On Wed, 18 Nov 2009 at 14:22:38 +0000, Daniel Silverstone wrote: > Indeed, the zero-share is not useful since in theory it'd be the data > unchanged.
Thankfully, due to an implementation quirk, the share 000 output is a copy of share 001, so the only differences are: * it's mislabelled and won't combine correctly * if you already had a share 001, you have one less share than you thought > The software should reject zero-share instances, and not create them. I attach a bzr bundle, also available from <https://code.launchpad.net/~smcv/libgfshare/deb556939>, which has passed 2500 consecutive 3-of-5 tests using the script attached previously. I'll patch this in Debian shortly. Thanks, S
# Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: s...@debian.org-20091118233654-w132cs2v7b6l2616 # target_branch: http://bzr.digital-scurf.org/trees/dsilvers\ # /libgfshare/devel/ # testament_sha1: 3c1dbfd53a2fb94a67045adafc50f56d5794dd8f # timestamp: 2009-11-18 23:42:16 +0000 # base_revision_id: dsilv...@digital-scurf.org-20070822194948-\ # 63piocp89ra6ld7b # # Begin patch === modified file 'README' --- README 2006-01-15 17:58:21 +0000 +++ README 2009-11-18 23:36:39 +0000 @@ -28,4 +28,29 @@ -- Daniel Silverstone. 2006-01-15 - +Recovering from previous versions of gfsplit producing foo.000 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +The quick version: if you have split a secret into shares and one +of them is numbered 000, recover the secret by re-labelling it to +001 (i.e. rename the file, if you're using gfcombine). + +Previous versions of libgfshare could incorrectly produce a share +numbered 000, and the gfsplit utility would produce such a share +sometimes (with the default settings, a 3-of-5 share, this will +happen about 2% of the time). In gfsplit this produces filenames +ending with ".000". + +Mathematically, the "share" numbered 0 would be the secret itself, +which is why it shouldn't be used. However, due to the way libgfshare +implements multiplication via exp/log tables, the output will +actually be a copy of the data that would appear in share number 001, +so the secret is not actually leaked. + +Recombining shares that include share number 000 doesn't work: it's +silently ignored. If share 000 is renamed to share 001, recombination +should work; the exception is if you already had a copy of share 001, +in which case you can only recover the secret by having one extra share +above the normal threshold. + + -- Simon McVittie. 