def test_tss2(self):
secret = b'my big fat secret'
h = (b'\x6c\x53\x71\x42\x9e\xff\xfb\xb2\x5b\x7d\xea\x79\xc0\x50\xee'
b'\xd3\xed\x83\x30\xfe\x7b\xdf\x4d\x02\x32\x30\x89\x36\x9e\x5c'
b'\x73\x48')
shares1 = share_secret(5, 10, secret, 'my-id', Hash.SHA256)
shares2 = share_secret(5, 10, secret + h, 'my-id', Hash.NONE)
reconstructed_secret1 = reconstruct_secret(shares1)
reconstructed_secret2 = reconstruct_secret(shares2)
self.assertEqual(secret, reconstructed_secret1)
self.assertEqual(secret + h, reconstructed_secret2)
def test_tss2(self):
secret = b'my big fat secret'
h = (b'\x6c\x53\x71\x42\x9e\xff\xfb\xb2\x5b\x7d\xea\x79\xc0\x50\xee'
b'\xd3\xed\x83\x30\xfe\x7b\xdf\x4d\x02\x32\x30\x89\x36\x9e\x5c'
b'\x73\x48')
shares1 = share_secret(5, 10, secret, 'my-id', Hash.SHA256)
shares2 = share_secret(5, 10, secret + h, 'my-id', Hash.NONE)
reconstructed_secret1 = reconstruct_secret(shares1)
reconstructed_secret2 = reconstruct_secret(shares2)
self.assertEqual(secret, reconstructed_secret1)
self.assertEqual(secret + h, reconstructed_secret2)
def dcrpt_shamir():
reconstructed_secret1 = tss.reconstruct_secret(shares[0:t])
print("Reconstructed by User and Provider:")
print(reconstructed_secret1)
reconstructed_secret2 = tss.reconstruct_secret(shares[0:t + 1])
print("\nReconstructed by All:")
print(reconstructed_secret2)
global reconstructShamir
reconstructShamir = True
def test_tss4(self):
secret = b'my big fat secret'
shares = share_secret(5, 10, secret, 'my-id')
share_mod = shares[0]
share_mod = (share_mod[:-4] +
tss.b(chr(~tss.byte_to_ord(share_mod[-4]) % 256)) +
share_mod[-3:])
shares[0] = share_mod
self.assertRaises(TSSError, lambda: reconstruct_secret(shares, True))
reconstructed_secret = reconstruct_secret(shares, False)
self.assertEqual(secret, reconstructed_secret)
self.assertRaises(TSSError,
lambda: reconstruct_secret(shares[:5], False))
def test_tss4(self):
secret = b'my big fat secret'
shares = share_secret(5, 10, secret, 'my-id')
share_mod = shares[0]
share_mod = (share_mod[:-4] +
tss.b(chr(~tss.byte_to_ord(share_mod[-4]) % 256)) +
share_mod[-3:])
shares[0] = share_mod
self.assertRaises(TSSError, lambda: reconstruct_secret(shares, True))
reconstructed_secret = reconstruct_secret(shares, False)
self.assertEqual(secret, reconstructed_secret)
self.assertRaises(TSSError,
lambda: reconstruct_secret(shares[:5], False))
def reconstruct_shares(feature_val, pwd):
ctr = -1
shares = list()
length = 16 - (len(pwd) % 16) # Key padding
pwd += chr(length) * length
flag = 1
with open('InstructionTable.txt', 'r') as ins: # Opening Instruction Table as read mode
for line in ins:
words = line.split(' ')
ctr = ctr + 1
if (int(feature_val[ctr]) < t): # if feature value is less than 't' choose left share
encrypted_share = words[0]
cipher_text0 = base64.b64decode(encrypted_share)
iv = cipher_text0[:AES.block_size]
decryption_suite = AES.new(pwd, AES.MODE_CFB, iv)
plain_text0 = decryption_suite.decrypt(cipher_text0[AES.block_size:])
shares.append(plain_text0)
else: # if feature value is not less than 't' choose right share
encrypted_share = words[1]
cipher_text0 = base64.b64decode(encrypted_share)
iv = cipher_text0[:AES.block_size]
decryption_suite = AES.new(pwd, AES.MODE_CFB, iv)
plain_text0 = decryption_suite.decrypt(cipher_text0[AES.block_size:])
shares.append(plain_text0)
try:
hdpwd = tss.reconstruct_secret(shares) # try to generate harden password using m shares.
hdpwd = hdpwd[0:32]
hdpwd = Decimal(hdpwd)
except Exception: # if m shares are not correct than it will not generate harden password and will through a error, which is covered in exception.
