Extend the tests with PivApplet to use piv-tool instead of yubico-piv-tool

[Jakuje]

As discussed in #3158 it should be possible to make the piv-tool to do the same as we do now in the tests with yubico-piv-tool. Even though we do not want to recommend the piv-tool for our users as it makes things needlessly complicated, test coverage of basic operations would be good to avoid such issues as the one we are fixing in #3158.

So, if I am understanding correctly, since there is no deletion needed in test-piv.sh, the following code provides the same functionality in the test (if openssl is already configured to use pkcs11 provider):

OpenSC/.github/test-piv.sh

Lines 56 to 71 in 36df028

	PIN="123456"
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9e -a generate -A RSA2048 | tee 9e.pub
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9e -S'/CN=barCard/OU=test/O=example.com/' -averify -aselfsign < 9e.pub | tee 9e.cert
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9e -aimport-certificate < 9e.cert
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9a -a generate -A RSA2048 | tee 9a.pub
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9a -S'/CN=bar/OU=test/O=example.com/' -averify -aselfsign < 9a.pub | tee 9a.cert
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9a -aimport-certificate < 9a.cert
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9c -a generate -A ECCP256 | tee 9c.pub
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9c -S'/CN=bar/OU=test/O=example.com/' -averify -aselfsign < 9c.pub | tee 9c.cert
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9c -aimport-certificate < 9c.cert
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9d -a generate -A ECCP256 | tee 9d.pub
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9d -S'/CN=bar/OU=test/O=example.com/' -averify -aselfsign < 9d.pub | tee 9d.cert
	yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P "$PIN" -s 9d -aimport-certificate < 9d.cert

PIN="123456"
echo '01:02:03:04:05:06:07:08:01:02:03:04:05:06:07:08:01:02:03:04:05:06:07:08' > key
export PIV_EXT_AUTH_KEY="$(pwd)/key"

piv-tool -v -A A:9B:03 -G 9E:07 -o 9e.pub
export PIV_9E_KEY="$(pwd)/9e.pub"
openssl req -key "pkcs11:id=%04;type=private;pin-value=$PIN" -subj "/CN=barCard/OU=test/O=example.com/" -new -x509 -out 9e.cert
piv-tool -v -A A:9B:03 -C 9E -i 9e.cert

piv-tool -v -A A:9B:03 -G 9A:07 -o 9a.pub
export PIV_9A_KEY="$(pwd)/9a.pub"
openssl req -key "pkcs11:id=%01;type=private;pin-value=$PIN" -subj "/CN=bar/OU=test/O=example.com/" -new -x509 -out 9a.cert
piv-tool -v -A A:9B:03 -C 9A -i 9a.cert

piv-tool -v -A A:9B:03 -G 9C:11 -o 9c.pub
export PIV_9C_KEY="$(pwd)/9c.pub"
openssl req -key "pkcs11:id=%02;type=private;pin-value=$PIN" -subj "/CN=bar/OU=test/O=example.com/" -new -x509 -out 9c.cert
piv-tool -v -A A:9B:03 -C 9C -i 9c.cert

piv-tool -v -A A:9B:03 -G 9D:11 -o 9d.pub
export PIV_9D_KEY="$(pwd)/9d.pub"
openssl req -key "pkcs11:id=%03;type=private;pin-value=$PIN" -subj "/CN=bar/OU=test/O=example.com/" -new -x509 -out 9d.cert
piv-tool -v -A A:9B:03 -C 9D -i 9d.cert

Originally posted by @invis-z in #3158 (comment)