJ4hQ0CQQD5XLOpIcjZx8F6
20bab0
-1E5S0P6L4qb3xtuH3hLlGQmGJvh+vmlnIXhknpr/tIzWSKjQPV3d69ZB8m7Ovqar
20bab0
-gKuYZkzXAkEA0MZziJETLqmmggyrfEXrPmjo4Tkp5eOlU4KvMiCKj8fBDV0OSAa6
20bab0
-FWRWU/jr0pURjQZg8SX+pUUw9L16/Tk8MwJBAJgDe0LP5bFdpQVMB7NU1NhSA5dp
20bab0
-EstxBfPDn5q4hyQ8z+Se8tXkGnlnh7PZ94962Y5ABw2MzSAb+V7zwafWNWECQQDJ
20bab0
-QQTOeUtMiC4C38PPoHcNSoRz2G8TNUeCIVBRuhzYTW9EOpgxxopLZNXzTNnHvfuV
20bab0
-PrjkvgOjvfdbdezBfhMRAkEA0cr/p6NLmEa1bTtlpy9dqVpwZg2o7PKEHl+qIazn
20bab0
-zKknV1Ik47IylxRFMRvWJJ9X8AOFxgtQ1I4ATXuemeoaYA==
20bab0
+MIIEogIBAAKCAQEA6RZdponExk8B55tlG2RRQAJxSUXC+3TWViTcAh7J/vEId+3Q
20bab0
+Mn1RbjVhzrYM015jhYgKV6jMst9uV0tqW95UGT7BFkZP+WHxaJW80CNTE1oh4Bj7
20bab0
+Hqpc7D3RTqrXpxZHa53NvPiQgHgksPF3qH+hrPdb5OLdOR5x2U/FUwahatycKJ69
20bab0
+C5pc1gCS2QrlwMR8Ym/du9YeICHNyiVY7t0EAuobVieC3thifbjxSJavSkeQG7eI
20bab0
+kk2UoCiLSneEFQg+hodMlvncoaq9wciFUZR+dEYIJDKeyI1NEK78neN4okH5DRAs
20bab0
+4l51YJFFYlUe2PXr87uvDxd/vGZvk86UoRtCsQIDAQABAoIBAG746Ql7GiZYQ03j
20bab0
+nBWYg154SztZbWWO0OUek2inBADO/PssTC1doMFZxQFHh3+ytqtCg7oMcbjPy5bg
20bab0
+HvkyNtP2HrPeMgFHckoa0FRAHTNffDVXb2fAMJGBNP/BMv8oCkTgUq2fohyoFr/v
20bab0
+lsqwSWcyNZwZrr2dExMleYr34y4ehdNrnw06GZiI7WtJTgcunW20Xfe7tfBzl2Te
20bab0
+QaYLgr4nS1zAYLskB5vajAxia19ksyy/Ox69/bw/qdq0w5EqYL0ZkyZpBjvWoE24
20bab0
+2/dBwD0g6FXGkv1tTgw3dW7MYyEe+SkaT52DaGr5bJ6ImzPZW5WK4/GlOA26c+Np
20bab0
+jd6a5eECgYEA94ghPSmppHkTBSNGqtk0oW7qj3Lq1UqAcgaGO+v2WiD0D86MBIho
20bab0
+Lw7m9scTrf8VLcPPcB8iMc3nCHjp9l/WInsrxaZ3i1gpGlVDbTvh3mAw8jMczrHa
20bab0
+cLBRTFbY7bKiw91x6hh+h+eDbBX65aT3f6OjocBoZ9yXbw7YInSlyh0CgYEA8Q+7
20bab0
+lo2anUQlT/oSdVmiKbZ66+T5JylWZwiTbPzBJUyOFI3tVJi5qKURWghb1pk41Awb
20bab0
+8x6BWZS57/QB1+T2oID1sIVBzsLg07adRHRMlKJO1YeuceqONP10kN5A4/4o3L1h
20bab0
+tH1I2UDrZJBClHek9vrLhg7stli5T+y0zHSvlqUCgYBpmrJTncq6WM08i+hCS5ig
20bab0
+pul7edOmW7qg6xepyOm5WgXGGKCz7l5EdV8kOZqzyPgIJloBw8aa6PWAL9XhPtHk
20bab0
+tBfgozytPleK3IV/vOSIMxGuww+vP0Gqgg6tOwAhqOy4E2neLcUNxj/ThS0dfFv7
20bab0
+IJ1XDPd+GCajQvoC+TEiIQKBgDvhxJ+pnXbjrsEnRd6Q3Y+vHOnsf1gTFLuTjcvN
20bab0
+Hc2+Lq08dHBHYBdcqerLmMS+WzeRqn/CXC98mpPY8XxIDFvirSWkdKyADImLG5Yd
20bab0
+rcheaWbxxYvW0GypaYNzMntwb4YmJVdIqAgP8GmSzHdFIV2Y/2XV30eM0rvf+Smw
20bab0
+8s1hAoGABG5kHNz7vLUl0YhdX9uuC2eNAyfwRHHwzR+KD40RvS8nYruNdBFxFUER
20bab0
+rItgQoD0u6qUjuzxWJNz+HWq5fURccov5xWdb0+laCWtE574oJDodsTnp88y+sX9
