npm - secrets-sharing - Versions diffs - 1.0.0 → 1.0.1 - Mend

secrets-sharing 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md +137 -0
package/dist/{secrets-sharing.d.ts → index.d.ts} +1 -1
package/dist/index.d.ts.map +1 -0
package/package.json +20 -4
package/dist/secrets-sharing.d.ts.map +0 -1
package/secrets-sharing.ts +0 -467
package/test.js +0 -66
/package/dist/{secrets-sharing.js → index.js} +0 -0

package/README.md ADDED Viewed

@@ -0,0 +1,137 @@
+# Secrets Sharing
+A TypeScript library for Shamir's Secret Sharing using **Buffers** instead of strings.
+Inspired by [grempe/secrets.js](https://github.com/grempe/secrets.js), but operates on `Buffer` objects for native binary data support.
+## Features
+- Split secrets into shares using Shamir's threshold scheme
+- Reconstruct secrets from shares
+- Generate new shares from existing ones without knowing the secret
+- Works with arbitrary binary data (Buffers)
+- Configurable bit-width for the finite field (3–20 bits)
+- Pluggable RNG
+- Zero dependencies
+## Installation
+```bash
+npm install secrets-sharing
+```
+## Usage
+```ts
+import { share, combine } from 'secrets-sharing';
+const secret = Buffer.from('my super secret data');
+// Split into 5 shares, requiring any 3 to reconstruct
+const shares = share(secret, 5, 3);
+// Reconstruct from any 3 shares
+const recovered = combine(shares.slice(0, 3));
+console.log(recovered.toString()); // 'my super secret data'
+```
+## API
+### `share(secretBuffer, numShares, threshold, padLength?)`
+Split a secret Buffer into shares using Shamir's threshold secret sharing.
+| Parameter | Type | Description |
+|---|---|---|
+| `secretBuffer` | `Buffer` | The secret to split. |
+| `numShares` | `number` | Total shares to produce (2 to `config.max`). |
+| `threshold` | `number` | Minimum shares required to reconstruct (2 to `numShares`). |
+| `padLength` | `number` | Zero-pad the binary secret to a multiple of this many bits before splitting. Defaults to `128`. Must be 0–1024. |
+**Returns:** `Buffer[]` — an array of share Buffers.
+### `combine(shares, at?)`
+Reconstruct a secret Buffer from an array of share Buffers.
+| Parameter | Type | Description |
+|---|---|---|
+| `shares` | `Buffer[]` | Array of share Buffers (must meet the threshold count). |
+| `at` | `number` | Evaluates the polynomial at this x value instead of 0. Defaults to `0`. Used internally by `newShare`. |
+**Returns:** `Buffer` — the reconstructed secret.
+### `newShare(id, shares)`
+Generate a new share with the given numeric `id` from existing shares, without reconstructing the secret.
+| Parameter | Type | Description |
+|---|---|---|
+| `id` | `number` | Share id, an integer in [1, `config.max`]. |
+| `shares` | `Buffer[]` | At least `threshold` existing share Buffers. |
+**Returns:** `Buffer` — a new share Buffer for the requested id.
+### `init(bits?)`
+Initialize (or reinitialize) the finite field used for sharing. Called automatically on import with 8 bits.
+| Parameter | Type | Description |
+|---|---|---|
+| `bits` | `number` | Bit-width for the field (3–20). Defaults to `8`. |
+### `setRNG(rng)`
+Provide a custom random number generator. By default the library uses `Math.random`.
+| Parameter | Type | Description |
+|---|---|---|
+| `rng` | `(() => number) \| null` | A function returning an integer in [0, `config.max`], or `null` to reset to the default. |
+### `getConfig()`
+Return the current library configuration.
+**Returns:** `{ bits: number; radix: number; maxShares: number }`
+### `extractShareComponents(shareBuffer)`
+Extract the components of a share Buffer.
+| Parameter | Type | Description |
+|---|---|---|
+| `shareBuffer` | `Buffer` | A share Buffer produced by `share()` or `newShare()`. |
+**Returns:** `{ bits: number; id: number; data: string }` — where `data` is the hex payload.
+### `shareBufferToString(shareBuffer)`
+Convert a share Buffer to its ASCII string representation.
+**Returns:** `string`
+### `shareStringToBuffer(shareString)`
+Convert an ASCII share string back to a Buffer.
+**Returns:** `Buffer`
+### `utf16beFromString(str)`
+Encode a JS string into a UTF-16BE Buffer with reversed code-unit ordering (matches the `secrets.js` `str2hex` convention).
+**Returns:** `Buffer`
+### `utf16beToString(buf)`
+Decode a UTF-16BE Buffer (with reversed code-unit ordering) back into a JS string.
+**Returns:** `string`
+## Inspiration
+Based on the well-known [secrets.js](https://github.com/grempe/secrets.js) library, adapted to work natively with `Buffer` objects and binary data.
+## License
+ISC

