test: Clarify Shamir secret sharing algorithm implementation

Laisky · Laisky · commit 17bad7bdc80c · 2023-05-12T06:54:27.000Z
- Improve documentation of Shamir's secret sharing algorithm
- Add test case for combining parts with a different key
- Remove unnecessary offset addition from parts dictionary
diff --git a/crypto/threshold/shamir/shamir.go b/crypto/threshold/shamir/shamir.go
@@ -25,6 +25,8 @@ import (
 // the secret. The total and threshold must be at least 2, and less
 // than 256. The returned shares are each one byte longer than the secret
 // as they attach a tag used to reconstruct the secret.
+//
+// the key and values of members are both important to combine.
 func Split(secret []byte, total, threshold int) (members map[byte][]byte, err error) {
 	switch {
 	case threshold < 2 || threshold >= 256:
@@ -44,6 +46,8 @@ func Split(secret []byte, total, threshold int) (members map[byte][]byte, err er
 
 // Combine is used to reverse a Split and reconstruct a secret
 // once a `threshold` number of parts are available.
+//
+// the key and value are must as same as splited result.
 func Combine(parts map[byte][]byte) ([]byte, error) {
 	if len(parts) < 2 {
 		return nil, errors.Errorf("length of parts should >= 2")
diff --git a/crypto/threshold/shamir/shamir_test.go b/crypto/threshold/shamir/shamir_test.go
@@ -51,6 +51,22 @@ func TestSplit(t *testing.T) {
 				}
 			})
 
+			t.Run("fulfill threshold with different key", func(t *testing.T) {
+				for i := 0; i < 10; i++ {
+					k := randor.Intn(tt.args.total-tt.args.threshold) + tt.args.threshold
+
+					parts := map[byte][]byte{}
+					for i, b := range gutils.RandomChoice(ks, k) {
+						parts[byte(i)] = members[b]
+					}
+
+					cipher, err := Combine(parts)
+					t.Logf("total: %d, threshold: %d, parts: %d", tt.args.total, tt.args.threshold, k)
+					require.NoError(t, err)
+					require.NotEqual(t, tt.args.secret, cipher)
+				}
+			})
+
 			t.Run("less than threshold", func(t *testing.T) {
 				for i := 0; i < 10; i++ {
 					k := randor.Intn(tt.args.threshold)
@@ -60,7 +76,7 @@ func TestSplit(t *testing.T) {
 
 					parts := map[byte][]byte{}
 					for _, b := range gutils.RandomChoice(ks, k) {
-						parts[b+33] = members[b]
+						parts[b] = members[b]
 					}
 
 					cipher, err := Combine(parts)