20bab0
+rW/smbxnNlVdHetF1PoMKhl7FnwKyLAf3sH4vK+KF1ZHPRalyTs=
20bab0
 -----END RSA PRIVATE KEY-----
20bab0
diff --git a/t/data/test_CA1_index.txt b/t/data/test_CA1_index.txt
20bab0
new file mode 100644
20bab0
index 0000000..2a43cd5
20bab0
--- /dev/null
20bab0
+++ b/t/data/test_CA1_index.txt
20bab0
@@ -0,0 +1,2 @@
20bab0
+R	120309010800Z	120309010838Z	123459	unknown	/C=US/O=Demo1/CN=foo
20bab0
+R	120309005800Z	120309005859Z	12345A	unknown	/C=US/O=Demo1/CN=bar
20bab0
diff --git a/t/data/test_CA1_index.txt.attr b/t/data/test_CA1_index.txt.attr
20bab0
new file mode 100644
20bab0
index 0000000..e69de29
20bab0
diff --git a/t/data/testcert_wildcard.crt.pem b/t/data/testcert_wildcard.crt.pem
20bab0
index 7270c0c..4ca418d 100644
20bab0
--- a/t/data/testcert_wildcard.crt.pem
20bab0
+++ b/t/data/testcert_wildcard.crt.pem
20bab0
@@ -2,15 +2,15 @@ Certificate:
20bab0
     Data:
20bab0
         Version: 3 (0x2)
20bab0
         Serial Number: 137826015233 (0x2017121801)
20bab0
-        Signature Algorithm: sha256WithRSAEncryption
20bab0
+    Signature Algorithm: sha256WithRSAEncryption
20bab0
         Issuer: C = US, O = Demo1, CN = CA1
20bab0
         Validity
20bab0
-            Not Before: Dec 18 17:15:18 2017 GMT
20bab0
-            Not After : Dec 19 17:15:18 2032 GMT
20bab0
+            Not Before: Aug 14 10:19:01 2018 GMT
20bab0
+            Not After : Aug 15 10:19:01 2033 GMT
20bab0
         Subject: C = US, ST = State, L = City, O = Company, OU = Unit, CN = *.example.com, emailAddress = wildcard@example.com
20bab0
         Subject Public Key Info:
20bab0
             Public Key Algorithm: rsaEncryption
20bab0
-                RSA Public-Key: (2048 bit)
20bab0
+                Public-Key: (2048 bit)
20bab0
                 Modulus:
20bab0
                     00:bd:5e:c6:d8:01:f5:cf:85:fe:eb:9b:60:dd:e8:
20bab0
                     8a:98:09:59:5a:71:fc:a2:ad:38:73:0a:cd:d9:5e:
20bab0
@@ -45,21 +45,28 @@ Certificate:
20bab0
             X509v3 Subject Key Identifier: 
20bab0
                 4B:42:86:BA:E2:BE:3D:40:0D:11:1D:66:E7:BE:94:39:B2:84:D3:06
20bab0
             X509v3 Authority Key Identifier: 
20bab0
-                keyid:C8:1C:DA:92:0A:A9:48:08:3A:76:76:15:38:04:F1:34:D9:15:D0:20
20bab0