package/dist/{secrets-sharing.d.ts → index.d.ts} RENAMED Viewed

@@ -75,4 +75,4 @@ export declare const _internal: {
     parseShareString: typeof parseShareString;
 };
 export {};
-//# sourceMappingURL=secrets-sharing.d.ts.map
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AA0BA,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACd;AAED,UAAU,WAAW;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;CACf;AA0CD,wBAAgB,IAAI,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CA2BxC;AAED,wBAAgB,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,IAAI,GAAG,IAAI,CAEvD;AAsBD,iBAAS,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAMpC;AAWD,iBAAS,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAUlE;AAUD,iBAAS,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,WAAW,CAa1D;AASD,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAU1D;AAED,wBAAgB,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,SAAS,CAAC,EAAE,GAAG,MAAM,CA8BnF;AAED,iBAAS,iBAAiB,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,CAOvD;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,KAAK,CACnB,YAAY,EAAE,MAAM,EACpB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,SAAS,SAAM,GACd,MAAM,EAAE,CAsCV;AAED;;;;;;;GAOG;AACH,wBAAgB,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,SAAI,GAAG,MAAM,CAuDxD;AAED;;;;;;;GAOG;AACH,wBAAgB,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAa7D;AAED;;;GAGG;AACH,wBAAgB,SAAS,IAAI,aAAa,CAMzC;AAED;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,eAAe,CAM3E;AAED,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAK/D;AAED,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAK/D;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAOrD;AAED,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CASnD;AAED,eAAO,MAAM,SAAS;;;;;CAUrB,CAAC"}

package/package.json CHANGED Viewed

@@ -1,14 +1,30 @@
 {
   "name": "secrets-sharing",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "A Typescript implementation of Shamir's Secret Sharing Scheme using buffers.",
-  "main": "index.js",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
   "scripts": {
     "test": "node test.js",
-    "build": "tsc",
+    "build": "rm -rf dist && tsc",
+    "prepublishOnly": "npm run build",
     "publish": "npm run build && npm publish"
   },
-  "keywords": ["shamir", "secret sharing", "typescript", "buffers"],
+  "keywords": [
+    "shamir",
+    "secret sharing",
+    "typescript",
+    "buffers"
+  ],
   "author": "",
   "license": "ISC",
   "type": "module",

package/dist/secrets-sharing.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"secrets-sharing.d.ts","sourceRoot":"","sources":["../secrets-sharing.ts"],"names":[],"mappings":"AA0BA,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACd;AAED,UAAU,WAAW;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;CACf;AA0CD,wBAAgB,IAAI,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CA2BxC;AAED,wBAAgB,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,IAAI,GAAG,IAAI,CAEvD;AAsBD,iBAAS,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAMpC;AAWD,iBAAS,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAUlE;AAUD,iBAAS,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,WAAW,CAa1D;AASD,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAU1D;AAED,wBAAgB,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,SAAS,CAAC,EAAE,GAAG,MAAM,CA8BnF;AAED,iBAAS,iBAAiB,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,CAOvD;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,KAAK,CACnB,YAAY,EAAE,MAAM,EACpB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,SAAS,SAAM,GACd,MAAM,EAAE,CAsCV;AAED;;;;;;;GAOG;AACH,wBAAgB,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,SAAI,GAAG,MAAM,CAuDxD;AAED;;;;;;;GAOG;AACH,wBAAgB,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAa7D;AAED;;;GAGG;AACH,wBAAgB,SAAS,IAAI,aAAa,CAMzC;AAED;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,eAAe,CAM3E;AAED,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAK/D;AAED,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAK/D;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAOrD;AAED,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CASnD;AAED,eAAO,MAAM,SAAS;;;;;CAUrB,CAAC"}

