#!/bin/sh

# start the virtual card
#sh -x /start.sh >/dev/null

# Set up smartcard following the recipe from:
# https://gnupg.org/documentation/manuals/gnupg/gpg_002dcard.html

gpg --list-keys
echo "disable-application openpgp" > /root/.gnupg/scdaemon.conf
gpg-card list

gpg-card auth 010203040506070801020304050607080102030405060708
gpg-card generate --algo=nistp384 PIV.9A
gpg-card generate --algo=nistp256 PIV.9E
gpg-card generate --algo=rsa2048  PIV.9C

gpg-card list

export PIV9A=`gpg-card list|grep "PIV authentication"|cut -d ":" -f 2|sed s/\ //`
export PIV9E=`gpg-card list|grep "Card authenticat"|cut -d ":" -f 2|sed s/\ //`
export PIV9C=`gpg-card list|grep "Digital signature"|cut -d ":" -f 2|sed s/\ //`

expect generate9d.exp
gpgsm --import encr.crt

export PIV9D=`gpgsm --with-keygrip -k|grep keygrip|sed s/.*\:\ //`
gpg-card writekey PIV.9D $PIV9D
expect writecert9d.exp

gpgsm --learn
expect certificate9c.exp # create a self-signed certificate for digital signatures
gpgsm --import sign.crt
expect writecert9c.exp

gpgsm --learn
expect full-gen-key.exp
expect disable-aead.exp

gpg-card list
gpg --list-key