diff --git a/src/cli.py b/src/cli.py --- a/src/cli.py +++ b/src/cli.py @@ -25,7 +25,7 @@ def buildSplitParser(parser): encoding.add_argument("--b32",action="store_true",help="encode shares' bytes as a base32 string") encoding.add_argument("--b64",action="store_true",help="encode shares' bytes as a base64 string") - parser.add_argument("secret",help="secret to be parser") + parser.add_argument("secret",help="secret to be parsed") parser.set_defaults(func=_generate) diff --git a/src/gf256.py b/src/gf256.py --- a/src/gf256.py +++ b/src/gf256.py @@ -26,6 +26,7 @@ inv=[E[255-L[i]] if i!=0 else None for i def gfmul(a, b): """Fast multiplication. Basic multiplication is expensive. a*b==g**(log(a)+log(b))""" + assert 0<=a<=255, 0<=b<=255 if a==0 or b==0: return 0 t=L[a]+L[b] if t>255: t-=255 diff --git a/src/shamira.py b/src/shamira.py --- a/src/shamira.py +++ b/src/shamira.py @@ -1,12 +1,13 @@ import os import re import base64 +import binascii import gf256 def _shareByte(secretB,k,n): - assert n<255 + assert k<=n<255 coefs=[int(secretB)]+[int(b) for b in os.urandom(k-1)] points=[gf256.evaluate(coefs,i) for i in range(1,n+1)] return points @@ -31,8 +32,8 @@ def reconstructRaw(*shares): secretLen=len(shares[0][1]) res=[None]*secretLen for i in range(secretLen): - bs=[(x,s[i]) for (x,s) in shares] - res[i]=(gf256.getConstantCoef(*bs)) + points=[(x,s[i]) for (x,s) in shares] + res[i]=(gf256.getConstantCoef(*points)) return bytes(res) @@ -73,22 +74,25 @@ def encode(share,encoding="b32"): def decode(share,encoding="b32"): - (i,_,shareStr)=share.partition(".") - if not shareStr: - raise ValueError("bad share format") - i=int(i) - if encoding=="hex": f=base64.b16decode - elif encoding=="b32": f=base64.b32decode - else: f=base64.b64decode - shareBytes=f(shareStr) - return (i,shareBytes) + try: + (i,_,shareStr)=share.partition(".") + i=int(i) + if not 1<=i<=255: + raise ValueError() + if encoding=="hex": f=base64.b16decode + elif encoding=="b32": f=base64.b32decode + else: f=base64.b64decode + shareBytes=f(shareStr) + return (i,shareBytes) + except (ValueError,binascii.Error): + raise ValueError('bad share format: share="{0}", encoding="{1}"'.format(share,encoding)) def detectEncoding(shares): classes=[ - (re.compile(r"\d+\.[0-9A-F]+=*"), "hex"), - (re.compile(r"\d+\.[A-Z2-7]+=*"), "b32"), - (re.compile(r"\d+\.[A-Za-z0-9+/]+=*"), "b64") + (re.compile(r"\d+\.([0-9A-F]{2})+"), "hex"), + (re.compile(r"\d+\.([A-Z2-7]{8})*([A-Z2-7]{8}|[A-Z2-7]{2}={6}|[A-Z2-7]{4}={4}|[A-Z2-7]{5}={3}|[A-Z2-7]{7}={1})"), "b32"), + (re.compile(r"\d+\.([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{4}|[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}={1})"), "b64") ] for (regexp, res) in classes: if all(regexp.fullmatch(share) for share in shares): diff --git a/src/tests/test_shamira.py b/src/tests/test_shamira.py new file mode 100644 --- /dev/null +++ b/src/tests/test_shamira.py @@ -0,0 +1,103 @@ +import os +import random +import unittest +from unittest import TestCase + +from shamira import _shareByte +from shamira import * + + +class TestShamira(TestCase): + _urandom=os.urandom + + @classmethod + def setUpClass(cls): + random.seed(17) + os.urandom=lambda