flag = 0
if flag == 1:
return hdpwd # if harden password is successfully created by m shares return harden password otherwise 0
else:
return 0
ins.close() # closing instruction table file
def test_tss3(self):
secret = b'\x74\x65\x73\x74\x00'
shares = [b'my-id\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
b'\x02\x00\x06\x01\xb9\xfa\x07\xe1\x85',
b'my-id\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
b'\x00\x02\x00\x06\x02\xf5\x40\x9b\x45\x11']
reconstructed_secret = reconstruct_secret(shares)
self.assertEqual(secret, reconstructed_secret)
def test_tss1(self):
# test\0
secret = b'\x74\x65\x73\x74\x00'
shares = share_secret(2, 2, secret, 'my-id', Hash.NONE)
print "%x %x %x %x %x" % (ord(shares[0][-5]), ord(shares[0][-4]), ord(shares[0][-3]), ord(shares[0][-2]), ord(shares[0][-1]))
print "%x %x %x %x %x" % (ord(shares[1][-5]), ord(shares[1][-4]), ord(shares[1][-3]), ord(shares[1][-2]), ord(shares[1][-1]))
reconstructed_secret = reconstruct_secret(shares)
self.assertEqual(secret, reconstructed_secret)
def test_tss3(self):
secret = b'\x74\x65\x73\x74\x00'
shares = [
b'my-id\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
b'\x02\x00\x06\x01\xb9\xfa\x07\xe1\x85',
b'my-id\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
b'\x00\x02\x00\x06\x02\xf5\x40\x9b\x45\x11'
]
reconstructed_secret = reconstruct_secret(shares)
self.assertEqual(secret, reconstructed_secret)
def test_tss1(self):
# test\0
secret = b'\x74\x65\x73\x74\x00'
shares = share_secret(2, 2, secret, 'my-id', Hash.NONE)
print "%x %x %x %x %x" % (ord(shares[0][-5]), ord(
shares[0][-4]), ord(shares[0][-3]), ord(
shares[0][-2]), ord(shares[0][-1]))
print "%x %x %x %x %x" % (ord(shares[1][-5]), ord(
shares[1][-4]), ord(shares[1][-3]), ord(
shares[1][-2]), ord(shares[1][-1]))
reconstructed_secret = reconstruct_secret(shares)
self.assertEqual(secret, reconstructed_secret)
def initial_hdpwd(pwd):
shares = list() # defining a empty list which can store decrypted shares
length = 16 - (len(pwd) % 16) # Key padding
pwd += chr(length) * length
pwd = pwd.encode()
with open('InstructionTable.txt', 'r') as ins:
for line in ins:
words = line.split(' ')
encrypted_share = words[0]
cipher_text0 = base64.b64decode(encrypted_share)
iv = cipher_text0[:AES.block_size]
decryption_suite = AES.new(pwd, AES.MODE_CFB, iv)
plain_text0 = decryption_suite.decrypt(cipher_text0[AES.block_size:])
shares.append(plain_text0)
first_hdpwd = (tss.reconstruct_secret(shares)) # reconstructing harden password from m shares
first_hdpwd = first_hdpwd[0:32] # only taking first 32 digit as AES use keys in multiples of 16
return Decimal(first_hdpwd) # returning harden password
ins.close()
def test_tss1(self):
# test\0
secret = b'\x74\x65\x73\x74\x00'
shares = share_secret(2, 2, secret, 'my-id', Hash.NONE)
reconstructed_secret = reconstruct_secret(shares)
self.assertEqual(secret, reconstructed_secret)
def test_tss1(self):
# test\0
secret = b'\x74\x65\x73\x74\x00'
shares = share_secret(2, 2, secret, 'my-id', Hash.NONE)
reconstructed_secret = reconstruct_secret(shares)
self.assertEqual(secret, reconstructed_secret)
def decrypt(keys):
for i in range(len(keys)):
keys[i] = deserialize_shamir(keys[i])
secret = tss.reconstruct_secret(keys)
return secret.decode()
words = line.split(' ')
words[0] = words[0].strip()
words[1] = words[1].strip()
#Decrypt fast column entry
word = words[0]
cipher_text0 = base64.b64decode(word)
iv = cipher_text0[:AES.block_size]
decryption_suite = AES.new(keys, AES.MODE_CFB, iv)
plain_text0 = decryption_suite.decrypt(cipher_text0[AES.block_size:])
#Decrypt slow column entry
word = words[1]
cipher_text0 = base64.b64decode(word)
iv = cipher_text0[:AES.block_size]
decryption_suite = AES.new(keys, AES.MODE_CFB, iv)
plain_text1 = decryption_suite.decrypt(cipher_text0[AES.block_size:])
DecryptedInstructionTable[counter][0] = plain_text0
DecryptedInstructionTable[counter][1] = plain_text1
counter = counter + 1
w = list()
for i in range(0,
m + 1): # Atleast m shares required to reconstruct the secret
w.append(DecryptedInstructionTable[i / 2][i % 2])
#Reconstruct the secret
secret = Decimal(tss.reconstruct_secret(w))
print(Decimal(secret))