2009-11-18 === modified file 'src/libgfshare.c' --- src/libgfshare.c 2006-02-26 14:01:53 +0000 +++ src/libgfshare.c 2009-11-18 23:35:57 +0000 @@ -27,6 +27,7 @@ #include "libgfshare.h" #include "libgfshare_tables.h" +#include <errno.h> #include <stdlib.h> #include <string.h> @@ -65,7 +66,20 @@ unsigned char threshold, unsigned int size ) { - gfshare_ctx *ctx = XMALLOC( sizeof(struct _gfshare_ctx) ); + gfshare_ctx *ctx; + unsigned int i; + + for (i = 0; i < sharecount; i++) { + if (sharenrs[i] == 0) { + /* can't have x[i] = 0 - that would just be a copy of the secret, in + * theory (in fact, due to the way we use exp/log for multiplication and + * treat log(0) as 0, it ends up as a copy of x[i] = 1) */ + errno = EINVAL; + return NULL; + } + } + + ctx = XMALLOC( sizeof(struct _gfshare_ctx) ); ctx->sharecount = sharecount; ctx->threshold = threshold; ctx->size = size; === modified file 'tools/gfcombine.c' --- tools/gfcombine.c 2006-02-26 14:01:53 +0000 +++ tools/gfcombine.c 2009-11-18 23:36:54 +0000 @@ -52,6 +52,12 @@ fprintf( stderr, "%s: %s: bad filename\nInput files should be called <name>.NNN\n", progname, fname ); } +static void +zero_filename( char* fname ) +{ + fprintf( stderr, "%s: %s: input files <name>.000 don't work, see README\n", progname, fname ); +} + static int check_filenames( char **filenames, int count ) { @@ -73,6 +79,12 @@ bad_filename(filenames[i]); return 1; } + if( filenames[i][nlen-3] == '0' && + filenames[i][nlen-2] == '0' && + filenames[i][nlen-1] == '0') { + zero_filename(filenames[i]); + return 1; + } } return 0; } === modified file 'tools/gfsplit.c' --- tools/gfsplit.c 2006-07-29 12:32:31 +0000 +++ tools/gfsplit.c 2009-11-18 23:35:36 +0000 @@ -92,6 +92,9 @@ } for( i = 0; i < sharecount; ++i ) { unsigned char proposed = (random() & 0xff00) >> 8; + if( proposed == 0 ) { + proposed = 1; + } SHARENR_TRY_AGAIN: for( j = 0; j < i; ++j ) { if( sharenrs[j] == proposed ) { # Begin bundle IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWUIMPPcABwxfgFwQW////35n 30+////6YA1hxnztWzs6BQCqBjjrdo0u7pa3VVYhBa0gHCSQUxpMQZBMRPCo8npppTyh6m0ENPSG TQ9Q2UEohMmmmhpqnpGoZMhkyAGmhoaAAAaAcZGmTE0GTJhNMgZDQGgNMmhgBNAYSIhEyTTRk1Ma GQk/VMhtTaT0RoaAGmnqaHqAcZGmTE0GTJhNMgZDQGgNMmhgBNAYSRAIAhoI1J+gmSnqNDQeKPSN AAAAREHmc2PVgcubMaeTYBY1Ej5e09xrOb3w+g+DK/tKn+cd1SxQ3M8b5+EfQWkb82OF1rIM3PY4 jnxaeWGllM13w/h4kuQtI9vjZQp+FzTaKQxPjjavpkalOECVC01zxnctOXkuQgpYQMAo/Gfb6TrW Pxt2tuw0XrHN5Pr3hGVJ8gsDQ22Ng3JopGHFSboHDr3oOvwwDOFbjYWuwra/pyS+e7XNHPVM9ERi yGVLRsZfscE1z8LD3S9G7jlS+HgWgVr+6umTbkgy0jbzwYU/uLO++vR4bZoZnEFI8k+Sd+2wXnFG JwKXGvgxGWhN5a9kEkMQzvhOP5mvPgDW9ZWap3vzkx3ENyxWb9BmmEGPVkV002LbqRhFxooX4+4N XYB3HTBNL8jVuznWoSziUujc+PGc4ap3z61vAoc2RO6C1LnlIbORPx+ddN0tLM0MAMSrlrquy0Wt G4sfMDhtFl7qvPKnDHlJ5Npi9XrDVAy9MR5QmdF7CD10YTXbRYRoKpuhjw9IW2ivh3aJZ2foyAfg 7hW6V/hXdQ7oSJqKJQERZIt6+OyPcMUplvzVpZMz1LfByoNXSrO5rv5ldxxGd5eXh840t47jDMh1 ZjRq3jQ40f16qtFI+nEpwER5eSVTzOawYEEviMxrcW6KBrQbSDzuQThaGL0hHgK4O4W/NvdQRKHk HcfZNPgrz4577IY7XBy05BY0IOV/X38wdVl3H1En1Oc5zoiI6ubo1PHScxCSysUNKU1dcifIu6ss fYogD4uMzMafU6kpMIIsIDqcyOLJgXXwMayWpMfDzLEeR2+WPAskpzhBQ2xU1FIDEuKaRMgVEFFH ajMvMhxJztwIBekjiuFQIoG8gRjeIOo6MmTNGDsmLoy2OAcJ8D2gSqaBlqZIAxBa3UQBULA63Tpx xD9MVe189I8rbB3kj4imXLSUx+fImCxVEdg3BI3IJG59HY1JEWWvduF7wxlAO4G5X2QBI9vdyUQO