package/secrets-sharing.ts DELETED Viewed

@@ -1,467 +0,0 @@
-'use strict';
-interface Defaults {
-  bits: number;
-  radix: number;
-  minBits: number;
-  maxBits: number;
-  primitivePolynomials: (number | null)[];
-}
-interface Config {
-  bits: number;
-  radix: number;
-  size: number;
-  max: number;
-  logs: number[];
-  exps: number[];
-  /**
-   * RNG contract differs from grempe/secrets.js: the original's RNG takes a `bits`
-   * argument and returns a binary string. This buffer implementation's RNG takes no
-   * arguments and returns a number in [0, config.max], which is simpler and avoids
-   * binary-string parsing in hot paths.
-   */
-  rng: (() => number) | null;
-}
-export interface SecretsConfig {
-  bits: number;
-  radix: number;
-  maxShares: number;
-}
-export interface ShareComponents {
-  bits: number;
-  id: number;
-  data: string;
-}
-interface ParsedShare {
-  bits: number;
-  id: number;
-  value: string;
-}
-const defaults: Defaults = {
-  bits: 8,
-  radix: 16,
-  minBits: 3,
-  maxBits: 20,
-  primitivePolynomials: [
-    null,
-    null,
-    1,
-    3,
-    3,
-    5,
-    3,
-    3,
-    29,
-    17,
-    9,
-    5,
-    83,
-    27,
-    43,
-    3,
-    45,
-    9,
-    39,
-    39,
-    9,
-  ],
-};
-const config: Config = {
-  bits: defaults.bits,
-  radix: defaults.radix,
-  size: 256,
-  max: 255,
-  logs: [],
-  exps: [],
-  rng: null,
-};
-export function init(bits?: number): void {
-  const useBits = bits ?? defaults.bits;
-  if (useBits < defaults.minBits || useBits > defaults.maxBits) {
-    throw new Error('Bits out of range.');
-  }
-  config.bits = useBits;
-  config.size = 1 << useBits;
-  config.max = config.size - 1;
-  const primitive = defaults.primitivePolynomials[useBits] as number;
-  const logs = new Array<number>(config.size);
-  const exps = new Array<number>(config.size);
-  let x = 1;
-  for (let i = 0; i < config.size; i += 1) {
-    exps[i] = x;
-    logs[x] = i;
-    x <<= 1;
-    if (x >= config.size) {
-      x ^= primitive;
-      x &= config.max;
-    }
-  }
-  config.logs = logs;
-  config.exps = exps;
-}
-export function setRNG(rng: (() => number) | null): void {
-  config.rng = rng;
-}
-function random(): number {
-  if (typeof config.rng === 'function') {
-    const value = config.rng();
-    if (!Number.isInteger(value) || value < 0 || value > config.max) {
-      throw new Error('Invalid RNG output.');
-    }
-    return value;
-  }
-  return Math.floor(Math.random() * (config.max + 1));
-}
-function padLeftBinary(str: string, multiple: number): string {
-  const missing = str.length % multiple;
-  if (missing === 0) {
-    return str;
-  }
-  return `${'0'.repeat(multiple - missing)}${str}`;
-}
-function hex2bin(hex: string): string {
-  if (hex.length === 0) {
-    return '';
-  }
-  const asBigInt = BigInt(`0x${hex}`);
-  return padLeftBinary(asBigInt.toString(2), 4);
-}
-function bin2hex(bin: string): string {
-  const padded = padLeftBinary(bin, 4);
-  let out = '';
-  for (let i = 0; i < padded.length; i += 4) {
-    out += parseInt(padded.slice(i, i + 4), 2).toString(16);
-  }
-  return out;
-}
-function splitBinToParts(bin: string, padLength?: number): number[] {
-  const padded = padLength ? padLeftBinary(bin, padLength) : bin;
-  const parts: number[] = [];
