Package org.magmacollective.darkcrystal.secretsharingwrapper

Class SecretSharingWrapper

java.lang.Object

org.magmacollective.darkcrystal.secretsharingwrapper.SecretSharingWrapper

public class SecretSharingWrapper
extends java.lang.Object

Wrapper around 'sss' secrets library, providing extra features Dark Crystal Distributed Key Backup

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SecretSharingWrapper.SecretWithLabel	Class for packing a secret together with a descriptive label

Field Summary

Fields

Modifier and Type	Field	Description
static int	KEYSHARE_LEN
static int	MAC_LEN
static int	MAX_SHARES
static int	NONCE_LEN
static int	SIGNATURE_LEN

Method Summary

Modifier and Type	Method	Description
static byte[]	combine(java.util.List<byte[]> shares)	Attempt to recover the secret by combining shares created with the share method
static SecretSharingWrapper.SecretWithLabel	decodeSecretWithLabel(byte[] packedSecret)	Decode a packed secret
static boolean	isShare(byte[] share)	Validate whether a given byte array could be a shard by checking its length
static boolean	isSignedShare(byte[] signedShare)	Validate whether a given byte array could be a signed share by checking its length
static java.util.List<byte[]>	partialShuffleList(java.util.List<byte[]> list, int elementsToTake)	Partially shuffle a list of byte arrays, randomly selecting the given number of entries This is used to randomise the index value of the shares
static java.util.List<byte[]>	share(byte[] secret, int n, int k)	Create shares for a secret of any length
static java.util.List<byte[]>	shareAndSign(byte[] secret, int n, int k, java.security.PrivateKey privateKey)	A convenience method to create shares and sign them with a given secret key
static byte[]	verifyAndCombine(java.util.List<byte[]> signedShares, java.security.PublicKey publicKey)	Convenience method to verify a list of shares containing signates and combine them if successful.
static byte[]	zeroPad(byte[] input, int padLength)	Pad the secret with zeros to the given length.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

KEYSHARE_LEN

public static final int KEYSHARE_LEN

See Also:

Constant Field Values

MAX_SHARES

public static final int MAX_SHARES

See Also:

Constant Field Values

SIGNATURE_LEN

public static final int SIGNATURE_LEN

See Also:

Constant Field Values

MAC_LEN

public static final int MAC_LEN

See Also:

Constant Field Values

NONCE_LEN

public static final int NONCE_LEN

See Also:

Constant Field Values

Method Detail

decodeSecretWithLabel

public static SecretSharingWrapper.SecretWithLabel decodeSecretWithLabel(byte[] packedSecret)
                                                                  throws com.google.protobuf.InvalidProtocolBufferException

Decode a packed secret

Parameters:

packedSecret - A secret message previously encoded with `secretWithLabel.encode()`

Returns:

a secret object

Throws:

com.google.protobuf.InvalidProtocolBufferException - If there was a problem decoding

partialShuffleList

public static java.util.List<byte[]> partialShuffleList(java.util.List<byte[]> list,
                                                        int elementsToTake)

Partially shuffle a list of byte arrays, randomly selecting the given number of entries This is used to randomise the index value of the shares

Parameters:

list - to be shuffled

elementsToTake - the number of entries to randomly select

Returns:

a random subset of the given list

share

public static java.util.List<byte[]> share(byte[] secret,
                                           int n,
                                           int k)

Create shares for a secret of any length

Parameters:

secret -

n - the number of shares to create

k - the threshold

Returns:

a list of shares

combine

public static byte[] combine(java.util.List<byte[]> shares)
                      throws java.security.GeneralSecurityException

Attempt to recover the secret by combining shares created with the share method

Parameters:

shares - a list of shares

Returns:

the secret, if successful

Throws:

java.security.GeneralSecurityException

shareAndSign

public static java.util.List<byte[]> shareAndSign(byte[] secret,
                                                  int n,
                                                  int k,
                                                  java.security.PrivateKey privateKey)
                                           throws java.lang.Exception

A convenience method to create shares and sign them with a given secret key

Parameters:

secret -

n - the number of shares

k - the threshold

privateKey - an EdDSA signing private key

Returns:

a list of signed shares

Throws:

java.lang.Exception

verifyAndCombine

public static byte[] verifyAndCombine(java.util.List<byte[]> signedShares,
                                      java.security.PublicKey publicKey)
                               throws java.lang.Exception

Convenience method to verify a list of shares containing signates and combine them if successful.

Parameters:

signedShares - a list of shares containing signatures

publicKey - an EdDSA public signing key

Returns:

the secret, if successful

Throws:

java.lang.Exception

isShare

public static boolean isShare(byte[] share)

Validate whether a given byte array could be a shard by checking its length

Parameters:

share - a byte array which may be a shard

Returns:

true if the length is ok

isSignedShare

public static boolean isSignedShare(byte[] signedShare)

Validate whether a given byte array could be a signed share by checking its length

Parameters:

signedShare -

Returns:

true if the length is ok

zeroPad

public static byte[] zeroPad(byte[] input,
                             int padLength)

Pad the secret with zeros to the given length. If the secret is longer than the given length, it will pad to the nearest multiple of the given length.

Parameters:

input - the secret of any length

padLength - the desired length

Returns:

the zero padded result