n: bytes(random.randint(0,255) for i in range(n)) + + @classmethod + def tearDownClass(cls): + os.urandom=cls._urandom + + def test_shareByte(self): + with self.assertRaises(AssertionError): # too few shares + _shareByte(b"a",5,4) + with self.assertRaises(AssertionError): # too many shares + _shareByte(b"a",5,255) + with self.assertRaises(ValueError): # not castable to int + _shareByte("x",2,3) + + vals=_shareByte(ord(b"a"),2,3) + points=list(zip(range(1,256), vals)) + self.assertEqual(gf256.getConstantCoef(*points), ord(b"a")) + self.assertEqual(gf256.getConstantCoef(*points[:2]), ord(b"a")) + self.assertNotEqual(gf256.getConstantCoef(*points[:1]), ord(b"a")) # underdetermined => random + + def testGenerateReconstructRaw(self): + for (k,n) in [(2,3), (254,254)]: + shares=generateRaw(b"abcd",k,n) + random.shuffle(shares) + self.assertEqual(reconstructRaw(*shares[:k]), b"abcd") + self.assertNotEqual(reconstructRaw(*shares[:k-1]), b"abcd") + + def testGenerateReconstruct(self): + for encoding in ["hex","b32","b64"]: + for secret in [b"abcd","abcde","ěščřžý"]: + for (k,n) in [(2,3), (254,254)]: + raw=isinstance(secret,bytes) + with self.subTest(enc=encoding,r=raw,sec=secret,k=k,n=n): + shares=generate(secret,k,n,encoding) + random.shuffle(shares) + self.assertEqual(reconstruct(*shares[:k],encoding=encoding,raw=raw), secret) + self.assertEqual(reconstruct(*shares[:k],raw=raw), secret) + s=secret if raw else secret.encode("utf-8") + self.assertNotEqual(reconstruct(*shares[:k-1],encoding=encoding,raw=True), s) + shares=generate(b"\xfeaa",2,3) + with self.assertRaises(UnicodeDecodeError): + reconstruct(*shares) + + def testEncode(self): + share=(2,b"\x00\x01\x02") + for (encoding,encodedStr) in [("hex",'000102'),("b32",'AAAQE==='),("b64",'AAEC')]: + with self.subTest(enc=encoding): + self.assertEqual(encode(share,encoding), "2."+encodedStr) + + def testDecode(self): + with self.assertRaises(ValueError): + decode("AAA") + decode("1.") + decode(".AAA") + decode("1AAA") + decode("1.0001020f","hex") + decode("1.000102030","hex") + decode("1.AAAQEAY") + decode("1.AAAQEAy=") + decode("1.AAECAw=","b64") + decode("1.AAECA?==","b64") + decode("256.00010203","hex") + self.assertEqual(decode("1.00010203","hex"), (1,b"\x00\x01\x02\x03")) + self.assertEqual(decode("2.AAAQEAY=","b32"), (2,b"\x00\x01\x02\x03")) + self.assertEqual(decode("3.AAECAw==","b64"), (3,b"\x00\x01\x02\x03")) + + + def testDetectEncoding(self): + for shares in [ + ["1.00010f"], # bad case + ["1.000102030"], # bad char count + ["1.AAAQEAY"], # no padding + ["1.AAAQe==="], # bad case + ["1.AAECA?=="], # bad char + ["1.AAECAw="], # bad padding + ["1.000102","2.AAAQEAY="], # mixed encoding + ["1.000102","2.AAECAw=="], + ["1.AAECAw==","2.AAAQE==="], + [".00010203"], # no index + ["00010203"] # no index + ]: + with self.subTest(shares=shares): + with self.assertRaises(ValueError): + detectEncoding(shares) + self.assertEqual(detectEncoding(["10.00010203"]), "hex") + self.assertEqual(detectEncoding(["2.AAAQEAY="]), "b32") + self.assertEqual(detectEncoding(["3.AAECAw=="]), "b64") + self.assertEqual(detectEncoding(["3.AAECAwQF","1.00010203"]), "b64")