#!/bin/bash
#
# This test checks various aspects of RSA signing
#
# It will blank the card, create an RSA key and test it
#
# Run this from the regression test directory.

. functions

msg <<EOF
:::
::: Testing on-card signature facilities
:::
::: This test will blank the card, create an RSA key pair on-board
::: and verify it works.
:::
EOF

m=$p15temp/message
d=$p15temp/digest
s=$p15temp/signed
p=$p15temp/public.pem

p15_init --no-so-pin
p15_set_pin -a 01
p15_gen_key rsa/1024 --id 45 -a 01

msg "Extracting public key"
run_display_output $p15tool --read-public-key 45 -o $p

# Set up message file
echo lalla > $m

msg "Signing and verifying using MD5"
run_check_status openssl dgst -md5 -binary -out $d < $m
p15_crypt -s --md5 --pkcs1 -i $d -o $s
run_check_output "Verified OK" \
	openssl dgst -verify $p -md5 -signature $s < $m
success

msg "Signing and verifying using SHA1"
run_check_status openssl dgst -sha1 -binary -out $d < $m
p15_crypt -s --sha-1 --pkcs1 -i $d -o $s
run_check_output "Verified OK" \
	openssl dgst -verify $p -sha1 -signature $s < $m
success

p15_erase --secret @01=0000
