From 1cbf2fc7feb809ee00507277deb95e316b4c741e Mon Sep 17 00:00:00 2001 From: Wolf McNally Date: Tue, 17 Aug 2021 22:55:36 -0700 Subject: [PATCH 1/2] Unexport needlessly public functions. --- src/bc-shamir.h | 2 -- src/interpolate.c | 2 +- src/interpolate.h | 21 --------------------- 3 files changed, 1 insertion(+), 24 deletions(-) diff --git a/src/bc-shamir.h b/src/bc-shamir.h index e787854..0342aac 100644 --- a/src/bc-shamir.h +++ b/src/bc-shamir.h @@ -12,8 +12,6 @@ extern "C" { #endif -#include "hazmat.h" -#include "interpolate.h" #include "shamir.h" #ifdef __cplusplus diff --git a/src/interpolate.c b/src/interpolate.c index 0d741fc..6e187de 100644 --- a/src/interpolate.c +++ b/src/interpolate.c @@ -32,7 +32,7 @@ * values[i] = | | ------------- * j != i (xc[i]-xc[j]) */ -void +static void hazmat_lagrange_basis(uint8_t *values, uint8_t n, const uint8_t *xc, diff --git a/src/interpolate.h b/src/interpolate.h index baefb99..0adf37a 100644 --- a/src/interpolate.h +++ b/src/interpolate.h @@ -10,27 +10,6 @@ #include "hazmat.h" -/* - * calculate the lagrange basis coefficients for the lagrange polynomial - * defined byt the x coordinates xc at the value x. - * - * inputs: values: pointer to an array to write the values - * n: number of points - length of the xc array, 0 < n <= 32 - * xc: array of x components to use as interpolating points - * x: x coordinate to evaluate lagrange polynomials at - * - * After the function runs, the values array should hold data satisfying - * the following: - * --- (x-xc[j]) - * values[i] = | | ------------- - * j != i (xc[i]-xc[j]) - */ -void -hazmat_lagrange_basis(uint8_t *values, - uint8_t n, - const uint8_t *xc, - uint8_t x); - /** * safely interpolate the polynomial going through * the points (x0 [y0_0 y0_1 y0_2 ... y0_31]) , (x1 [y1_0 ...]), ... From c67d1028d2edf2c0ee9a938f5b8dc083cde8a573 Mon Sep 17 00:00:00 2001 From: Wolf McNally Date: Tue, 17 Aug 2021 23:11:50 -0700 Subject: [PATCH 2/2] Strengthen validation of threshold. --- src/shamir-constants.h | 1 + src/shamir.c | 2 ++ src/shamir.h | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/shamir-constants.h b/src/shamir-constants.h index 95283ef..b2d3e8d 100644 --- a/src/shamir-constants.h +++ b/src/shamir-constants.h @@ -17,5 +17,6 @@ #define SHAMIR_ERROR_CHECKSUM_FAILURE (-104) #define SHAMIR_ERROR_SECRET_TOO_SHORT (-105) #define SHAMIR_ERROR_SECRET_NOT_EVEN_LEN (-106) +#define SHAMIR_ERROR_INVALID_THRESHOLD (-107) #endif /* SHAMIR_CONSTANTS_H */ diff --git a/src/shamir.c b/src/shamir.c index e176e3b..1128001 100644 --- a/src/shamir.c +++ b/src/shamir.c @@ -51,6 +51,8 @@ int32_t split_secret( ) { if(shard_count > SHAMIR_MAX_SHARD_COUNT) { return SHAMIR_ERROR_TOO_MANY_SHARDS; + } else if(threshold < 1 || threshold > shard_count) { + return SHAMIR_ERROR_INVALID_THRESHOLD; } else if(secret_length > SHAMIR_MAX_SECRET_SIZE) { return SHAMIR_ERROR_SECRET_TOO_LONG; } else if(secret_length < SHAMIR_MIN_SECRET_SIZE) { diff --git a/src/shamir.h b/src/shamir.h index c2caf39..729ffb4 100644 --- a/src/shamir.h +++ b/src/shamir.h @@ -43,7 +43,7 @@ uint8_t* create_digest( * * returns: the number of shards created, or a negative value if there was an error * - * inputs: threshold: number of shards required to recover secret + * inputs: threshold: number of shards required to recover secret. Must be 1 <= threshold <= shard_count. * shard_count: number of shards to generate * secret: array of bytes representing the secret * secret_length: length of the secret array. must be >= 16, <= 32 and even.