//! Fast, small and secure [Shamir's Secret Sharing](https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing) library crate //! //! Usage example (std): //! ``` //! use sharks::{ Sharks, Share }; //! //! // Set a minimum threshold of 10 shares //! let sharks = Sharks(10); //! // Obtain an iterator over the shares for secret [1, 2, 3, 4] //! # #[cfg(feature = "std")] //! # { //! let dealer = sharks.dealer(&[1, 2, 3, 4]); //! // Get 10 shares //! let shares: Vec = dealer.take(10).collect(); //! // Recover the original secret! //! let secret = sharks.recover(shares.as_slice()).unwrap(); //! assert_eq!(secret, vec![1, 2, 3, 4]); //! # } //! ``` //! //! Usage example (no std): //! ``` //! use sharks::{ Sharks, Share }; //! use rand_chacha::rand_core::SeedableRng; //! //! // Set a minimum threshold of 10 shares //! let sharks = Sharks(10); //! // Obtain an iterator over the shares for secret [1, 2, 3, 4] //! let mut rng = rand_chacha::ChaCha8Rng::from_seed([0x90; 32]); //! let dealer = sharks.dealer_rng(&[1, 2, 3, 4], &mut rng); //! // Get 10 shares //! let shares: Vec = dealer.take(10).collect(); //! // Recover the original secret! //! let secret = sharks.recover(shares.as_slice()).unwrap(); //! assert_eq!(secret, vec![1, 2, 3, 4]); //! ``` #![no_std] mod field; mod math; mod share; extern crate alloc; use alloc::vec::Vec; use hashbrown::HashSet; use field::GF256; pub use share::Share; /// Tuple struct which implements methods to generate shares and recover secrets over a 256 bits Galois Field. /// Its only parameter is the minimum shares threshold. /// /// Usage example: /// ``` /// # use sharks::{ Sharks, Share }; /// // Set a minimum threshold of 10 shares /// let sharks = Sharks(10); /// // Obtain an iterator over the shares for secret [1, 2, 3, 4] /// # #[cfg(feature = "std")] /// # { /// let dealer = sharks.dealer(&[1, 2, 3, 4]); /// // Get 10 shares /// let shares: Vec = dealer.take(10).collect(); /// // Recover the original secret! /// let secret = sharks.recover(shares.as_slice()).unwrap(); /// assert_eq!(secret, vec![1, 2, 3, 4]); /// # } /// ``` pub struct Sharks(pub u8); impl Sharks { /// This method is useful when `std` is not available. For typical usage /// see the `dealer` method. /// /// Given a `secret` byte slice, returns an `Iterator` along new shares. /// The maximum number of shares that can be generated is 256. /// A random number generator has to be provided. /// /// Example: /// ``` /// # use sharks::{ Sharks, Share }; /// # use rand_chacha::rand_core::SeedableRng; /// # let sharks = Sharks(3); /// // Obtain an iterator over the shares for secret [1, 2] /// let mut rng = rand_chacha::ChaCha8Rng::from_seed([0x90; 32]); /// let dealer = sharks.dealer_rng(&[1, 2], &mut rng); /// // Get 3 shares /// let shares: Vec = dealer.take(3).collect(); pub fn dealer_rng( &self, secret: &[u8], rng: &mut R, ) -> impl Iterator { let mut polys = Vec::with_capacity(secret.len()); for chunk in secret { polys.push(math::random_polynomial(GF256(*chunk), self.0, rng)) } math::get_evaluator(polys) } /// Given a `secret` byte slice, returns an `Iterator` along new shares. /// The maximum number of shares that can be generated is 256. /// /// Example: /// ``` /// # use sharks::{ Sharks, Share }; /// # let sharks = Sharks(3); /// // Obtain an iterator over the shares for secret [1, 2] /// let dealer = sharks.dealer(&[1, 2]); /// // Get 3 shares /// let shares: Vec = dealer.take(3).collect(); #[cfg(feature = "std")] pub fn dealer(&self, secret: &[u8]) -> impl Iterator { let mut rng = rand::thread_rng(); self.dealer_rng(secret, &mut rng) } /// Given an iterable collection of shares, recovers the original secret. /// If the number of distinct shares is less than the minimum threshold an `Err` is returned, /// otherwise an `Ok` containing the secret. /// /// Example: /// ``` /// # use sharks::{ Sharks, Share }; /// # use rand_chacha::rand_core::SeedableRng; /// # let sharks = Sharks(3); /// # let mut rng = rand_chacha::ChaCha8Rng::from_seed([0x90; 32]); /// # let mut shares: Vec = sharks.dealer_rng(&[1], &mut rng).take(3).collect(); /// // Recover original secret from shares /// let mut secret = sharks.recover(&shares); /// // Secret correctly recovered /// assert!(secret.is_ok()); /// // Remove shares for demonstration purposes /// shares.clear(); /// secret = sharks.recover(&shares); /// // Not enough shares to recover secret /// assert!(secret.is_err()); pub fn recover<'a, T>(&self, shares: T) -> Result, &str> where T: IntoIterator, T::IntoIter: Iterator, { let (keys, shares) = shares .into_iter() .map(|s| { ( s.x.0, Share { x: s.x, y: s.y.clone(), }, ) }) .unzip::, Vec>(); if keys.len() < self.0 as usize { Err("Not enough shares to recover original secret") } else { Ok(math::interpolate(shares.as_slice())) } } } #[cfg(test)] mod tests { use super::{Share, Sharks}; use alloc::{vec, vec::Vec}; impl Sharks { #[cfg(not(feature = "std"))] fn make_shares(&self, secret: &[u8]) -> impl Iterator { use rand_chacha::{rand_core::SeedableRng, ChaCha8Rng}; let mut rng = ChaCha8Rng::from_seed([0x90; 32]); self.dealer_rng(secret, &mut rng) } #[cfg(feature = "std")] fn make_shares(&self, secret: &[u8]) -> impl Iterator { self.dealer(secret) } } #[test] fn test_insufficient_shares_err() { let sharks = Sharks(255); let shares: Vec = sharks.make_shares(&[1]).take(254).collect(); let secret = sharks.recover(&shares); assert!(secret.is_err()); } #[test] fn test_duplicate_shares_err() { let sharks = Sharks(255); let mut shares: Vec = sharks.make_shares(&[1]).take(255).collect(); shares[1] = Share { x: shares[0].x, y: shares[0].y.clone(), }; let secret = sharks.recover(&shares); assert!(secret.is_err()); } #[test] fn test_integration_works() { let sharks = Sharks(255); let shares: Vec = sharks.make_shares(&[1, 2, 3, 4]).take(255).collect(); let secret = sharks.recover(&shares).unwrap(); assert_eq!(secret, vec![1, 2, 3, 4]); } }