def recoverSecret(shares):
for i in range(len(shares)):
shares[i] = (base64.b64decode(shares[i])).decode('utf-8')
secret = PlaintextToHexSecretSharer.recover_secret(shares)
#Converting recovered_key to bytes using base64 module
secret = base64.b64decode(secret)
return secret
def shamirs_join(list, str):
temp = []
msg_alpha = SecretSharer.recover_secret(list[0:2])
msg_alpha = '1-' + msg_alpha
temp.append(msg_alpha)
temp.append(str)
text = PlaintextToHexSecretSharer.recover_secret(temp[0:2])
return text
def unsecret_num(num, secret_message):
shares = []
for i in range(len(secret_message)):
sf = secret_message[i].split(
"\n") #each share is delineated by a newline character
shares.append(
sf[num]) #get share from file contents and add to share array
return SS.recover_secret(shares).strip()
def check_votes(myshare_file, blockchainshare_file, voter_ticket, keyfile):
os.system("clear")
print("----Vote count & check----")
#Check ticket exits and has been used
with open('tickets.csv', 'rb') as f:
rows = csv.reader(f, delimiter=',')
arows = []
for x in rows:
if voter_ticket in x:
arows.append(x)
#arows = [row for row in rows if voter_ticket in row]
f.close()
if len(arows) <= 0:
print("Ticket does not exist")
exit(0)
for data in arows:
if data[1] == '0':
print("Ticket valid BUT not used")
exit(0)
#Count total votes in blockchain
with open(blockchainshare_file, 'r') as f:
reader = csv.reader(f, delimiter=',')
data = list(reader)
row_count = len(data)
print("-> %s total vote(s) in blockchain" % row_count)
#read local share
print("-> Local share")
with open(myshare_file, 'r') as f:
myshare = f.read()
print("[*] %s" % myshare)
#Grab the share corresponding to voters ticket from within blockchain
print("-> Getting share from blockchain")
with open(blockchainshare_file, 'rb') as f:
reader = csv.reader(f, delimiter='\n')
for row in reader:
for data in row:
if data.split(',')[0] == voter_ticket:
blockchain_share = data.split(',')[1]
print("\t-> %s" % blockchain_share)
#connect shares
print("-> Reassembling shares")
tmp = [myshare, blockchain_share]
recovered_vote = PlaintextToHexSecretSharer.recover_secret(tmp)
#decrypt shares
print("-> Decrypting shares")
with open(keyfile, 'r') as f:
key = f.read()
f.close()
cipher = AESCipher(base64.b64decode(key))
decrypted_vote = cipher.decrypt(recovered_vote)
print("[*] Your vote was: %s" % decrypted_vote)
def decrypt_secret(splits, ciphertext):
s = PlaintextToHexSecretSharer.recover_secret(splits)
h = SHA256.new(s.encode("utf-8")).digest()
IV = h[0:16]
ekey = h[16:32]
mode = AES.MODE_CBC
decryptor = AES.new(ekey, mode, IV=IV)
dpk = decryptor.decrypt(ciphertext)
dpk = dpk.decode("utf-8").replace(' ', '')
key = RSA.importKey(b64decode(dpk))
def recover(args):
min = args.min
keyfile = args.keyfile
parts = []
for line in open(keyfile):
parts.append(line.rstrip('\n'))
result = PlaintextToHexSecretSharer.recover_secret(parts[0:min])
print("The full private key is: " + result.rstrip('\n'))
def combine_and_decrypt(data, subkeys):
"""
Decrypt the data by recreating the original key with threshold number
of subkeys.
Return the decrypted data.
