Shamira Changeset - 9c496886dde9

Changeset - 9c496886dde9

Parent rev.

Child rev.

[Not reviewed]

default

0 1 1

Laman - 7 years ago 2017-09-23 15:22:32

CLI, bugfixes

2 files changed with 67 insertions and 11 deletions:

src/cli.py

src/shamira.py

0 comments (0 inline, 0 general)

src/cli.py

➞

Show inline comments

@@ new file 100644 @@
 from argparse import ArgumentParser
 from shamira import generate, reconstruct
 def run():
 	parser=ArgumentParser()
 	subparsers=parser.add_subparsers()
 	buildSplitParser(subparsers.add_parser("split"))
 	buildJoinParser(subparsers.add_parser("join"))
 	parser.set_defaults(func=lambda: parser.error("missing command"))
 	args=parser.parse_args()
 	args.func(args)
 def buildSplitParser(parser):
 	parser.add_argument("-k",type=int,required=True,help="number of shares necessary for recovering the secret")
 	parser.add_argument("-n",type=int,required=True,help="number of generated shares")
 	encoding=parser.add_mutually_exclusive_group()
 	encoding.add_argument("--hex",action="store_true",help="encode shares' bytes as a hexadecimal string")
 	encoding.add_argument("--b32",action="store_true",help="encode shares' bytes as a base32 string")
 	encoding.add_argument("--b64",action="store_true",help="encode shares' bytes as a base64 string")
 	parser.add_argument("secret",help="secret to be parser")
 	parser.set_defaults(func=_generate)
 def buildJoinParser(parser):
 	encoding=parser.add_mutually_exclusive_group()
 	encoding.add_argument("--hex",action="store_true",help="decode shares' bytes from a hexadecimal string")
 	encoding.add_argument("--b32",action="store_true",help="decode shares' bytes from a base32 string")
 	encoding.add_argument("--b64",action="store_true",help="decode shares' bytes from a base64 string")
 	parser.add_argument("-r","--raw",action="store_true",help="return secret as raw bytes")
 	parser.add_argument("share",nargs="+",help="shares to be joined")
 	parser.set_defaults(func=_reconstruct)
 def _generate(args):
 	encoding=getEncoding(args) or "b32"
 	shares=generate(args.secret,args.k,args.n,encoding)
 	for s in shares:
 		print(s)
 def _reconstruct(args):
 	encoding=getEncoding(args)
 	print(reconstruct(*args.share,encoding=encoding,raw=args.raw))
 def getEncoding(args):
 	if args.hex: return "hex"
 	elif args.b32: return "b32"
 	elif args.b64: return "b64"
 	else: return ""

src/shamira.py

➞

Show inline comments

 import os
 import sys
 import re
 import base64
 import gf256
 def _shareByte(secretB,k,n):
 	assert n<255
 	coefs=[int(secretB)]+[int(b) for b in os.urandom(k-1)]
 	points=[gf256.evaluate(coefs,i) for i in range(1,n+1)]
 	return points
 def generateRaw(secret,k,n):
 	"""Splits secret into shares.
 	:param secret: (bytes)
 	:param k: number of shares necessary for secret recovery. 1 <= k <= n
 	:param n: (int) number of shares generated. 1 <= n < 255
 	:return: [(i, (bytes) share), ...]"""
 	shares=[_shareByte(b,k,n) for b in secret]
 	return [(i+1, bytes([s[i] for s in shares])) for i in range(n)]
 def reconstructRaw(*shares):
 	"""Tries to recover the secret from its shares.
 	:param shares: ((i, (bytes) share), ...)
 	:return: (bytes) reconstructed secret. Too few shares returns garbage."""
 	secretLen=len(shares[0][1])
 	res=[None]*secretLen
 	for i in range(secretLen):
 		bs=[(x,s[i]) for (x,s) in shares]
 		res[i]=(gf256.getConstantCoef(*bs))
 	return bytes(res)
 def generate(secret,k,n,encoding="b32"):
 	"""Wraps generateRaw().
 	:param secret: (str or bytes)
 	:param k: number of shares necessary for secret recovery
 	:param n: number of shares generated
 	:param encoding: {hex, b32, b64} desired output encoding. Hexadecimal, Base32 or Base64.
 	:return: [(str) share, ...]"""
 	if isinstance(secret,str):
 		secret=secret.encode("utf-8")
 	shares=generateRaw(secret,k,n)
 	return [encode(s,encoding) for s in shares]
 def reconstruct(*shares,encoding="",raw=False):
 	"""Wraps reconstructRaw.
 	:param shares: ((str) share, ...)
 	:param encoding: {hex, b32, b64, ""} encoding of share strings. If not provided or empty, the function tries to guess it.
 	:param raw: (bool) whether to return bytes (True) or str (False)
 	:return: (str or bytes) reconstructed secret. Too few shares returns garbage."""
 	if not encoding:
 		encoding=detectEncoding(shares)
 	bs=reconstructRaw(decode(s,encoding) for s in shares)
+	bs=reconstructRaw(*(decode(s,encoding) for s in shares))
 	return bs if raw else bs.decode(encoding="utf-8")
 def encode(share,encoding="b32"):
 	if encoding=="hex": f=base64.b16encode
 	elif encoding=="b32": f=base64.b32encode
 	else: f=base64.b64encode
 	return ["{0}.{1}".format(i,f(bs).decode("utf8")) for (i,bs) in share]
 	(i,bs)=share
 	return "{0}.{1}".format(i,f(bs).decode("utf-8"))
 def decode(share,encoding="b32"):
 	(i,_,shareStr)=share.partition(".")
 	if not shareStr:
 		raise ValueError("bad share format")
 	i=int(i)
 	if encoding=="hex": f=base64.b16decode
 	elif encoding=="b32": f=base64.b32decode
-	else: f=base64.b32decode
+	else: f=base64.b64decode
 	shareBytes=f(shareStr)
 	return (i,shareBytes)
 def detectEncoding(shares):
 	classes=[
-		(re.compile(r"\d+\.[0-9a-f]+=*"), "hex"),
+		(re.compile(r"\d+\.[0-9A-F]+=*"), "hex"),
 		(re.compile(r"\d+\.[A-Z2-7]+=*"), "b32"),
 		(re.compile(r"\d+\.[A-Za-z0-9+/]+=*"), "b64")
+	]
 	for (regexp, res) in classes:
 		if all(regexp.fullmatch(share) for share in shares):
 			return res
 	raise ValueError("no expected encoding detected")
 if __name__=="__main__":
 	secret=sys.argv[1].encode("utf8")
 	k=int(sys.argv[2])
 	n=int(sys.argv[3])
 	output=sys.argv[4] if len(sys.argv)>4 else "raw"
 	for share in generate(secret,k,n,output):
 		print(share)
 	import cli
 	cli.run()

0 comments (0 inline, 0 general)