+                keyid:A3:73:F4:83:F0:B4:9D:7A:10:1A:D5:5D:E1:88:F5:D7:73:A8:56:4F
20bab0
 
20bab0
     Signature Algorithm: sha256WithRSAEncryption
20bab0
-         20:cb:ec:9d:8b:e8:2d:61:74:5e:30:b0:95:88:4e:80:09:df:
20bab0
-         c9:7f:b0:c9:d2:19:4e:2c:5a:eb:02:0f:ce:e8:8a:52:fa:22:
20bab0
-         59:b1:c3:7b:39:db:f0:7d:9a:91:19:ef:d5:f7:73:5b:6b:47:
20bab0
-         3d:48:c3:c7:4a:2e:7b:7f:3d:ff:65:53:11:21:95:2c:00:fd:
20bab0
-         39:76:25:8e:05:68:c4:b9:cc:bd:ca:28:60:bf:6d:4c:00:d0:
20bab0
-         4e:b4:4c:62:6b:34:48:2c:60:b9:33:76:3f:3b:72:57:11:ec:
20bab0
-         f4:2d:5f:b3:f1:a1:c8:d4:5b:5f:23:6b:b0:ec:28:5a:0b:43:
20bab0
-         7f:e3
20bab0
+         07:43:9b:e0:21:e6:e1:40:35:09:f3:d6:62:0d:7c:d2:6d:78:
20bab0
+         75:6e:59:57:00:d9:4a:b2:cd:9f:9c:d2:38:85:bc:f4:d0:bd:
20bab0
+         b5:20:06:af:ed:ae:0a:19:2a:01:af:25:4b:e3:3a:c7:58:a9:
20bab0
+         5f:bc:86:6a:24:30:2d:0d:bb:1d:3f:dd:98:75:9a:4c:1d:d0:
20bab0
+         a1:8e:43:11:b9:3a:ba:c5:e4:ec:0c:6c:da:b5:34:2a:ab:3f:
20bab0
+         fb:87:27:d2:32:ca:f9:65:1f:f2:ed:e7:7e:c0:11:30:5e:3a:
20bab0
+         f7:97:58:52:ff:e1:be:93:cd:96:03:48:53:bf:58:65:a5:20:
20bab0
+         09:d9:9b:7c:03:f0:39:61:28:01:92:3e:27:ed:bd:0d:94:06:
20bab0
+         cd:dc:d2:34:04:99:29:fa:5e:1b:bd:70:0f:86:5e:30:df:33:
20bab0
+         fc:4c:89:b5:56:a1:f6:24:c9:1f:aa:86:ef:51:62:39:22:a9:
20bab0
+         a1:ed:d2:42:f6:c0:c9:45:7f:d7:ce:3a:18:ec:5a:8e:57:2e:
20bab0
+         48:c7:d8:90:1b:a6:2d:30:4b:ad:3a:f4:a7:90:ed:da:37:2f:
20bab0
+         b9:9c:ba:3c:08:b6:d7:53:d9:ae:34:5f:9a:02:8a:65:20:93:
20bab0
+         17:be:e5:7e:3a:11:10:8e:d2:0c:58:bf:20:32:02:f8:05:de:
20bab0
+         cd:2e:82:f1
20bab0
 -----BEGIN CERTIFICATE-----
20bab0
-MIIDhjCCAu+gAwIBAgIFIBcSGAEwDQYJKoZIhvcNAQELBQAwKzELMAkGA1UEBhMC
20bab0
-VVMxDjAMBgNVBAoTBURlbW8xMQwwCgYDVQQDEwNDQTEwHhcNMTcxMjE4MTcxNTE4
20bab0
-WhcNMzIxMjE5MTcxNTE4WjCBijELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRl
20bab0
+MIIEBzCCAu+gAwIBAgIFIBcSGAEwDQYJKoZIhvcNAQELBQAwKzELMAkGA1UEBhMC
20bab0
+VVMxDjAMBgNVBAoMBURlbW8xMQwwCgYDVQQDDANDQTEwHhcNMTgwODE0MTAxOTAx
20bab0
+WhcNMzMwODE1MTAxOTAxWjCBijELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRl
20bab0
 MQ0wCwYDVQQHDARDaXR5MRAwDgYDVQQKDAdDb21wYW55MQ0wCwYDVQQLDARVbml0
20bab0
 MRYwFAYDVQQDDA0qLmV4YW1wbGUuY29tMSMwIQYJKoZIhvcNAQkBFhR3aWxkY2Fy
20bab0
 ZEBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL1e
20bab0
@@ -72,8 +79,11 @@ LU5cgpUvoGJ4WWUGAbcCAwEAAaOB0TCBzjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
20bab0
 MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAXBgNVHSAEEDAOMAUGAyoEBTAFBgMpAwQw
20bab0
 RgYDVR0RBD8wPYINKi5leGFtcGxlLmNvbYEUd2lsZGNhcmRAZXhhbXBsZS5jb22H
20bab0
 BAoUHiiHECABDbgBSAEAAAAAAAAAADEwHQYDVR0OBBYEFEtChrrivj1ADREdZue+
20bab0
-lDmyhNMGMB8GA1UdIwQYMBaAFMgc2pIKqUgIOnZ2FTgE8TTZFdAgMA0GCSqGSIb3
20bab0
-DQEBCwUAA4GBACDL7J2L6C1hdF4wsJWIToAJ38l/sMnSGU4sWusCD87oilL6Ilmx
20bab0
-w3s52/B9mpEZ79X3c1trRz1Iw8dKLnt/Pf9lUxEhlSwA/Tl2JY4FaMS5zL3KKGC/
20bab0
-bUwA0E60TGJrNEgsYLkzdj87clcR7PQtX7PxocjUW18ja7DsKFoLQ3/j
20bab0
+lDmyhNMGMB8GA1UdIwQYMBaAFKNz9IPwtJ16EBrVXeGI9ddzqFZPMA0GCSqGSIb3
20bab0
+DQEBCwUAA4IBAQAHQ5vgIebhQDUJ89ZiDXzSbXh1bllXANlKss2fnNI4hbz00L21
20bab0
+IAav7a4KGSoBryVL4zrHWKlfvIZqJDAtDbsdP92YdZpMHdChjkMRuTq6xeTsDGza
20bab0
+tTQqqz/7hyfSMsr5ZR/y7ed+wBEwXjr3l1hS/+G+k82WA0hTv1hlpSAJ2Zt8A/A5
20bab0
+YSgBkj4n7b0NlAbN3NI0BJkp+l4bvXAPhl4w3zP8TIm1VqH2JMkfqobvUWI5Iqmh
20bab0
+7dJC9sDJRX/XzjoY7FqOVy5Ix9iQG6YtMEutOvSnkO3aNy+5nLo8CLbXU9muNF+a
20bab0
+AoplIJMXvuV+OhEQjtIMWL8gMgL4Bd7NLoLx
20bab0
 -----END CERTIFICATE-----
20bab0
diff --git a/t/local/07_sslecho.t b/t/local/07_sslecho.t
20bab0
index 5dc946a..74e317a 100644
20bab0
--- a/t/local/07_sslecho.t
20bab0
+++ b/t/local/07_sslecho.t
20bab0
@@ -285,7 +285,7 @@ my @results;
20bab0
         push @results, [ $issuer  eq $cert_name, 'cert issuer'  ];
20bab0
         push @results, [ $subject eq $cert_name, 'cert subject' ];
20bab0
         push @results, [ substr($cn, length($cn) - 1, 1) ne "\0", 'tailing 0 character is not returned from get_text_by_NID' ];
20bab0
-        push @results, [ $fingerprint  eq '96:9F:25:FD:42:A7:FC:4D:8B:FF:14:76:7F:2E:07:AF:F6:A4:10:96', 'SHA-1 fingerprint'  ];
20bab0
+        push @results, [ $fingerprint  eq 'C7:BC:62:F8:50:40:4D:0B:1D:9A:A1:16:39:8D:91:67:91:A4:1D:9D', 'SHA-1 fingerprint'  ];
20bab0
 
20bab0
         return 1;
20bab0
     }
20bab0
diff --git a/t/local/50_digest.t b/t/local/50_digest.t
20bab0
index c181837..b2de4dc 100644
20bab0
--- a/t/local/50_digest.t
20bab0
