예제 #1
def split_secret(secret, no_of_splits, threshold):
    secret_data = StringIO.StringIO(secret)
    outputs = list()

    for i in xrange(no_of_splits):

    PySSSS.encode(secret_data, outputs, threshold)

    shares = [each_output.getvalue().encode('hex') for each_output in outputs]

    return shares
예제 #2
def splitsecret(secret, threshold, numshares):
    """returns list of shares of secret, with t=threshold, k=numshares

  splitsecret splits ``secret`` into ``numshares`` parts, with ``threshold``
  required to reconstruct the secret.

  The secret is padded to 128-character blocks to reduce information about
  the length of the secret. A CRC32 value of the raw secret is also generated (and
  included within the ciphertext) in order to ease validation of reconstruction.

  :param secret: the raw secret to be split
  :param threshold: the minimum number of shares required for successful reconstruction
  :param numshares: the number of shares to generate
  :type secret: string
  :type threshold: int
  :type numshares: int
  :returns: a list of shares
  :rtype: list of strings


  >>> import PySSSS
  >>> secret = "hun\0ter2" # any string will do
  >>> shares = pyssss.splitsecret(secret, 2, 3)
  >>> len(shares)
  >>> shares = pyssss.splitsecret(secret, 99, 2) # n.b. threshold > numshares?

    global _padlen
    global _padchar

    if threshold > numshares:
        raise ValueError("threshold {} exceeds number of shares {}".format(threshold, numshares))
    if numshares == 1:
        raise ValueError("cannot split secret into 1 part")

    # Here we track the number of characters we're padding, because the
    #  pad character is in-band.
    passlen = len(secret)
    padnum = (_padlen - (passlen % _padlen)) % _padlen
    secret = "{:0=8x}{:0=4x}{}".format(binascii.crc32(secret) & 0xFFFFFFFF, padnum, secret.rjust(_padlen, _padchar))

    outputs = []
    for i in xrange(numshares):

    PySSSS.encode(StringIO.StringIO(secret), outputs, threshold)

    return [outputs[i].getvalue().encode("hex") for i in xrange(numshares)]
예제 #3
def recover_secret(shares):
    shares_string_io = list()
    for i in xrange(len(shares)):

    for i in xrange(len(shares)):

    for i in xrange(len(shares)):

    secret = StringIO.StringIO()
    PySSSS.decode(shares_string_io, secret)
    return secret.getvalue()
예제 #4
def recoversecret(shares):
    """returns the reconstructed raw secret

  recoversecret combines the supplied list of shares and returns the raw string.

  This function raises a ``ValueError`` if the CRC32 of the reconstructed secret
  does not match the reconstructed CRC from the ciphertext.

  :param shares: a list of shares
  :type shares: list of strings
  :returns: the raw secret
  :rtype: string


  >>> import pyssss
  >>> shares = [
  >>> print repr(pyssss.recoversecret(shares))


    global _padchar

    output = StringIO.StringIO()
    PySSSS.decode([StringIO.StringIO(shares[i].decode("hex")) for i in xrange(len(shares))], output)
    secret = output.getvalue()

        crc, padnum, secret = int(secret[0:8], 16), int(secret[8:12], 16), secret[12:]
        secret = secret[padnum:]
        if (binascii.crc32(secret) & 0xFFFFFFFF) != crc:
            raise ValueError
    except ValueError:
        raise ValueError("could not reconstruct a valid secret. do you have enough data?")

    return secret
예제 #5
 def test_not_a_share(self):
     with self.assertRaises(ValueError):
         PySSSS.splitsecret(_secret, 1, 1)
예제 #6
 def rand_shares(self, secret, maxshares):
     numshares = random.randrange(3, maxshares)
     threshold = random.randrange(2, numshares)
     shares = PySSSS.splitsecret(secret, threshold, numshares)
     return (shares, threshold)
예제 #7
 def test_bad_threshold(self):
     with self.assertRaises(ValueError):
         PySSSS.splitsecret(_secret, _numshares, _threshold)
예제 #8
 def test_not_enough_shares(self):
     secret = str(os.urandom(100))
     (shares, threshold) = self.rand_shares(secret, 8)
     with self.assertRaises(ValueError):
         PySSSS.recoversecret(random.sample(shares, threshold-1))
예제 #9
 def test_roundtrip_unpadded(self):
     secret = str(os.urandom(1024))
     (shares, threshold) = self.rand_shares(secret, 8)
     recovered = PySSSS.recoversecret(random.sample(shares, threshold))
     self.assertEqual(recovered, secret)
예제 #10
 def test_recoversecret(self):
     self.assertEqual(PySSSS.recoversecret(_goodsplit), _secret)
     self.assertNotEqual(PySSSS.recoversecret(_badsplit), _secret)
예제 #11
 def test_splitsecret(self, RangeMock):
     RangeMock.side_effect = self.seq_random
     shares = PySSSS.splitsecret(_secret, _threshold, _numshares)
     self.assertEqual(shares, _goodsplit)
     self.assertNotEqual(shares, _badsplit)