"""
key = shamir.recover_secret(subkeys)
decrypted_data = decrypt(data, key.encode())
return decrypted_data
def main():
# Enter shares
shares = [input('Enter your share: ')]
while True:
numofSHares = input("Still have more?\tYes\tNo\n").upper()
if numofSHares == "Y":
shares.append(input('Enter your share: '))
elif numofSHares == "N":
break
else:
print("You haven't answered correctly, try again\n")
# Recover
message = PlaintextToHexSecretSharer.recover_secret(shares)
print('Original message:\n' + message)
def main():
# Enter shares
shares = [raw_input('Enter your share: ')]
while True:
questions = [
inquirer.List(
'share',
message='Enter next share',
choices=['OK', 'I don\'t have another one'],
),
]
answer = inquirer.prompt(questions)['share']
if answer != 'OK':
break
shares.append(raw_input('Enter your share: '))
# Recover
wait = animation.Wait('spinner',
'Generating randomness.. It may take a while.. ')
wait.start()
message = PlaintextToHexSecretSharer.recover_secret(shares)
wait.stop()
print('Original message:\n' + message)
def dry_run():
final_votes = []
os.system("clear")
print("----Counting Votes (gov)----")
with open("BLOCKCHAIN1.csv", 'rb') as f:
reader = csv.reader(f, delimiter='\n')
for row in reader:
for data in row:
current_ticket = data.split(',')[0]
with open('gov.csv') as g:
readerg = csv.reader(g, delimiter='\n')
for rowg in readerg:
for datag in rowg:
gov_ticket = data.split(',')[0]
if current_ticket == gov_ticket:
bs_share = data.split(',')[1]
gov_share = datag.split(',')[1]
voter_key = data.split(',')[2]
print("-> Ticket: %s" % current_ticket)
print("\tKey: %s" % voter_key)
print(
"\n\tShares:\n\t\tBlockchain: %s\n\t\tGov: %s"
% (bs_share, gov_share))
tmp = [bs_share, gov_share]
recovered_vote = PlaintextToHexSecretSharer.recover_secret(
tmp)
cipher = AESCipher(base64.b64decode(voter_key))
decrypted_vote = cipher.decrypt(recovered_vote)
print("\tDecrypted Vote: %s" % decrypted_vote)
final_votes.append(decrypted_vote)
print("\n-> Final vote counting")
counts = Counter(final_votes)
for key, value in counts.iteritems():
print("%s votes for |%s|" % (value, key))
response = horizon.submit(envelope.xdr())
assert 'hash' in response
print('Waiting for the deadline')
tts = (tau - datetime.datetime.now()).total_seconds()
margin = 5
time.sleep(tts + margin)
print('Now Alice can submit t_1_1')
envelope = Te(t_1_1, opts={})
envelope.sign_hashX(x_a)
response = horizon.submit(envelope.xdr())
assert 'hash' in response
print('Bob cannot submit t_2_2, because he leaked the secret')
envelope = Te(t_2_2, opts={})
envelope.sign_hashX(x_b)
response = horizon.submit(envelope.xdr())
assert 'hash' not in response
print('At this point, the secret is public')
params = {'limit': 1, 'order': 'desc'}
last_tx_a_1 = horizon.account_transactions(
kp_a_1_address, params=params)
last_tx_a_2 = horizon.account_transactions(
kp_a_2_address, params=params)
x_a_1 = extract_share_from_tx(last_tx_a_1)
x_a_2 = extract_share_from_tx(last_tx_a_2)
secret = PlaintextToHexSecretSharer.recover_secret([x_a_1, x_a_2])
assert secret == x
class IndyProxyServer(web.Application):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.add_routes([
web.post('/create_identity', self._create_identity),
web.post('/secret_sharding', self._secret_sharding),
web.post('/secret_recovery', self._secret_recovery),
])
self._wallet_handle = None
self._secret_sharer = PlaintextToHexSecretSharer()
async def _create_identity(self, request):
try:
logging.debug('Creating identity wallet')
await wallet.create_wallet(POOL_NAME, WALLET_NAME, None, None,
None)
logging.debug('Opening identity wallet')
self._wallet_handle = await wallet.open_wallet(
WALLET_NAME, None, None)
logging.debug('Generating DID and Verkey')
new_did, new_verkey = await did.create_and_store_my_did(
self._wallet_handle, "{}")
except IndyError as e:
logging.error(f'Error while creating identity. Exception: {e}')
