secrets-sharing
v1.0.2
Published
A Typescript implementation of Shamir's Secret Sharing Scheme using buffers.
Maintainers
tarekbebReadme
Secrets Sharing
A TypeScript library for Shamir's Secret Sharing using Buffers instead of strings.
Inspired by grempe/secrets.js, but operates on Buffer objects for native binary data support.
Features
- Split secrets into shares using Shamir's threshold scheme
- Reconstruct secrets from shares
- Generate new shares from existing ones without knowing the secret
- Works with arbitrary binary data (Buffers)
- Configurable bit-width for the finite field (3–20 bits)
- Pluggable RNG
- Zero dependencies
Installation
npm install secrets-sharingUsage
import { share, combine } from 'secrets-sharing';
const secret = Buffer.from('my super secret data');
// Split into 5 shares, requiring any 3 to reconstruct
const shares = share(secret, 5, 3);
// Reconstruct from any 3 shares
const recovered = combine(shares.slice(0, 3));
console.log(recovered.toString()); // 'my super secret data'API
share(secretBuffer, numShares, threshold, padLength?)
Split a secret Buffer into shares using Shamir's threshold secret sharing.
| Parameter | Type | Description |
|---|---|---|
| secretBuffer | Buffer | The secret to split. |
| numShares | number | Total shares to produce (2 to config.max). |
| threshold | number | Minimum shares required to reconstruct (2 to numShares). |
| padLength | number | Zero-pad the binary secret to a multiple of this many bits before splitting. Defaults to 128. Must be 0–1024. |
Returns: Buffer[] — an array of share Buffers.
combine(shares, at?)
Reconstruct a secret Buffer from an array of share Buffers.
| Parameter | Type | Description |
|---|---|---|
| shares | Buffer[] | Array of share Buffers (must meet the threshold count). |
| at | number | Evaluates the polynomial at this x value instead of 0. Defaults to 0. Used internally by newShare. |
Returns: Buffer — the reconstructed secret.
newShare(id, shares)
Generate a new share with the given numeric id from existing shares, without reconstructing the secret.
| Parameter | Type | Description |
|---|---|---|
| id | number | Share id, an integer in [1, config.max]. |
| shares | Buffer[] | At least threshold existing share Buffers. |
Returns: Buffer — a new share Buffer for the requested id.
init(bits?)
Initialize (or reinitialize) the finite field used for sharing. Called automatically on import with 8 bits.
| Parameter | Type | Description |
|---|---|---|
| bits | number | Bit-width for the field (3–20). Defaults to 8. |
setRNG(rng)
Provide a custom random number generator. By default the library uses Math.random.
| Parameter | Type | Description |
|---|---|---|
| rng | (() => number) \| null | A function returning an integer in [0, config.max], or null to reset to the default. |
getConfig()
Return the current library configuration.
Returns: { bits: number; radix: number; maxShares: number }
extractShareComponents(shareBuffer)
Extract the components of a share Buffer.
| Parameter | Type | Description |
|---|---|---|
| shareBuffer | Buffer | A share Buffer produced by share() or newShare(). |
Returns: { bits: number; id: number; data: string } — where data is the hex payload.
shareBufferToString(shareBuffer)
Convert a share Buffer to its ASCII string representation.
Returns: string
shareStringToBuffer(shareString)
Convert an ASCII share string back to a Buffer.
Returns: Buffer
utf16beFromString(str)
Encode a JS string into a UTF-16BE Buffer with reversed code-unit ordering (matches the secrets.js str2hex convention).
Returns: Buffer
utf16beToString(buf)
Decode a UTF-16BE Buffer (with reversed code-unit ordering) back into a JS string.
Returns: string
Inspiration
Based on the well-known secrets.js library, adapted to work natively with Buffer objects and binary data.
License
ISC