BcFY2PqQcl0n3aUZd+VOm8Q2O6DPBZrMQQZAHder0EalSKoaUJLkUolOKAJXRs9JtQbdAIdXvKnQ UqmUxukVfqtB6CZT14lDSBN481ORKjMcSsLnBM7QlKpYKDhmZ5wI0MyBMzFJ8DUGNqiYUhBvYAgd dzqwglunmgjkMgys4uZpSMi7SBpXhhmgpXLZTNcIkzRXDWCMpY3zGYUKMJTppBTy4F2GxGRCxkaX Gt4SMd0Yz4qLJmTGBet5ZYY1HkhpyLAzBIC401aJoZ+aCN2ikXau9qnOMi+V4mZbXDWGgXILi+Gw 4qbDfZRA88mv0ZBLAi2YUCXEW3DAhiVzmcCKvYbjIgGN8iRunLAgpF2586K5oqJUQzyvEs+DzJyZ hFxHKIpIKUT43sVRJH8QNmtZmVLFzmsjNtHvjiTI0xGVCmYKBHKZxIVgTLx2MW1FRcKaSxEOb6ra +JfogynFJjWRLxtC0lVziSYZbFhlUKgj0EvrS4l/RLy1QNzDljTAqtcjh04fBB95BTbPVpq0JYqR hHPig53ZzmrIAotS8jy0hsPXfcEc5mGBxJoyWmtdBrEY+SoLULuYTe1+fHW+Wk/agjEy20KIKFzQ wEbR0hddOaAKXUgTko7ynAitFUnAk21SytisJyy2jvDBgYlk9zc5ljIykTKrcg/34P+DPwj6XW44 g4GMAc4hyDIUJA4TzIODByBgJA4JguB0AuohXoV8gw6/Pee2HujDRv6zygNHrBtoyVDiCB7SIhtv U222wqjaHq62rdwbhINYuYX8+62cG0wGxOnf7Rdtke8Vz35uhu8bPP4s7/PmK8rwv6jKqMbcbcX+ H0vEAhNeh4m9EdhlR4K3cc/VrejqV+9oW38ip72W4HKt6FXtgBxOidKpu9lFiHEvBw6+xdlxGt5U C4MEJPyxyxH0Fi7HjVYUDIH+46117uYWniwSx9dwfAzM6Cp4TaWWsNEEyGlEl74Cu9RYsOpARCMB kIJBEG9w7HLvch7IS1AhqC/LJZkBrodqkMrWozVoPgvWtBmPX1IwKdjtZoB3GPjByMQ9gqlfZP5n lM6HGZSVx480tLDDNyZkKRLAMaEh4kEEEakDEglQMeOxAW+xVYWB0G4nHXz5ZsMajlDjPY5j7FC7 iX83pRzzrfL6OyNDguSYMsy8zgbjfoNIwPFGbj+jUNcvYWlkLUG0hWCIRN6DlosUN1CaCbKCOqYD OLGMU0z5LP8HuFtEgw37xX7ght0G4ga4Sh4VDktrB29hxwQVBYLqSIhQF079+Z2NPYdiPIzPFCDr avo59AdvUCgteE3YL38Bbw8AJByN7rVz3bCA15A2azlGyukyEZFsmOAGUVmjcSxQLZcrJshZUINt cWSbAkpJoYbLLFFFBwZG8NT72+owbR0T2EB+nJt2DTSlMza5T0uwoNevFvC5D52R1GYZw2WwXIWG p1O6c/J/S4+NEIKkTmpr8bA2oDzek4024/xhFqaDaGINGptTwtDCc1FYX6KNUs4dF0nPBqYej4BE DaGOnSGFaWWBhmR03c8EGclcCeALxt33gTDnLxCBEMniS/b/SckGgYGON6jGhvg3sNAYBIZNorQ4 miBQMgRXhOJYPrYQ6h6uUjg1heJ3nY0PLS9YTO4r4lrP7/l92EPMI9LFcHjpSJGRMw994oocHSia VgFhOMXAaQy7QYdI/t95AeVgaQazIRATyNDfyxypCLUBNm9rT4EiFT3KEWfgFQxTqtQzC7UHY7aA Y6ZkEFgomB9bEYtHjEyqrE3CU6m+cKof5Jc/Mgy5BINyRMDBvFDktDJcGcEwTo3oGHhvgz4RLinq BEOuo6AoKQX+oscdYHxtz7fi8+1CelDVdTlz5MNlF18ySdg3BqCwOpSFYkFYQXrWxyAZ5bbbYZ/G LxFPMH5otgh7EHTkQU5G/wcHO/khdkFxBKwB7xYAEQgAeNti8Duqn9ELKoTWaig6xkHr7m6hUMmA rox1C2ARRYueYZErAxmRFigjqdXbR05IwsthELBClBeJBiizSqnDDOEBVhxhAQigUAmQzDh5IQ7o m0HYS3ExD/7ppQMblAShAw4EDQfAUXRlDpkWLvCEwaFEO6RtFoCEHKDO5B5FTOWwLX1NEkhgTApb YJmQpCOjEAWO3JkGrF0NcTyQWLKAG+AK9sN3NTr3+eJEuwQZsjHuQyIgyAxOwM5u3FkqgQIIVN32 0hHtTyQTWe+oJyWfwCoUY1HxDtm0Aj/3n+Y4BJU8QYGBQAyMQ+ShRlUwOQFq1OpOPBgLw+D8eO3H 8SC8DvQUeaDB2cbljWxX+lWQuQHQ9KDRkEHewxYjZhKlrKrwoeoALToAxmXzyBsCcDOKSQing070 KBUQKIzNcpdAqXJoORpR6kF0IU6Hwts5quHcaRzCPsieeZM9JyOIv+Fkohf0D1FALstgNSD05Ppg vabGPiCmpibA8zgE+1rLyR4o1C3tQHCwGYhdvlmNjaG7G92GYcAyBwDIHAMOM/0hjgWzSpEK/Wgc JzqhaO/CnLXaPHvvJUhtOSaEulnU2iUYmQoTTTFBdRBZA8Jg7h7gIY0JCmiY0iYbBQDAJ0IJImmB gxYJo5hlAlfmBOIdzXl+aqgdjgZoUAV+coRbHNwTIMrDDIfMJIMjmlVoYlYB5f2+1ZB0Dd4GaFpJ rGOgsyRJMdzbEH+YpiQXwbQLwUE8x9ROEomowA6CFkE+woIHZdUwdWQZK5AzjWQHqcZJg3Yw9Gyy AeLQtUgqgw7goXBZtCT3+RAagYBKAPF8if8XckU4UJBCDDz3
signature.asc
Description: Digital signature
