scripts: fix crl-gen-openssl.test false failure with pipefail

The revoked-cert verification check uses `echo "$var" | grep -q`
to look for "revoked" or "error 23" in the openssl verify output.
With `set -o pipefail`, when grep -q finds the pattern and exits
early, echo may fail writing to the closed pipe (SIGPIPE/EPIPE,
exit 141 or 1). pipefail reports the pipeline status as that
non-zero code from echo, even though grep matched successfully.
The `!` negation then treats this as success (pattern not found),
causing the test to incorrectly report failure.

Replace echo|grep pipelines with bash [[ ]] glob pattern matching,
which avoids pipes entirely and is immune to this interaction.

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>

Author: sameehj

scripts/crl-gen-openssl.test

@@ -97,10 +97,12 @@ check_crl() {
     verify_rc=${verify_rc:-0}
     # Normalize to avoid case/CR differences and accept common OpenSSL error
     # formats (some builds report only an error code).
-    verify_out_norm=$(printf '%s' "$verify_out" | tr '[:upper:]' '[:lower:]' | \
+    # Use bash pattern matching instead of echo|grep to avoid broken-pipe
+    # failures with pipefail when grep -q exits early.
+    verify_out_norm=$(printf '%s\n' "$verify_out" | tr '[:upper:]' '[:lower:]' | \
         tr -d '\r')
-    if ! echo "$verify_out_norm" | grep -q "revoked" && \
-        ! echo "$verify_out_norm" | grep -q "error 23"; then
+    if [[ "$verify_out_norm" != *revoked* ]] && \
+        [[ "$verify_out_norm" != *"error 23"* ]]; then
         echo "expected revoked verification failure for $label CRL"
         echo "$verify_out"
         return 1