return web.Response(status=500)
response = {
'did': new_did,
'verkey': new_verkey,
}
return web.Response(body=json.dumps(response))
async def _secret_sharding(self, request):
try:
request_data = await request.json()
verkey = request_data['verkey']
logging.debug('Getting signing key')
signingkey = await did.get_signing_key(self._wallet_handle, verkey)
shards = self._secret_sharer.split_secret(signingkey, 2, 3)
except Exception as e:
logging.error(f'Error while sharding secret. Exception: {e}')
return web.Response(status=500)
response = {
'shards': shards,
}
return web.Response(body=json.dumps(response))
async def _secret_recovery(self, request):
try:
request_data = await request.json()
# shards = [shard.encode() for shard in request_data['shards']]
shards = request_data['shards']
logging.debug('Recovering secret')
secret = self._secret_sharer.recover_secret(shards)
except Exception as e:
logging.error(f'Error while recovering secret. Exception: {e}')
return web.Response(status=500)
response = {
'secret': secret,
}
return web.Response(body=json.dumps(response))
from Crypto.Cipher import AES, PKCS1_OAEP
from Crypto.PublicKey import RSA
from base64 import b64decode
import encrypt
from secretsharing import PlaintextToHexSecretSharer as SS
values = [0, 4, 3, 6]
plains = [[], [], [], []]
for i in values:
with open("pkey-%d.pem" % i) as f:
data = f.read()
data = data.splitlines()
data = data[1:-1]
data = ''.join(data)
keyDER = b64decode(data)
keyPriv = RSA.importKey(keyDER)
for j in xrange(1, 6):
with open("ciphertext-%d.bin" % j, 'rb') as f:
data = f.read()
data = encrypt.decrypt(keyPriv, data)
if data is not None:
values = data.splitlines()[1:]
for i, v in enumerate(values):
plains[i].append(v)
for v in plains:
print(SS.recover_secret(v))
from secretsharing import PlaintextToHexSecretSharer
done = False
parts = []
while not done:
inVar = raw_input("Enter a part to restore: ")
parts.append(inVar)
inVar = raw_input("Done? (y/n): ")
if (inVar.lower() == "y"):
done = True
print PlaintextToHexSecretSharer.recover_secret(parts)
from secretsharing import PlaintextToHexSecretSharer
done = False
parts = []
while not done:
inVar = raw_input("Enter a part to restore: ")
parts.append(inVar)
inVar = raw_input("Done? (y/n): ")
if(inVar.lower() == "y"):
done = True
print PlaintextToHexSecretSharer.recover_secret(parts)
#https://github.com/blockstack/secret-sharing
#Note:In production, we'd use SecretSharer, not PlaintextToHexSecretSharer. This is for readability.
from secretsharing import PlaintextToHexSecretSharer
#Split the hash into 3 pieces
SplitHash = PlaintextToHexSecretSharer.split_secret(
"This is your encrypted private key (that you encrypted with biometric data)",
2, 3)
#Recovery
PlaintextToHexSecretSharer.recover_secret(shares[0:2])
def recover_shared_secret(self):
# TODO: manage exceptions
if len(self.collected_secrets) >= self.k:
self.secret = PlaintextToHexSecretSharer.recover_secret(
self.collected_secrets)
def recoverSecret(shares):
secret = PlaintextToHexSecretSharer.recover_secret(shares)
return secret
w = RSAExploits.Wiener()
#we know to run it only on key-3.pem because the public exponent in that key is very large
w.run([y[3]])
n3 = n[3]
p3 = y[3].get_p()
q3 = y[3].get_q()
e3 = b[3].key.e
assert p3 * q3 == n3
tot3 = n3 - (p3 + q3 - 1)
d3 = modinv(e3, tot3)
privkey3 = RSA.construct((n3, e3, d3))
for c in cts:
temp = decrypt(privkey3, c)
if(temp):
plaintexts.append(temp)
break
#cut off the congratulations messages and break up each line
pt1 = plaintexts[0].strip().split("\n")[1:]
pt2 = plaintexts[1].strip().split("\n")[1:]
pt3 = plaintexts[2].strip().split("\n")[1:]
#zip them together and recover the secret.
#zipped so we can combine pt1[n] pt2[n] and pt3[n] easily
for i in zip(pt1, pt2, pt3):
print(PlaintextToHexSecretSharer.recover_secret(i))
n.append(