-  for (let i = padded.length; i > config.bits; i -= config.bits) {
-    parts.push(parseInt(padded.slice(i - config.bits, i), 2));
-  }
-  parts.push(parseInt(padded.slice(0, Math.max(1, padded.length % config.bits || config.bits)), 2));
-  return parts;
-}
-function partsToHex(parts: number[]): string {
-  let out = '';
-  for (const part of [...parts].reverse()) {
-    out += part.toString(config.radix).padStart(2, '0');
-  }
-  return out;
-}
-function parseShareString(shareString: string): ParsedShare {
-  // charAt(0) always returns a string unlike bracket indexing under noUncheckedIndexedAccess.
-  const bits = parseInt(shareString.charAt(0), 36);
-  const max = (1 << bits) - 1;
-  const idLength = max.toString(config.radix).length;
-  const id = parseInt(shareString.slice(1, 1 + idLength), config.radix);
-  const value = shareString.slice(1 + idLength);
-  if (!Number.isInteger(id) || id < 1 || id > max) {
-    throw new Error('Invalid share id.');
-  }
-  return { bits, id, value };
-}
-function constructPublicShareString(id: number, dataParts: number[]): string {
-  const maxIdChars = config.max.toString(config.radix).length;
-  const idHex = id.toString(config.radix).padStart(maxIdChars, '0');
-  // toUpperCase matches the original secrets.js share format for bits >= 10.
-  return `${config.bits.toString(36).toUpperCase()}${idHex}${partsToHex(dataParts)}`;
-}
-export function horner(x: number, coeffs: number[]): number {
-  let fx = 0;
-  for (let i = coeffs.length - 1; i >= 0; i -= 1) {
-    if (fx !== 0) {
-      // logs and exps are fully populated by init(); non-null assertions are safe here.
-      fx = config.exps[(config.logs[x]! + config.logs[fx]!) % config.max]!;
-    }
-    fx ^= coeffs[i]!;
-  }
-  return fx;
-}
-export function lagrange(at: number, x: number[], y: (number | undefined)[]): number {
-  let sum = 0;
-  for (let i = 0; i < x.length; i += 1) {
-    const yi = y[i];
-    if (!yi) {
-      continue;
-    }
-    let product: number = config.logs[yi]!;
-    for (let j = 0; j < x.length; j += 1) {
-      if (i === j) {
-        continue;
-      }
-      if (at === x[j]!) {
-        product = -1;
-        break;
-      }
-      product =
-        (product + config.logs[at ^ x[j]!]! - config.logs[x[i]! ^ x[j]!]! + config.max) %
-        config.max;
-    }
-    if (product !== -1) {
-      sum ^= config.exps[product]!;
-    }
-  }
-  return sum;
-}
-function bufferToSecretBin(secretBuffer: Buffer): string {
-  const hex = secretBuffer.toString('hex');
-  if (hex.length === 0) {
-    return '10';
-  }
-  const asBigInt = BigInt(`0x${hex}`);
-  return `1${padLeftBinary(asBigInt.toString(2), 16)}`;
-}
-/**
- * Split a secret Buffer into `numShares` shares using Shamir's threshold secret sharing.
- *
- * @param secretBuffer - The secret to split, expressed as a Buffer.
- * @param numShares - Total number of shares to produce (2 to config.max).
- * @param threshold - Minimum shares required to reconstruct (2 to numShares).
- * @param padLength - Zero-pad the binary secret to a multiple of this many bits before
- *   splitting. Defaults to 128 (same as the original secrets.js) to prevent leaking
- *   information about the size of small secrets. Must be 0–1024.
- * @returns An array of `numShares` Buffer shares.
- */
-export function share(
