islishude · November 7, 2019 05:44
diff --git a/shamir.go b/shamir.go
 package main

 import (
 	"crypto/rand"
 	"fmt"
 	"reflect"

 	"github.com/hashicorp/vault/shamir"
 )

 // Problem: 
 // Company XYZ needs to secure their vault's passcode. 
 // They could use something standard, such as AES, but what if the holder of the key is unavailable or dies? 
 // What if the key is compromised via a malicious hacker or the holder of the key turns rogue, 
 // and uses their power over the vault to their benefit?
 // This is where SSS comes in. 
 // It can be used to encrypt the vault's passcode and generate a certain number of shares, 
 // where a certain number of shares can be allocated to each executive within Company XYZ. 
 // Now, only if they pool their shares can they unlock the vault. 
 // The threshold can be appropriately set for the number of executives, 
 // so the vault is always able to be accessed by the authorized individuals. 
 // Should a share or two fall into the wrong hands, 
 // they couldn't open the passcode unless the other executives cooperated.
 // ref: https://en.wikipedia.org/wiki/Shamir's_Secret_Sharing

 func main() {
 	data := make([]byte, 32)
 	rand.Read(data)

 	piece, _ := shamir.Split(data, 5, 3)

 	rec0, _ := shamir.Combine([][]byte{piece[0], piece[2], piece[4]})
 	fmt.Println("rec0", reflect.DeepEqual(data, rec0)) // true
 	rec1, _ := shamir.Combine([][]byte{piece[1], piece[2], piece[3]})
 	fmt.Println("rec1", reflect.DeepEqual(data, rec1)) // true
 	rec2, _ := shamir.Combine([][]byte{piece[0], piece[1], piece[2]})
 	fmt.Println("rec2", reflect.DeepEqual(data, rec2)) // true
 	rec3, _ := shamir.Combine([][]byte{piece[2], piece[3], piece[4]})
 	fmt.Println("rec3", reflect.DeepEqual(data, rec3)) // true
 }
	package main

	import (
	"crypto/rand"
	"fmt"
	"reflect"

	"github.com/hashicorp/vault/shamir"
	)

	// Problem:
	// Company XYZ needs to secure their vault's passcode.
	// They could use something standard, such as AES, but what if the holder of the key is unavailable or dies?
	// What if the key is compromised via a malicious hacker or the holder of the key turns rogue,
	// and uses their power over the vault to their benefit?
	// This is where SSS comes in.
	// It can be used to encrypt the vault's passcode and generate a certain number of shares,
	// where a certain number of shares can be allocated to each executive within Company XYZ.
	// Now, only if they pool their shares can they unlock the vault.
	// The threshold can be appropriately set for the number of executives,
	// so the vault is always able to be accessed by the authorized individuals.
	// Should a share or two fall into the wrong hands,
	// they couldn't open the passcode unless the other executives cooperated.
	// ref: https://en.wikipedia.org/wiki/Shamir's_Secret_Sharing

	func main() {
	data := make([]byte, 32)
	rand.Read(data)

	piece, _ := shamir.Split(data, 5, 3)

	rec0, _ := shamir.Combine([][]byte{piece[0], piece[2], piece[4]})
	fmt.Println("rec0", reflect.DeepEqual(data, rec0)) // true
	rec1, _ := shamir.Combine([][]byte{piece[1], piece[2], piece[3]})
	fmt.Println("rec1", reflect.DeepEqual(data, rec1)) // true
	rec2, _ := shamir.Combine([][]byte{piece[0], piece[1], piece[2]})
	fmt.Println("rec2", reflect.DeepEqual(data, rec2)) // true
	rec3, _ := shamir.Combine([][]byte{piece[2], piece[3], piece[4]})
	fmt.Println("rec3", reflect.DeepEqual(data, rec3)) // true
	}