0xB17ACF77309DCCDCF05A4259212EE3B148B24E52FD39AAD9CB558CAA4C49A35BED6904037A065F92F3AFFE60DC0123F7C79F1FD52CF8FCB03095E33CCEE9BE8D55796B610077FD06DE336CD2553F0695D809BF0EEEABCEA5085387FA2670DC81B40F4334A2093446C5E53635A7B7FB3D1561A62D91B9669361294B4E68CB1548D9C48DF3EF4DA9A9B3C8EEDD4F9901C3B29F5593DB28023AA7C39400D21A53D7CD014F37D1687C7A7C7F3598FFD7D024941BF62806A92368D73418C05AAA67145D17306DEC22BE5E35473B83D9A6B71ADE5ABC3440D6E9DA0D5A122AD11DEACC45C5D2124755F1A60C919EF7EF4220A1ED253EB1ADA0DE0308681C3D0F558DEA7DE1E396430782A1DDA11B44E1D6A11922E66D77285301E212C2CDA17709008CBE138AA6C9EE152001700D3F2BF72DD8B168F9B6764F5BF9E7E736D4FB9B4053BF5E205D7F85404FAE20AA9AB5131E8EDC17DD1E134B8343F080AE05328925947612EEAF4FB4438C0CF82B6C938FEFEBF8583EDA54494858D033F6AF03FB52F8C02EC40C6F1041F9195499CE3BCA7BF6924631ED3691E976707ED3E701B7637AE3C8B84DF5B2864A7283C6B7BBCADE2C0E29815F930506E472DCF3E4C97890F91BF9FE224E4C2E75325907228DCDA9D7CCE17872540C4E2E99FCE1F91A755F2372CFC71808E779F4090671B00E88B7B7A45DD304A81CB04B7A18F4567ED77305
)
for i in range(10):
for j in range(i + 1, 10):
gcd = fractions.gcd(n[i], n[j])
if gcd != 1:
e = long(65537)
q = n[i] / gcd
p = gcd
return decryptFile('ciphertext-3.bin', e, p, q)
if __name__ == "__main__":
message1 = factorKey1().split('\n')
#exit()
message2 = factorKey2().split('\n')
#exit()
message3 = factorKey3().split('\n')
#exit()
message4 = factorKey0().split('\n')
#exit()
print SS.recover_secret(
[message1[1], message2[1], message3[1], message4[1]]), '\n-----------'
print SS.recover_secret(
[message1[2], message2[2], message3[2], message4[2]]), '\n-----------'
print SS.recover_secret(
[message1[3], message2[3], message3[3], message4[3]]), '\n-----------'
print SS.recover_secret(
[message1[4], message2[4], message3[4], message4[4]]), '\n-----------'
# get the number of lines of our key
with open("lines.txt", 'r') as lines:
sh = int(lines.readline()) # required shares
n = int(lines.readline()) # number of lines
print("Napíšte " + str(sh) + " ID použité na obnovu kľúča.")
for i in range(sh):
ids.append(int(input()))
# for each line open shares
for l in range(n):
new_share = []
for s in range(sh):
dir = "shares" + str(ids[s]) + "/"
fname = "share" + str(ids[s]) + "_" + str(l) + ".txt"
try:
with open(dir + fname, 'rb') as f:
new_share.append(f.read())
except FileNotFoundError:
print("Chyba: Súbor sa nenašiel.")
shares.append(new_share)
#print(shares)
with open("privatekey.asc", 'w') as file:
for l in range(n):
secretLine = PlaintextToHexSecretSharer.recover_secret(shares[l][0:sh])
file.write(secretLine)
print("Kľúč bol úspešne obnovený do súboru privatekey.asc")
# check if the equation x^2 - s*x + n = 0
# has integer roots
discr = s*s - 4*n
if(discr>=0):
t = Arithmetic.is_perfect_square(discr)
if t!=-1 and (s+t)%2==0:
return d
for i in range(10):
if keys[i] is None:
k = load_key(i)
x = wiener(k.e, k.n)
if x is not None:
impl = RSA.RSAImplementation(use_fast_math=False)
partial = impl.construct((k.n, 0L))
partial.key.e = k.e
partial.key.d = x
keys[i] = partial
try_decrypt(keys[i])
# Found with factorization outside the script
plaintexts[0] = """Congratulations, you decrypted a ciphertext! One down, two to go :)
1-32a1cd9f414f14cff6685879444acbe41e5dba6574a072cace6e8d0eb338ad64910897369b7589e6a408c861c8e708f60fbbbe91953d4a73bcf1df11e1ecaa2885bed1e5a772bfed42d776a9
1-e0c113fa1ebea9318dd413bf28308707fd660a5d1417fbc7da72416c8baaa5bf628f11c660dcee518134353e6ff8d37c
1-1b8b6c4e3145a96b1b0031f63521c8df58713c4d6d737039b0f1c0750e16e1579340cfc5dadef4e96d6b95ecf89f52b8136ae657c9c32e96bf4384e18bd8190546ff5102cd006be5e1580053
1-c332b8b93a914532a2dab045ea52b86d4d3950a990b5fc5e041dce9be1fd3912f9978cad009320e18f4383ca71d9d79114c9816b5f950305a6dd19c9f458695d52"""
from secretsharing import PlaintextToHexSecretSharer as SS
print SS.recover_secret(x.split('\n')[2] for x in plaintexts if x is not None)
shares = []
for secretCollection in plaintexts:
secrets = secretCollection.splitlines()[1:]
for secret in secrets:
shares.append(secret)
