X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/6c1035f55a83af8083af17432f2b4eb5afdb39dd..ab9168949ec2762698d6293adf17b637f30b891e:/gfshare.h diff --git a/gfshare.h b/gfshare.h index b0aca05..9826758 100644 --- a/gfshare.h +++ b/gfshare.h @@ -1,13 +1,13 @@ /* -*-c-*- * - * $Id: gfshare.h,v 1.1 2000/06/17 10:56:30 mdw Exp $ + * $Id$ * - * Secret sharing over %$\gf(2^8)$% + * Secret sharing over %$\gf{2^8}$% * * (c) 2000 Straylight/Edgeware */ -/*----- Licensing notice --------------------------------------------------* +/*----- Licensing notice --------------------------------------------------* * * This file is part of Catacomb. * @@ -15,24 +15,33 @@ * it under the terms of the GNU Library General Public License as * published by the Free Software Foundation; either version 2 of the * License, or (at your option) any later version. - * + * * Catacomb is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. - * + * * You should have received a copy of the GNU Library General Public * License along with Catacomb; if not, write to the Free * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* +/*----- Notes on the system -----------------------------------------------* + * + * This uses a variant of Shamir's secret sharing system. Shamir's original + * system used polynomials modulo a large prime. This implementation instead + * uses the field %$\gf{2^8}$%, represented by * - * $Log: gfshare.h,v $ - * Revision 1.1 2000/06/17 10:56:30 mdw - * Fast but nonstandard secret sharing system. + * %$\gf{2}[x]/(x^8 + x^4 + x^3 + x^2 + 1)$% * + * and shares each byte of the secret independently. It is therefore limited + * to 255 players, although this probably isn't a serious limitation in + * practice. + * + * Share creation and reconstruction is extremely efficient. Contrast the + * performance of the straightforward implementation based on multiprecision + * arithmetic. */ #ifndef CATACOMB_GFSHARE_H @@ -54,28 +63,23 @@ /* --- A secret sharing context --- */ -typedef struct gfshare_pt { - octet x; /* %$x$%-coordinate of the share */ - octet *y; /* Pointer to share payload */ -} gfshare_pt; - typedef struct gfshare { unsigned t; /* Threshold */ - unsigned n; /* The number of shares to make */ unsigned i; /* Next free slot in vector */ size_t sz; /* Size of the secret and shares */ - octet *s; /* The secret */ - gfshare_pt *v; /* Vector of share information */ + octet *v; /* Vector of share information */ } gfshare; -#define GFSHARE_INIT(t, n, sz) { t, n, 0, sz, 0, 0 } +#define GFSHARE_INIT(t, sz) { t, 0, sz, 0 } + +#define GFSHARE_INDEX(s, i) ((s)->v[(i) * ((s)->sz + 1)]) /*----- Functions provided ------------------------------------------------*/ /* --- @gfshare_create@ --- * * * Arguments: @gfshare *s@ = pointer to share context to initialize - * @unsigned t, n@ = threshold parameters for the system + * @unsigned t@ = threshold for the system * @size_t sz@ = size of the secret * * Returns: --- @@ -83,8 +87,7 @@ typedef struct gfshare { * Use: Initializes a sharing context. */ -extern void gfshare_create(gfshare */*s*/, unsigned /*t*/, unsigned /*n*/, - size_t /*sz*/); +extern void gfshare_create(gfshare */*s*/, unsigned /*t*/, size_t /*sz*/); /* --- @gfshare_destroy@ --- * * @@ -103,26 +106,51 @@ extern void gfshare_destroy(gfshare */*s*/); * * Arguments: @gfshare *s@ = pointer to share context to fill in * @grand *r@ = pointer to random number source + * @const void *buf@ = pointer to the secret to share * * Returns: --- * - * Use: Generates @c->n@ secret shares, such that any @c->t@ of them - * may be used to recover the secret. - * + * Use: Initializes a sharing context to be able to create shares. * The context structure is expected to be mostly filled in. In - * particular, @t@, @n@, @ssz@ and @s@ must be initialized. If - * @v@ is zero, a vector of appropriate size is allocated. You - * should use the macro @GFSHARE_INIT@ or @gfshare_create@ to - * construct sharing contexts. + * particular, @t@ must be initialized. If @v@ is zero, a + * vector of appropriate size is allocated. You should use the + * macro @GFSHARE_INIT@ or @gfshare_create@ to construct sharing + * contexts. + */ + +extern void gfshare_mkshares(gfshare */*s*/, grand */*r*/, + const void */*buf*/); + +/* --- @gfshare_get@ --- * + * + * Arguments: @gfshare *s@ = pointer to share conext + * @unsigned x@ = share index to fetch + * @void *buf@ = pointer to output buffer + * + * Returns: --- + * + * Use: Extracts a share from the system. You may extract up to 255 + * shares from the system. Shares are indexed from 0. + */ + +extern void gfshare_get(gfshare */*s*/, unsigned /*x*/, void */*buf*/); + +/* --- @gfshare_addedp@ --- * + * + * Arguments: @gfshare *s@ = pointer to sharing context + * @unsigned x@ = which share number to check + * + * Returns: Nonzero if share @x@ has been added already, zero if it + * hasn't. */ -extern void gfshare_mkshares(gfshare */*s*/, grand */*r*/); +extern int gfshare_addedp(gfshare */*s*/, unsigned /*x*/); /* --- @gfshare_add@ --- * * * Arguments: @gfshare *s@ = pointer to sharing context * @unsigned x@ = which share number this is - * @const octet *y@ = the share value + * @const void *y@ = the share value * * Returns: Number of shares required before recovery may be performed. * @@ -131,19 +159,19 @@ extern void gfshare_mkshares(gfshare */*s*/, grand */*r*/); */ extern unsigned gfshare_add(gfshare */*s*/, - unsigned /*x*/, const octet */*y*/); + unsigned /*x*/, const void */*y*/); /* --- @gfshare_combine@ --- * * * Arguments: @gfshare *s@ = pointer to share context - * @octet *buf@ = pointer to output buffer for the secret + * @void *buf@ = pointer to output buffer for the secret * * Returns: --- * * Use: Reconstructs a secret, given enough shares. */ -extern void gfshare_combine(gfshare */*s*/, octet */*buf*/); +extern void gfshare_combine(gfshare */*s*/, void */*buf*/); /*----- That's all, folks -------------------------------------------------*/