-  secretBuffer: Buffer,
-  numShares: number,
-  threshold: number,
-  padLength = 128,
-): Buffer[] {
-  if (!Buffer.isBuffer(secretBuffer)) {
-    throw new TypeError('secretBuffer must be a Buffer');
-  }
-  if (!Number.isInteger(numShares) || !Number.isInteger(threshold)) {
-    throw new TypeError('numShares and threshold must be integers');
-  }
-  if (numShares < 2 || numShares > config.max) {
-    throw new Error('numShares out of range.');
-  }
-  if (threshold < 2 || threshold > numShares) {
-    throw new Error('threshold out of range.');
-  }
-  if (!Number.isInteger(padLength) || padLength < 0 || padLength > 1024) {
-    throw new Error('Zero-pad length must be an integer between 0 and 1024 inclusive.');
-  }
-  const parts = splitBinToParts(bufferToSecretBin(secretBuffer), padLength);
-  const coeffs: number[][] = [];
-  for (let i = 0; i < parts.length; i += 1) {
-    const row: number[] = [parts[i]!];
-    for (let j = 1; j < threshold; j += 1) {
-      row[j] = random();
-    }
-    coeffs.push(row);
-  }
-  const out: Buffer[] = [];
-  for (let xVal = 1; xVal <= numShares; xVal += 1) {
-    const dataParts: number[] = [];
-    for (let j = 0; j < parts.length; j += 1) {
-      dataParts.push(horner(xVal, coeffs[j]!));
-    }
-    out.push(Buffer.from(constructPublicShareString(xVal, dataParts), 'ascii'));
-  }
-  return out;
-}
-/**
- * Reconstruct a secret Buffer from an array of share Buffers.
- *
- * @param shares - Array of share Buffers (must satisfy the threshold count).
- * @param at - If non-zero, evaluates the polynomial at this x value instead of 0
- *   (used internally by `newShare`).
- * @returns The reconstructed secret as a Buffer, or the share data Buffer when `at` != 0.
- */
-export function combine(shares: Buffer[], at = 0): Buffer {
-  if (!Array.isArray(shares) || shares.length === 0) {
-    throw new Error('shares must be a non-empty array of Buffers');
-  }
-  const xArr: number[] = [];
-  const yMatrix: (number | undefined)[][] = [];
-  let setBits: number | undefined;
-  for (const shareBuffer of shares) {
-    if (!Buffer.isBuffer(shareBuffer)) {
-      throw new TypeError('All shares must be Buffers');
-    }
-    const parsed = parseShareString(shareBuffer.toString('ascii'));
-    if (setBits === undefined) {
-      setBits = parsed.bits;
-      if (setBits !== config.bits) {
-        init(setBits);
-      }
-    } else if (parsed.bits !== setBits) {
-      throw new Error('Mismatched share bit settings');
-    }
-    if (xArr.includes(parsed.id)) {
-      continue;
-    }
-    const idx = xArr.push(parsed.id) - 1;
-    const parts = splitBinToParts(hex2bin(parsed.value));
-    for (let j = 0; j < parts.length; j += 1) {
-      if (!yMatrix[j]) {
-        yMatrix[j] = [];
-      }
-      yMatrix[j]![idx] = parts[j]!;
-    }
-  }
-  let resultBin = '';
-  for (const yRow of yMatrix) {
-    resultBin = lagrange(at, xArr, yRow!).toString(2).padStart(config.bits, '0') + resultBin;
-  }
-  if (at === 0) {
-    const marker = resultBin.indexOf('1');
-    if (marker === -1) {
-      throw new Error('Invalid reconstructed secret marker');
-    }
-    resultBin = resultBin.slice(marker + 1);
-  }
-  const outHex = bin2hex(resultBin);
-  return Buffer.from(outHex, 'hex');
-}
-/**
