This post has NOT been accepted by the mailing list yet.
I succeed in decrypting with key ID 45 which key and cert is imported as a file .p12 from a high quality production firm.
Generating key directly onto card with pkcs15-init -G seems to be OK and generating cert.pem from card corresponding to this genkey (bottom line) also seem to be OK
BUT decryption from card gives the error as displayed here. The output seems to give the correct number of bytes, however as readable garbage.
I am not able to have the cert.pem display "KeyUsage NonRep"; I do not know any switch in openssl to do this and it does not seem to work changing the openssl.cnf for it either.
I think I am doing something wrong but do not know what