conflict resolution

Author: dghgit

ci/pub.sh

@@ -14,7 +14,9 @@ source ci/common.sh
 export JAVA_HOME=`openjdk_21`
 export PATH=$JAVA_HOME/bin:$PATH
 
+./gradlew clean build -x test
+./osgi_scan.sh
 
-./gradlew clean build publishAllPublicationsToCwmavenRepository -x test
+./gradlew publishAllPublicationsToCwmavenRepository -x test
 
 

core/src/main/java/org/bouncycastle/crypto/threshold/Polynomial.java

@@ -0,0 +1,8 @@
+package org.bouncycastle.crypto.threshold;
+
+import org.bouncycastle.util.Encodable;
+
+public interface SecretShare
+    extends Encodable
+{
+}

core/src/main/java/org/bouncycastle/crypto/threshold/SecretShare.java

@@ -0,0 +1,36 @@
+package org.bouncycastle.crypto.threshold;
+
+import java.io.IOException;
+
+/**
+ * Secret sharing (also called secret splitting) refers to methods for distributing a secret among a group.
+ * In this process, no individual holds any intelligible information about the secret.
+ * However, when a sufficient number of individuals combine their 'shares', the secret can be reconstructed.
+ */
+public interface SecretSplitter
+{
+    /**
+     * Creates secret shares. The secret will be divided into shares, where the secret has a length of L bytes.
+     * @param m A threshold number of shares
+     * @param n Total number of shares
+     * @return An array of {@code byte[][]} representing the generated secret shares for m users with l bytes each.
+     */
+    SplitSecret split(int m, int n);
+
+    /**
+     * Creates secret shares from a given secret share. The secret will be divided into shares, where the secret has a length of L bytes.
+     * @param m A threshold number of shares
+     * @param n Total number of shares
+     * @return An array of {@code byte[][]} representing the generated secret shares for m users with l bytes each.
+     */
+    SplitSecret splitAround(SecretShare s, int m, int n)
+        throws IOException;
+
+    /**
+     * Creates secret shares from a given secret. The secret will be divided into shares, where the secret has a length of L bytes.
+     * @param m A threshold number of shares
+     * @param n Total number of shares
+     * @return An array of {@code byte[][]} representing the generated secret shares for m users with l bytes each.
+     */
+    SplitSecret resplit(byte[] secret, int m, int n);
+}

core/src/main/java/org/bouncycastle/crypto/threshold/SecretSplitter.java

@@ -0,0 +1,133 @@
+package org.bouncycastle.crypto.threshold;
+
+import java.io.IOException;
+import java.security.SecureRandom;
+
+import org.bouncycastle.util.Arrays;
+
+
+public class ShamirSecretSplitter
+    implements SecretSplitter
+{
+    public enum Algorithm
+    {
+        AES,
+        RSA
+    }
+
+    public enum Mode
+    {
+        Native,
+        Table
+    }
+
+    private final Polynomial poly;
+    /**
+     * Length of the secret
+     */
+    protected int l;
+
+    protected SecureRandom random;
+
+    public ShamirSecretSplitter(Algorithm algorithm, Mode mode, int l, SecureRandom random)
+    {
+        if (l < 0 || l > 65534)
+        {
+            throw new IllegalArgumentException("Invalid input: l ranges from 0 to 65534 (2^16-2) bytes.");
+        }
+
+        poly = Polynomial.newInstance(algorithm, mode);
+        this.l = l;
+        this.random = random;
+    }
+
+
+    public ShamirSplitSecret split(int m, int n)
+    {
+        byte[][] p = initP(m, n);
+        byte[][] sr = new byte[m][l];
+        ShamirSplitSecretShare[] secretShares = new ShamirSplitSecretShare[l];
+        int i;
+        for (i = 0; i < m; i++)
+        {
+            random.nextBytes(sr[i]);
+        }
+        for (i = 0; i < p.length; i++)
+        {
+            secretShares[i] = new ShamirSplitSecretShare(poly.gfVecMul(p[i], sr), i + 1);
+        }
+        return new ShamirSplitSecret(poly, secretShares);
+    }
+
+    @Override
+    public ShamirSplitSecret splitAround(SecretShare s, int m, int n)
+        throws IOException
+    {
+        byte[][] p = initP(m, n);
+        byte[][] sr = new byte[m][l];
+        ShamirSplitSecretShare[] secretShares = new ShamirSplitSecretShare[l];
+        byte[] ss0 = s.getEncoded();
+        secretShares[0] = new ShamirSplitSecretShare(ss0, 1);
+        int i, j;
+        byte tmp;
+        for (i = 0; i < m; i++)
+        {
+            random.nextBytes(sr[i]);
+        }
+        for (i = 0; i < l; i++)
+        {
+            tmp = sr[1][i];
+            for (j = 2; j < m; j++)
+            {
+                tmp ^= sr[j][i];
+            }
+            sr[0][i] = (byte)(tmp ^ ss0[i]);
+        }
+        for (i = 1; i < p.length; i++)
+        {
+            secretShares[i] = new ShamirSplitSecretShare(poly.gfVecMul(p[i], sr), i + 1);
+        }
+
+        return new ShamirSplitSecret(poly, secretShares);
+    }
+
+    @Override
+    public ShamirSplitSecret resplit(byte[] secret, int m, int n)
+    {
+        byte[][] p = initP(m, n);
+        byte[][] sr = new byte[m][l];
+        ShamirSplitSecretShare[] secretShares = new ShamirSplitSecretShare[l];
+        sr[0] = Arrays.clone(secret);
+        int i;
+        for (i = 1; i < m; i++)
+        {
+            random.nextBytes(sr[i]);
+        }
+        for (i = 0; i < p.length; i++)
+        {
+            secretShares[i] = new ShamirSplitSecretShare(poly.gfVecMul(p[i], sr), i + 1);
+        }
+        return new ShamirSplitSecret(poly, secretShares);
+    }
+
+    private byte[][] initP(int m, int n)
+    {
+        if (m < 1 || m > 255)
+        {
+            throw new IllegalArgumentException("Invalid input: m must be less than 256 and positive.");
+        }
+        if (n < m || n > 255)
+        {
+            throw new IllegalArgumentException("Invalid input: n must be less than 256 and greater than or equal to n.");
+        }
+        byte[][] p = new byte[n][m];
+        for (int i = 0; i < n; i++)
+        {
+            for (int j = 0; j < m; j++)
+            {
+                p[i][j] = poly.gfPow((byte)(i + 1), (byte)j);
+            }
+        }
+        return p;
+    }
+}

