Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master
Commits on Jan 13, 2015
  1. Update copyright year to 2015.

  2. Cleanup rubocop report errors.

  3. Merge pull request #4 from ntalbott/fix-create-shares

    Fix smallest_prime_of_bitlength exception
  4. Added test from @ntalbott. Thanks.

Commits on Jan 12, 2015
  1. @ntalbott

    Fix smallest_prime_of_bitlength exception

    ntalbott authored
    Share.create_shares was referencing smallest_prime_of_bitlength, which
    was only defined at the instance level. This was being masked by a
    top-level include in one spec.
    Fix by using extend to make the method available as a cless method.
Commits on Nov 14, 2014
Commits on Dec 27, 2013
Commits on Dec 24, 2013
  1. Refactor Container#create_shares to no longer depend on instance vars…

    …. Fix Segfault causing bug in Shamir#evaluate_polynomial_at when @prime was not passed to it.
  2. Almost 2014.

  3. Turns out there is a bug in JRuby. If you call OpenSSL::HMAC.hexdiges…

    …t(, hmac_key, hmac_data) with an empty String hmac_key it blows up with a Segfault.
  4. Disambiguate urlsafe_encode64 and urlsafe_decode64 from our own backp…

    …ort of those methods. Hope to eliminate Stack Level too deep interpreter crashes.
  5. Remove the Hash sort in to_hash. It collides with some Ruby interpret…

    …ers and is not strictly needed.
  6. Verify all Shares have same HMAC and resulting Secret has valid HMAC.

    This ties the generated secret back to the original and verifies a
    perfect match every time. Now we can be assured that the
    re-hydrated secret is in fact exactly the same as the secret
    the shares were generated from even though we no longer have
    access to it. Also may help prevent cheating.
  7. Major Backwards Incompatible API and Share format changes.

    This release includes a number of enhancements which
    necessitated changes to the public API as well as the String format of
    the Share#to_s which is the part that actually gets shared between
    people.  The changes include:
    - New Share#to_s output which is a Base64 encoded
    MessagePack serialization of a JSON Hash of the Share.
    This should allow more flexibility since the underlying format
    is a Hash that can be used to instantiate a new Share. The
    MessagePack and Base64 protocols are platform independent.
    - No longer use the pbkdf2 hashes as a way to create a secure Hash
    of the original secret.  Instead use a SHA256 HMAC where the HMAC
    key is the original secret and the HMAC data is a SHA256 hash of the
    Secret.  This allows passing this HMAC as part of the Share String which
    in turn allows one to *verify* that the secret that is re-hydrated is
    in *fact*
    the same as the Secret that was originally used to create the Share.
    Previously, one could never be sure that the re-hydrated secret was the
    same if for example a typo crept into the Share String.
     - Removed support for the old Share String format.  Use the older
    version of the Gem if you need this supported.
Commits on Dec 10, 2013
Commits on Dec 9, 2013
  1. Secret now takes option Hash args. Generating PBKDF2 hash of Secret v…

    …alue for later use in Shares.
  2. Rubocop syntax fixes.

Commits on Dec 6, 2013
  1. Initial version of the 'secretsharing' CLI which guides the user thro…

    …ugh normal encode/decode steps.
Commits on Dec 5, 2013
  1. README Link update

  2. README enhancements.

Something went wrong with that request. Please try again.