public void Test2()
{
var key = SharedSecretGenerator.genKey("sec.oper");
var shares = SharedSecretGenerator.generateSharedSecret(32, 6, 3);
var encryptedKey = SharedSecretGenerator.encryptKey(key, shares);
var secret = PQ.bytes2hex(SharedSecretGenerator.joinShares(shares));
var secretMac = secret.Substring(0, secret.Length / 2);
var secretEnc = secret.Substring(secret.Length / 2);
Console.WriteLine("Secret:\n" + secret);
Console.WriteLine("SecretMac:\n" + secretMac);
Console.WriteLine("SecretEnc:\n" + secretEnc);
Console.WriteLine("----");
Console.WriteLine("Encrypted key:\n" + encryptedKey);
Console.WriteLine("----");
string[] parts = encryptedKey.Split('.');
Console.WriteLine("--Authenticated header:\n" + parts[0]);
Console.WriteLine("--Encrypted key:\n" + parts[1]);
Console.WriteLine("--IV:\n" + parts[2]);
Console.WriteLine("--Cipher text:\n" + parts[3]);
Console.WriteLine("--Auth Tag:\n" + parts[4]);
Console.WriteLine("----");
var authenticatedHeader = Base64Url.Decode(parts[0]);
byte[] iv = Base64Url.Decode(parts[2]);
var cipherText = Base64Url.Decode(parts[3]);
Console.WriteLine("You can test decryption using followinf openssl command.");
Console.WriteLine(String.Format("echo -n {0} | xxd -r -p | openssl enc -aes-128-cbc -d -K {1} -iv {2} ",
PQ.bytes2hex(cipherText), secretEnc, PQ.bytes2hex(iv)));
var decrypted = SharedSecretGenerator.decryptKey(encryptedKey, shares);
Console.WriteLine("Decrypted key: \n" + decrypted);
Console.WriteLine("----");
}
static void doGenerate()
{
if (File.Exists(output))
{
Console.WriteLine($"Output exists ({output}). Quitting.");
Environment.Exit(1);
}
Console.Clear();
displayGenerateInitialInfo();
Console.ReadLine();
var key = SharedSecretGenerator.genKey(kid);
var shares = SharedSecretGenerator.generateSharedSecret(32, shareCount, quorum);
var encryptedKey = SharedSecretGenerator.encryptKey(key, shares);
displayShareHolderInvitation(shares.Length);
Console.ReadLine();
var idx = 1;
foreach (var share in shares)
{
var verified = false;
while (!verified)
{
Console.Clear();
displayShare(idx++, share);
// verification
verified = readVerifyShare(share.shareIndex, share.shareValue, share.shareHash, shareCount, idx);
if (!verified)
{
displayInvalidShare();
}
}
}
Console.Clear();
displayStoreKeyStorePrompt();
Console.ReadLine();
if (!testModeFlag)
{
File.WriteAllText(output, encryptedKey, Encoding.UTF8);
}
Console.Clear();
displayAzureVaultPrompt();
Console.ReadLine();
string token = null;
if (!testModeFlag)
{
token = getToken(tenant).Result.AccessToken;
}
Console.WriteLine($"Token:\n{token}");
displayVaultImportConfirm();
Console.ReadLine();
if (!testModeFlag)
{
importKeyToVault(key, token, vaultUrl);
}
Console.WriteLine("Press [Enter] to continue");
Console.ReadLine();
Console.Clear();
displayFinishInfo();
Console.ReadLine();
}