#########################################################################
# test different creddy calls using encrypted private key generated 
# eternal openssl call. must have a premade enc_private.pem !!!
#
echo "  "
echo ">>>>  keycheck the encrypted private key (with passphrase file) ..."
creddy --keycheck --key enc_private.pem --p=pfile
echo "  "

echo ">>>>  generate a regular abac private key ..."
creddy --generate --cn abc 
echo "  "
echo ">>>>  keycheck the regular private key ..." 
creddy --keycheck --key abc_private.pem 
echo "  "
echo ">>>>  attr check the regular id credential ..."
creddy --display --show=issuer,subject --cert abc_ID.pem
echo "  "
echo ">>>>  verify check the regular id credential ..."
creddy --verify --cert abc_ID.pem
echo "  "

echo ">>>>  generate an id credential using encrypted private key ..."
creddy --generate --cn abcE --key enc_private.pem --p=pfile 
echo "  "
echo ">>>>  attr check the id credential ..."
creddy --display --show=issuer,subject --cert abcE_ID.pem
echo "  "
echo ">>>>  verify check the id credential ..."
creddy --verify --cert abcE_ID.pem
echo "  "

echo ">>>>  generate an id credential, reusing the regular private key ..."
creddy --generate --cn abcN --key abc_private.pem
echo "  "
echo ">>>>  attr check the regular id credential ..."
creddy --display --show=issuer,subject --cert abcN_ID.pem
echo "  "
echo ">>>>  verify check the regular id credential ..."
creddy --verify --cert abcN_ID.pem
echo "  "

echo ">>>>  expected failure case ..."
creddy --generate --cn abc2 --key enc_private.pem --p=pbadfile
echo "  "
echo ">>>>  expected failure case ..."
creddy --generate --cn abc3 --key bad_enc_private.pem --p=pfile