damien
/
gfsecret
2
1
Fork 0
Code Issues Pull Requests Releases 4 Wiki Activity
Tools to make secret sharing easier.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 Commits
1 Branch
12 Tags
376 KiB
 
 
 
 
Tree: 4cfefd064d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4cfefd064d'
${ noResults }
Damien Goutte-Gattat 4cfefd064d
Fix allocation of share pointers 		6 years ago
lib Implement support for the file and mtp schemes 6 years ago
man Update documentation for SHA-256 verification 6 years ago
src Fix allocation of share pointers 6 years ago
.gitignore Initial commit 6 years ago
AUTHORS Update README 6 years ago
COPYING Initial commit 6 years ago
Makefile.am Prepare 0.2.0 release 6 years ago
NEWS Prepare 0.2.0 release 6 years ago
README.md Update README 6 years ago
configure.ac Prepare 0.2.0 release 6 years ago

README.md

Gfsecret - Secret sharing tools

Gfsecret is a set of tools to facilitate secret sharing according to the Adi Shamir’s secret sharing scheme.

gfsec-use

The gfsec-use program allows to temporarily reconstruct a splitted file from shares that have been dispersed on several external devices (USB sticks and/or MTP-compliant devices like some smartphones or audio players).

The program needs a configuration file (by default, $XDG_CONFIG_HOME/gfsecret/default.conf) which describes the shared secret. Here is a sample configuration:

OUTFILE=/home/alice/mysecret
MINSHARES=2
URI=file:///home/alice/.local/share/gfsecret/mysecret.024
URI=label://MYSTICK/mysecretfile.070
URI=mtp://RF2GB6X704P/Documents/mysecret.139

With such a configuration, gfse-use will attempt to reconstruct the file /home/alice/mysecret, using at least two of the three available shares: one available on the local filesystem, one on a USB storage device with the label MYSTICK, and one on a MTP-compliant device with the serial number RF2GB6X704P. Gfsec-use will automatically detect which devices are currently connected and will fetch from them the corresponding shares.

Once the secret file has been reconstructed (if enough shares are available), gfsec-use will spawn a new shell (or any other program specified on its command line). When the shell (or the user-specified command) terminates, the reconstructed secret file will be automatically deleted.

Install

Gfsecret depends on the following libraries at compile-time:

  • libgfshare, which implements the secret sharing scheme proper (mandatory);
  • libgcrypt, for the SHA-256 implementation (mandatory);
  • GIO, to access shares stored on external volumes (typically USB storage) (optional);
  • libmtp, to access shares stored on MTP-compliant devices (optional).

Copying

Gfsecret is distributed under the terms of the GNU General Public License, version 3 or higher. The full license is included in the COPYING file of the source distribution.

Homepage and repository

The project is located at http://www.incenp.org/dvlpt/gfsecret.html. The latest source code is available in a Git repository at git://git.incenp.org/gfsecret.git and may also be browsed at http://www.incenp.org/gitweb/?p=gfsecret.git;a=summary.