#!/bin/bash
#
# This test checks various aspects of RSA decryption
#
# It needs a card with a private key+certificate pair at ID 45
#
# Run this from the regression test directory.

. functions

msg <<EOF
:::
::: Testing on-card decryption facilities
:::
EOF

o=$p15temp/plaintext
e=$p15temp/encrypted
d=$p15temp/decrypted
p=$p15temp/key.pem

p15_init --no-so-pin
p15_set_pin -a 01
p15_gen_key rsa/1024 --id 45 --key-usage decrypt -a 01

msg "Extracting public key"
run_check_status $p15tool --read-public-key 45 -o $p

msg "Encrypting message (pkcs1 padding)"
echo lalla > $o
run_check_status openssl rsautl -pubin -inkey $p -encrypt -in $o -out $e
p15_crypt -c --pkcs1 -i $e -o $d
cmp $o $d || fail "Decrypted file does not match plain text file"
success

p15_erase --secret @01=0000