+++ b/t/local/50_digest.t
20bab0
@@ -179,17 +179,17 @@ SKIP: {
20bab0
 
20bab0
 my $file1 = File::Spec->catfile('t', 'data', 'cert.pem'); 
20bab0
 my $results1 = {
20bab0
-        md2       => '6d89cda9599a54d03652f9464e8b6e51',
20bab0
-        md4       => 'ada352f40f1ca64f4168a8aae7c1a281',
20bab0
-        md5       => 'e060f11c6afa9e1f59a8e7c873aa3423',
20bab0
-        mdc2      => 'e9ca1fd1cfccfb450b402a0dd446db28',
20bab0
-        ripemd160 => 'cbd50056558b01b5e9ec67901b518462b5393e5b',
20bab0
-        sha       => '79de0d0cc736d98b65f5d6b3ac89e65ca8d3b2a7',
20bab0
-        sha1      => '0267dd25bbd8930c537716d972dd9ba128846428',
20bab0
-        sha224    => '5b42d5a3b16a6cee821b03c41f0428b09b70695becb0aaafbc7d6419',
20bab0
-        sha256    => '764633a51af4ef374cabb1ea859cc324680cfeff694797e90562e19ffb71ab26',
20bab0
-        sha512    => '37e3a2e84aec822922c51d4d8d37bf003e1d85f55a4bf2fae2940a5aab5b32f7601c2a9cde5b9c6391aaa4ffef1e845f11d2f0b6a37a9b2f48fb7f6469f0a51c',
20bab0
-        whirlpool => 'b2dc90dbbc60e5e2dc28de3bdeab45fb2fa6d13d86ff14908130624a242e38ecc195b3b11a7ef137b77a24e9a0ba5be061ac1baa11892369286d613569199458',
20bab0
+        md2       => '99c30267cbf14bc2841a5b7749ba1cc2',
20bab0
+        md4       => 'd7dc371997d08d4da70501ecdfe6e09e',
20bab0
+        md5       => 'e3fdc3024e8380af1d8dd3a2705ad5c9',
20bab0
+        mdc2      => '44c546567b06aba23e6a808ad2210ad6',
20bab0
+        ripemd160 => 'a8f3023b46590fff58733db0993fb0e66a7c2e33',
20bab0
+        sha       => '72bd01553288bc5e4ba558a85970d12a7c296e28',
20bab0
+        sha1      => '9af9b8d6efc1efce1957944b6041fb3e299834b0',
20bab0
+        sha224    => 'fc1ef172129181a1c104467a01300f6b12c472df93f65c545acd0b3b',
20bab0
+        sha256    => 'c49f7c37cfb711b1e660da7567608f9433d1faf6cc903793aedbf61b6c66cfcd',
20bab0
+        sha512    => 'de0fb6197c8e586bc16faf19eb53336ddc2971c2fb0c8ad24accf8bc1fd483357e98b6fc38efcd09c574ecb4ba82bf8f1451e29ba758dc8537a27f57bdc19d44',
20bab0
+        whirlpool => 'f775be3610857166dd466ce9ae481c65d3938f6794b0b17294cb533b0a721b42de3726dbc15f22156778f333ddafb6db8997765a3e30ed436f6cab561ffab5de',
20bab0
 };
20bab0
 
20bab0
 my $file2 = File::Spec->catfile('t', 'data', 'binary-test.file'); 
20bab0
-- 
20bab0
2.14.4
20bab0