for i in shares:
for j in shares:
if(j==i):
continue
for k in shares:
if(k==i or k==j):
continue
try:
flag = PlaintextToHexSecretSharer.recover_secret([i,j,k])
if('flag' in flag.lower()):
print(flag)
except:
pass
for l in shares:
if(l==i or l==j or l == k):
continue
for m in shares:
if(m==i or m==j or m == k or m==l):
continue
try:
flag = PlaintextToHexSecretSharer.recover_secret([i,j,k,l,m])
if('flag' in flag.lower()):
if('ndQzjRpnSP60NgWET6jX' not in flag):
print(flag)
from secretsharing import PlaintextToHexSecretSharer
plaintext = []
secretlist = []
for x in range(1, 6):
lines = open('plaintext-' + str(x) + '.txt').read()
plaintext.append(lines.splitlines()[1:])
for i in range(4):
secretlist.append([])
for j in range(5):
secretlist[i].append(plaintext[j][i])
print(PlaintextToHexSecretSharer.recover_secret(secretlist[i]))
from secretsharing import PlaintextToHexSecretSharer
shares = PlaintextToHexSecretSharer.split_secret("{'address':'Sainte Catherine' , 'telephone': 524-857-9127}", 2, 3)
print('shares:', shares)
print('Recover information from 1 and 2:' + PlaintextToHexSecretSharer.recover_secret(shares[0:2]))
print('Recover information from 1 and 3:' + PlaintextToHexSecretSharer.recover_secret([shares[0],shares[2]]))
print('Recover information from 2 and 3:' + PlaintextToHexSecretSharer.recover_secret(shares[1:3]))
try:
print('Recover of information from 2:' + PlaintextToHexSecretSharer.recover_secret(shares[1]))
except:
print('Not enough available information')
y.append(m.split('\n')[2])
z.append(m.split('\n')[3])
print m
"""
Congratulations, you decrypted a ciphertext! One down, two to go :)
3-17e568ddc3ed3e6fe330ca47a2b27a2707edd0e0839df59fe9114fe6c08c6fc1ac1c3c8d9ab3cf7860dac103dff464d4c215e197b54f0cb46993912c3d0220a3eb1b80adf33ee2cc59b0372c
3-b69efb4f9c5205175a4c9afb9d3c7bef728d9fb6c9cc1241411b31d4bd18744660391a330cefa8a86af8d2b80c881cfa
3-572e70c5acfbe8b4c2cbd47217477d217da88c256ff2586af6a18391972c258bbea6143e7cd2ff6d39393efeb64d51d9318a2c337e50e2d764a42173bc3a1d5c7c8f24b64043daf5d2a8e9f4
3-e9e6850880eb0a44d36fe9f2e5a458c6da3977b7fcd285afa27e9bfc116b1408570991504116b81864b03a7060bfd5d3fb6e007bb346f276d749befd545d1489c4
"""
# key-1.pem, ciphertext-5.bin
(p, q) = fermat(n[1])
m = decrypt(p, q, c[4])
x.append(m.split('\n')[1])
y.append(m.split('\n')[2])
z.append(m.split('\n')[3])
print m
"""
Congratulations, you decrypted a ciphertext! One down, two to go :)
5-7d29041c468b680fcff93c16011a2869f17de75b929b787503b412becde0321ec72fe1e499f2150a1dacb9a5f701c0b37470049dd560cef5163543469817971f50782f763f0b05ab7088f7ae
5-a7a1e271cf263279cece532b540545fa539b0f3650e2929163b02ee5459debdc53c1e07149eb2153015bb5c88e6270e8
5-149480c5c75cbe320564adfa432ac8ea241e048ed39c8bc6be14ca80c392487f43a7882075d785d62cb314ea6c89a6b5f28adfa56ec481e124567b88241de2a6cabcc7ec9de3acac8be5375b
5-7285289084282d559573f68eef10191091d76d6670014202670651f867cd2bc8640a86eef1c1e482affc7ae801fa446956c2186972fb6b7bac88c91d050c9d3cca
"""
print SS.recover_secret(x)
print SS.recover_secret(y)
print SS.recover_secret(z)
# FLAG{ndQzjRpnSP60NgWET6jX}
os.remove(file_path)
if __name__ == '__main__':
contract_state, secret_pieces, enc_messages, doub_enc_messages, personal_keys, beneficiaries = create_test_scenario(
)
# test object load
user_contract = LegacyUserContract.load(contract_name)
if contract_state != hash(user_contract):
say("An error occurred while loading the contract object.", 2)
# try to recover secret with 1 out of 3 secret shares (should fail)
try:
recov_secret = PlaintextToHexSecretSharer.recover_secret(
secret_pieces[0])
except:
pass
else:
say(
"This is weird. It shouldn't be possible to recover a secret with only one piece",
2)
# try to recover secret with 2 out of 3 secret shares (should work)
try:
recov_secret = PlaintextToHexSecretSharer.recover_secret(
secret_pieces[0:2])
except:
say("Could not recover secret.", 2)
# check if recovered secret matches original one