core/src/main/java/org/bouncycastle/crypto/threshold/ShamirSecretSplitter.java

@@ -0,0 +1,91 @@
+package org.bouncycastle.crypto.threshold;
+
+import java.io.IOException;
+
+public class ShamirSplitSecret
+    implements SplitSecret
+{
+    private final ShamirSplitSecretShare[] secretShares;
+    private final Polynomial poly;
+
+    public ShamirSplitSecret(ShamirSecretSplitter.Algorithm algorithm, ShamirSecretSplitter.Mode mode, ShamirSplitSecretShare[] secretShares)
+    {
+        this.secretShares = secretShares;
+        this.poly = Polynomial.newInstance(algorithm, mode);
+    }
+
+    ShamirSplitSecret(Polynomial poly, ShamirSplitSecretShare[] secretShares)
+    {
+        this.secretShares = secretShares;
+        this.poly = poly;
+    }
+
+    public ShamirSplitSecretShare[] getSecretShares()
+    {
+        return secretShares;
+    }
+
+    public ShamirSplitSecret multiple(int mul)
+        throws IOException
+    {
+        byte[] ss;
+        for (int i = 0; i < secretShares.length; ++i)
+        {
+            ss = secretShares[i].getEncoded();
+            for (int j = 0; j < ss.length; ++j)
+            {
+                ss[j] = poly.gfMul(ss[j] & 0xFF, mul);
+            }
+            secretShares[i] = new ShamirSplitSecretShare(ss, i + 1);
+        }
+        return this;
+    }
+
+    public ShamirSplitSecret divide(int div)
+        throws IOException
+    {
+        byte[] ss;
+        for (int i = 0; i < secretShares.length; ++i)
+        {
+            ss = secretShares[i].getEncoded();
+            for (int j = 0; j < ss.length; ++j)
+            {
+                ss[j] = poly.gfDiv(ss[j] & 0xFF, div);
+            }
+            secretShares[i] = new ShamirSplitSecretShare(ss, i + 1);
+        }
+        return this;
+    }
+
+    @Override
+    public byte[] getSecret()
+        throws IOException
+    {
+        int n = secretShares.length;
+        byte[] r = new byte[n];
+        byte tmp;
+        byte[] products = new byte[n - 1];
+        byte[][] splits = new byte[n][secretShares[0].getEncoded().length];
+        for (int i = 0; i < n; i++)
+        {
+            splits[i] = secretShares[i].getEncoded();
+            tmp = 0;
+            for (int j = 0; j < n; j++)
+            {
+                if (j != i)
+                {
+                    products[tmp++] = poly.gfDiv(secretShares[j].r, secretShares[i].r ^ secretShares[j].r);
+                }
+            }
+
+            tmp = 1;
+            for (byte p : products)
+            {
+                tmp = poly.gfMul(tmp & 0xff, p & 0xff);
+            }
+            r[i] = tmp;
+        }
+
+        return poly.gfVecMul(r, splits);
+    }
+}

core/src/main/java/org/bouncycastle/crypto/threshold/ShamirSplitSecret.java

@@ -0,0 +1,31 @@
+package org.bouncycastle.crypto.threshold;
+
+import java.io.IOException;
+
+import org.bouncycastle.util.Arrays;
+
+public class ShamirSplitSecretShare
+    implements SecretShare
+{
+    private final byte[] secretShare;
+    final int r; // index of secretShare
+
+    public ShamirSplitSecretShare(byte[] secretShare, int r)
+    {
+        this.secretShare = Arrays.clone(secretShare);
+        this.r = r;
+    }
+
+    public ShamirSplitSecretShare(byte[] secretShare)
+    {
+        this.secretShare = Arrays.clone(secretShare);
+        this.r = 1;
+    }
+
+    @Override
+    public byte[] getEncoded()
+        throws IOException
+    {
+        return Arrays.clone(secretShare);
+    }
+}

core/src/main/java/org/bouncycastle/crypto/threshold/ShamirSplitSecretShare.java

@@ -0,0 +1,16 @@
+package org.bouncycastle.crypto.threshold;
+
+import java.io.IOException;
+
+public interface SplitSecret
+{
+    SecretShare[] getSecretShares();
+
+    /**
+     * Recombines secret shares to reconstruct the original secret.
+     *
+     * @return A byte array containing the reconstructed secret.
+     */
+    byte[] getSecret()
+        throws IOException;
+}