- * Generate a new share with the given numeric `id` from the existing `shares`.
- * Mirrors `secrets.newShare(id, shares)` from the original secrets.js.
- *
- * @param id - Share id, an integer in [1, config.max].
- * @param shares - Threshold number of existing share Buffers.
- * @returns A new share Buffer for the requested id.
- */
-export function newShare(id: number, shares: Buffer[]): Buffer {
-  if (!Number.isInteger(id) || id < 1 || id > config.max) {
-    throw new Error(`Share id must be an integer between 1 and ${config.max}, inclusive.`);
-  }
-  if (!Array.isArray(shares) || shares.length === 0) {
-    throw new Error("Invalid 'shares' argument to newShare().");
-  }
-  // combine(shares, id) evaluates the polynomial at `id` and returns the raw bytes
-  // of the share payload. Reconstruct the full share string from that.
-  const shareData = combine(shares, id);
-  const dataParts = splitBinToParts(hex2bin(shareData.toString('hex')));
-  return Buffer.from(constructPublicShareString(id, dataParts), 'ascii');
-}
-/**
- * Return the current library configuration.
- * Mirrors `secrets.getConfig()` from the original secrets.js.
- */
-export function getConfig(): SecretsConfig {
-  return {
-    bits: config.bits,
-    radix: config.radix,
-    maxShares: config.max,
-  };
-}
-/**
- * Extract the components of a share Buffer.
- * Mirrors `secrets.extractShareComponents(share)` from the original secrets.js.
- *
- * @param shareBuffer - A share Buffer as produced by `share()` or `newShare()`.
- * @returns An object with `bits`, `id`, and `data` (hex string of share payload).
- */
-export function extractShareComponents(shareBuffer: Buffer): ShareComponents {
-  if (!Buffer.isBuffer(shareBuffer)) {
-    throw new TypeError('shareBuffer must be a Buffer');
-  }
-  const parsed = parseShareString(shareBuffer.toString('ascii'));
-  return { bits: parsed.bits, id: parsed.id, data: parsed.value };
-}
-export function shareBufferToString(shareBuffer: Buffer): string {
-  if (!Buffer.isBuffer(shareBuffer)) {
-    throw new TypeError('shareBuffer must be a Buffer');
-  }
-  return shareBuffer.toString('ascii');
-}
-export function shareStringToBuffer(shareString: string): Buffer {
-  if (typeof shareString !== 'string') {
-    throw new TypeError('shareString must be a string');
-  }
-  return Buffer.from(shareString, 'ascii');
-}
-export function utf16beFromString(str: string): Buffer {
-  const out = Buffer.allocUnsafe(str.length * 2);
-  for (let i = 0; i < str.length; i += 1) {
-    // Match secrets.js str2hex ordering (prepends each code unit).
-    out.writeUInt16BE(str.charCodeAt(i), (str.length - 1 - i) * 2);
-  }
-  return out;
-}
-export function utf16beToString(buf: Buffer): string {
-  if (buf.length % 2 !== 0) {
-    throw new Error('Invalid UTF-16BE buffer length');
-  }
-  let out = '';
-  for (let i = 0; i < buf.length; i += 2) {
-    out = String.fromCharCode(buf.readUInt16BE(i)) + out;
-  }
-  return out;
-}
-export const _internal = {
-  splitBinToParts,
-  hex2bin,
-  bufferToSecretBin,
-  parseShareString,
-} satisfies {
-  splitBinToParts: (bin: string, padLength?: number) => number[];
-  hex2bin: (hex: string) => string;
-  bufferToSecretBin: (secretBuffer: Buffer) => string;
-  parseShareString: (shareString: string) => ParsedShare;
-};
-init(defaults.bits);

