libgfshare

Merge lp:~smcv/libgfshare/deb556939 into lp:~dsilvers/libgfshare/devel

  1. deb556939
  2. Merge into devel
Proposed by Simon McVittie
Status: Merged
Merged at revision: not available
Proposed branch: lp:~smcv/libgfshare/deb556939
Merge into: lp:~dsilvers/libgfshare/devel
Diff against target: 112 lines (+56/-2)
4 files modified
README (+26/-1)
src/libgfshare.c (+15/-1)
tools/gfcombine.c (+12/-0)
tools/gfsplit.c (+3/-0)
To merge this branch: bzr merge lp:~smcv/libgfshare/deb556939
To post a comment you must log in.
Revision history for this message
Simon McVittie (smcv) wrote :

See LP#497996.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'README'
2--- README 2006-01-15 17:58:21 +0000
3+++ README 2009-12-17 22:43:20 +0000
4@@ -28,4 +28,29 @@
5
6 -- Daniel Silverstone. 2006-01-15
7
8-
9+Recovering from previous versions of gfsplit producing foo.000
10+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
11+
12+The quick version: if you have split a secret into shares and one
13+of them is numbered 000, recover the secret by re-labelling it to
14+001 (i.e. rename the file, if you're using gfcombine).
15+
16+Previous versions of libgfshare could incorrectly produce a share
17+numbered 000, and the gfsplit utility would produce such a share
18+sometimes (with the default settings, a 3-of-5 share, this will
19+happen about 2% of the time). In gfsplit this produces filenames
20+ending with ".000".
21+
22+Mathematically, the "share" numbered 0 would be the secret itself,
23+which is why it shouldn't be used. However, due to the way libgfshare
24+implements multiplication via exp/log tables, the output will
25+actually be a copy of the data that would appear in share number 001,
26+so the secret is not actually leaked.
27+
28+Recombining shares that include share number 000 doesn't work: it's
29+silently ignored. If share 000 is renamed to share 001, recombination
30+should work; the exception is if you already had a copy of share 001,
31+in which case you can only recover the secret by having one extra share
32+above the normal threshold.
33+
34+ -- Simon McVittie. 2009-11-18
35
36=== modified file 'src/libgfshare.c'
37--- src/libgfshare.c 2006-02-26 14:01:53 +0000
38+++ src/libgfshare.c 2009-12-17 22:43:20 +0000
39@@ -27,6 +27,7 @@
40 #include "libgfshare.h"
41 #include "libgfshare_tables.h"
42
43+#include <errno.h>
44 #include <stdlib.h>
45 #include <string.h>
46
47@@ -65,7 +66,20 @@
48 unsigned char threshold,
49 unsigned int size )
50 {
51- gfshare_ctx *ctx = XMALLOC( sizeof(struct _gfshare_ctx) );
52+ gfshare_ctx *ctx;
53+ unsigned int i;
54+
55+ for (i = 0; i < sharecount; i++) {
56+ if (sharenrs[i] == 0) {
57+ /* can't have x[i] = 0 - that would just be a copy of the secret, in
58+ * theory (in fact, due to the way we use exp/log for multiplication and
59+ * treat log(0) as 0, it ends up as a copy of x[i] = 1) */
60+ errno = EINVAL;
61+ return NULL;
62+ }
63+ }
64+
65+ ctx = XMALLOC( sizeof(struct _gfshare_ctx) );
66 ctx->sharecount = sharecount;
67 ctx->threshold = threshold;
68 ctx->size = size;
69
70=== modified file 'tools/gfcombine.c'
71--- tools/gfcombine.c 2006-02-26 14:01:53 +0000
72+++ tools/gfcombine.c 2009-12-17 22:43:20 +0000
73@@ -52,6 +52,12 @@
74 fprintf( stderr, "%s: %s: bad filename\nInput files should be called <name>.NNN\n", progname, fname );
75 }
76
77+static void
78+zero_filename( char* fname )
79+{
80+ fprintf( stderr, "%s: %s: input files <name>.000 don't work, see README\n", progname, fname );
81+}
82+
83 static int
84 check_filenames( char **filenames, int count )
85 {
86@@ -73,6 +79,12 @@
87 bad_filename(filenames[i]);
88 return 1;
89 }
90+ if( filenames[i][nlen-3] == '0' &&
91+ filenames[i][nlen-2] == '0' &&
92+ filenames[i][nlen-1] == '0') {
93+ zero_filename(filenames[i]);
94+ return 1;
95+ }
96 }
97 return 0;
98 }
99
100=== modified file 'tools/gfsplit.c'
101--- tools/gfsplit.c 2006-07-29 12:32:31 +0000
102+++ tools/gfsplit.c 2009-12-17 22:43:20 +0000
103@@ -92,6 +92,9 @@
104 }
105 for( i = 0; i < sharecount; ++i ) {
106 unsigned char proposed = (random() & 0xff00) >> 8;
107+ if( proposed == 0 ) {
108+ proposed = 1;
109+ }
110 SHARENR_TRY_AGAIN:
111 for( j = 0; j < i; ++j ) {
112 if( sharenrs[j] == proposed ) {

Subscribers

People subscribed via source and target branches

to all changes: