Comments (7)
Hey @nalo26,
you can find the latest release here : https://pypi.org/project/pyshamir/
Thanks & Regards,
@konidev20
from pyshamir.
@nalo26 Hi there! That's a good catch there. Thanks for raising the issue. We'll take a look at it as soon as we can and attempt on a fix for it.
from pyshamir.
Hey @nalo26,
The domain of the x_coordinates should be in the open interval [0, 256) and we need 256 unique x_coordinates
, logically because of pigeon hole principle, if we try to generate numbers less than 256 in 256 unique positions, then we will always have duplicate x_coordinates
.
We found that we need to generate a random shuffle of x_coordinates
rather than generating unique x_coordinates
. To achieve this, we have generated x_coordinates in the open interval [0,256) and always generate a random shuffle of this array using secrets.SystemRandom().shuffle(x_coordinates)
.
I ran the unit tests multiple times, similar to your script, and couldn't find a duplicate with the split. Please check the MR and comment if you're good with it.
Thanks,
@konidev20
from pyshamir.
Alright, that's a good fix ! Thanks @sidsbrmnn @konidev20, but i'm afraid there still is an issue :
File "pyshamir/shamir.py", line 85, in split
output[i][len(secret)] = int(x_coordinates[i]) + 1
ValueError: byte must be in range(0, 256)
Before the fix, the x_coordinates
where generated as follow : [secrets.randbelow(255) for _ in range(1, 256)]
This is generating a list of 255 values in the open interval [0, 255)
(or in the closed interval [0, 254]
)
With the fix, this is now generating a list of 256 values in the open interval [0, 256)
(or in the closed interval [0, 255]
)
I managed to fix this little issue by removing the +1
when generating the list in the generate_x_coordinates(n)
function.
This is fixing the issue by generating back 255 values in the open interval [0, 255)
, as before.
Thanks for having addressed the issue that fast ! After this little fix, is it possible for you to create a new release ? It would be more convenient for me to update with pip instead of editing the sources !
from pyshamir.
Hey @nalo26, thank you for your continued help to improve this package. I have raised another MR. Please share with us your script you're testing this package with.
from pyshamir.
@konidev20 Here's the code i'm using:
import pyshamir
import random
from Crypto.PublicKey import RSA
from tqdm import tqdm
PARTS = 3
THRESHOLD = 2
def main():
for _ in tqdm(range(1000)):
rsa_key = RSA.generate(2048)
base_pk = rsa_key.export_key("PEM")
# Splitting private key
shares = pyshamir.split(base_pk, PARTS, THRESHOLD)
shares_hex = [share.hex() for share in shares]
# Reforming private key
shares_bytes = [bytes.fromhex(share) for share in shares_hex]
shares_rdm = random.sample(shares_bytes, k=THRESHOLD)
reformed_pk = pyshamir.combine(shares_rdm)
assert base_pk == reformed_pk
if __name__ == "__main__":
main()
It's a simply version of my needs: Generating a RSA secret key, splitting it with the module, exporting the shares as hexadecimals numbers to be given, before reforming all of it back.
In case you're wondering, the tqdm
module and function is only used for tracking the progress of my bruteforce test.
Thanks again for the fixes!
from pyshamir.
Hey @nalo26,
we will do a release shortly by this weekend I reckon.
Thanks
@konidev20
from pyshamir.
Related Issues (3)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pyshamir.