package/test.js DELETED Viewed

@@ -1,66 +0,0 @@
-'use strict';
-const assert = require('assert');
-const {
-  setRNG,
-  share,
-  combine,
-  shareBufferToString,
-  shareStringToBuffer,
-  utf16beFromString,
-  utf16beToString,
-  _internal,
-} = require('./secrets-buffer');
-const validMnemonic =
-  'upset zoo adult butter oxygen grow liberty suit also tape river crack rich limb art guitar crime aware crowd blouse script boss mask west';
-const validSharesSplit = [
-  '8010d66f07a557608f04370d937a7c3d9b106407f6f78a32b1ed69e99a79a2f2b3f9e934cf6bc8251f4890d0b9947392f3f249cda3d60b158514e7f5b9beb4aeebd68d98b33b403063ef8b12b1fb4f8f135ad2bb2477562aaacaaf977840368c86872aa4ed3255b45626c9c37845bff8d27f96ef657287e94b4a5ea7fb9cea78b7cdee4e469834623e9dffa3ded951c0b1f2f6dc5b3bc0c2df3608cf5b50622262a9d49e87899247919068ec56e33e9862636e538c1c78ad30609549a11b7d251defe68d46ce311e2c0418b9238ff3d9ee307e083de6ba998df20dbbee1295063c646efd36f8d7effec2de057a960dda873ccca9ab4a635d371ca533cb631a8382ec632876fbbff437ace9abca2ca73a240608586ffa377c34f129bc8511e21fa06',
-  '8021accfdf4aaec10fd86e0af6e5398afe30c15fe71f0c2565cb19c2fc629fd56c9215b9864658ca2440fbc164f8eee5eee489ea9ecc0dab0379c9eb684cb01c1f8d01e0bd275a00c1cedd356a7755cfffc47f379eeea6b49d3494cee8c06738db0e4e69c0c4a0d8a52d8806e75b67507edef40f115506335dc57a9fef381c50b5ba1b5d5741b3b4674a35d7aa73780169b5e6197ed65785a46c0a0f7d40cd24cf127f2cd662fe7f2a80cba974a66af11e36c47703c9395bb6c121929b7730da202e1b0b544db99d902829e3910e3f121470e4b1b0ed6e92d18401f61bf5239c6208c55bb77079ce3775a72aee6c02c4d6e8538291551fcbb4d893a78ed62d270fa910413426b57866b818565fa89865931c0a6116d5b8e9b0224848d373cd2e993',
-  '80317aa0d8eff9a180dc5907659f45a76260a26817b88167d626769b612b3b37d9bbfe8d4e1d97df3df86d31df6c9a371a16c6b73a3a008e815d2c1ed7a20382f30b8a8808dc1c10a0215067dcfc1cb0ebbeabbcb899f6ce30de3d4997f057a45f89629d2b26f3fcf42b47f59d1edf88aab165a072b7868a10ff263813e4f1080467f71317f981065f47ccb476aa2f41de77165522cd95477dea04f02000a826ab8ba9b256cb6a68bc70a5d5256556697a05ad2489c546b684a1b22b3d5c4b3f3bd1ff8615c38e13bb7c366ab081cb5bfd009d998b5bd22b5ae60a8df7e7b1ea589cac8687f8ac21cf577f7f928a088e565499db381f7bb6859431d442f530f48b657169459d0c4c5644f7bd93943d5fb1ea04c97e8f8d95839367a4515228313e0',
-];
-// Original secrets.js string->hex path is UTF-16 code-unit based.
-const mnemonicBuffer = utf16beFromString(validMnemonic);
-const expectedShareBuffers = validSharesSplit.map(shareStringToBuffer);
-function deriveThreshold2Coefficients(secretBuf, firstShareString, padLength) {
-  const secretParts = _internal.splitBinToParts(_internal.bufferToSecretBin(secretBuf), padLength);
-  const firstPayload = _internal.parseShareString(firstShareString).value;
-  const firstShareParts = _internal.splitBinToParts(_internal.hex2bin(firstPayload));
-  assert.strictEqual(secretParts.length, firstShareParts.length, 'internal share lengths mismatch');
-  const coeffs = new Array(secretParts.length);
-  for (let i = 0; i < secretParts.length; i += 1) {
-    // For threshold=2 and x=1: y1 = secretPart XOR coeff.
-    coeffs[i] = secretParts[i] ^ firstShareParts[i];
-  }
-  return coeffs;
-}
-const coeffs = deriveThreshold2Coefficients(mnemonicBuffer, validSharesSplit[0], 128);
-let rngIndex = 0;
-setRNG(() => {
-  const value = coeffs[rngIndex];
-  rngIndex += 1;
-  return value;
-});
-const splitBuffers = share(mnemonicBuffer, 3, 2, 128);
-const splitStrings = splitBuffers.map(shareBufferToString);
-assert.deepStrictEqual(splitStrings, validSharesSplit, 'split shares mismatch expected fixtures');
-const recombinedFromFixtures = combine([
-  expectedShareBuffers[0],
-  expectedShareBuffers[2],
-]);
-const recombinedMnemonic = utf16beToString(recombinedFromFixtures);
-assert.strictEqual(recombinedMnemonic, validMnemonic, 'recombined mnemonic mismatch');
-// Verify app-layer transport conversion path: Buffer -> string -> Buffer.
-const transportRoundtrip = splitBuffers.map((shareBuf) => shareStringToBuffer(shareBufferToString(shareBuf)));
-const recombinedFromRoundtrip = combine([transportRoundtrip[1], transportRoundtrip[2]]);
-assert.strictEqual(utf16beToString(recombinedFromRoundtrip), validMnemonic, 'roundtrip recombination mismatch');
-console.log('ok');

/package/dist/{secrets-sharing.js → index.js} RENAMED Viewed

File without changes