2014-08-17 11:11:28 +10:00
|
|
|
var assert = require('assert')
|
2014-05-28 23:10:11 +08:00
|
|
|
var crypto = require('crypto')
|
2014-09-24 12:05:30 +10:00
|
|
|
var pbkdf2 = require('pbkdf2-compat').pbkdf2Sync
|
2014-03-10 10:49:53 +08:00
|
|
|
|
2014-07-04 14:33:49 +10:00
|
|
|
var DEFAULT_WORDLIST = require('./wordlists/en.json')
|
2014-06-23 13:40:38 +10:00
|
|
|
|
2014-09-06 00:49:28 +10:00
|
|
|
function mnemonicToSeed(mnemonic, password) {
|
|
|
|
return pbkdf2(mnemonic, salt(password), 2048, 64, 'sha512')
|
|
|
|
}
|
|
|
|
|
2014-08-17 10:38:11 +10:00
|
|
|
function mnemonicToSeedHex(mnemonic, password) {
|
2014-09-06 00:49:28 +10:00
|
|
|
return mnemonicToSeed(mnemonic, password).toString('hex')
|
2014-03-10 10:49:53 +08:00
|
|
|
}
|
|
|
|
|
2014-08-17 11:11:28 +10:00
|
|
|
function mnemonicToEntropy(mnemonic, wordlist) {
|
|
|
|
wordlist = wordlist || DEFAULT_WORDLIST
|
|
|
|
|
|
|
|
var words = mnemonic.split(' ')
|
|
|
|
assert(words.length % 3 === 0, 'Invalid mnemonic')
|
|
|
|
|
|
|
|
var belongToList = words.every(function(word) {
|
|
|
|
return wordlist.indexOf(word) > -1
|
|
|
|
})
|
|
|
|
|
|
|
|
assert(belongToList, 'Invalid mnemonic')
|
|
|
|
|
|
|
|
// convert word indices to 11 bit binary strings
|
|
|
|
var bits = words.map(function(word) {
|
|
|
|
var index = wordlist.indexOf(word)
|
|
|
|
return lpad(index.toString(2), '0', 11)
|
|
|
|
}).join('')
|
|
|
|
|
|
|
|
// split the binary string into ENT/CS
|
|
|
|
var dividerIndex = Math.floor(bits.length / 33) * 32
|
|
|
|
var entropy = bits.slice(0, dividerIndex)
|
|
|
|
var checksum = bits.slice(dividerIndex)
|
|
|
|
|
|
|
|
// calculate the checksum and compare
|
|
|
|
var entropyBytes = entropy.match(/(.{1,8})/g).map(function(bin) {
|
|
|
|
return parseInt(bin, 2)
|
|
|
|
})
|
|
|
|
var entropyBuffer = new Buffer(entropyBytes)
|
|
|
|
var newChecksum = checksumBits(entropyBuffer)
|
|
|
|
|
|
|
|
assert(newChecksum === checksum, 'Invalid mnemonic checksum')
|
|
|
|
|
|
|
|
return entropyBuffer.toString('hex')
|
|
|
|
}
|
|
|
|
|
2014-08-17 10:37:14 +10:00
|
|
|
function entropyToMnemonic(entropy, wordlist) {
|
|
|
|
wordlist = wordlist || DEFAULT_WORDLIST
|
|
|
|
|
2014-05-28 23:10:11 +08:00
|
|
|
var entropyBuffer = new Buffer(entropy, 'hex')
|
2014-06-23 15:49:54 +10:00
|
|
|
var entropyBits = bytesToBinary([].slice.call(entropyBuffer))
|
|
|
|
var checksum = checksumBits(entropyBuffer)
|
2014-03-11 16:01:14 +08:00
|
|
|
|
2014-06-23 15:49:54 +10:00
|
|
|
var bits = entropyBits + checksum
|
|
|
|
var chunks = bits.match(/(.{1,11})/g)
|
2014-03-11 16:01:14 +08:00
|
|
|
|
2014-06-23 15:49:54 +10:00
|
|
|
var words = chunks.map(function(binary) {
|
2014-03-11 16:01:14 +08:00
|
|
|
var index = parseInt(binary, 2)
|
2014-06-23 15:49:54 +10:00
|
|
|
|
2014-08-17 10:37:14 +10:00
|
|
|
return wordlist[index]
|
|
|
|
})
|
2014-06-23 15:49:54 +10:00
|
|
|
|
|
|
|
return words.join(' ')
|
2014-03-11 16:01:14 +08:00
|
|
|
}
|
|
|
|
|
2014-08-17 10:37:14 +10:00
|
|
|
function generateMnemonic(strength, rng, wordlist) {
|
2014-03-31 15:11:03 +08:00
|
|
|
strength = strength || 128
|
2014-08-17 10:32:17 +08:00
|
|
|
rng = rng || crypto.randomBytes
|
2014-06-23 17:56:08 +10:00
|
|
|
|
2014-06-25 23:47:30 +10:00
|
|
|
var hex = rng(strength / 8).toString('hex')
|
2014-08-17 10:37:14 +10:00
|
|
|
return entropyToMnemonic(hex, wordlist)
|
2014-03-31 14:07:34 +08:00
|
|
|
}
|
|
|
|
|
2014-08-17 10:37:14 +10:00
|
|
|
function validateMnemonic(mnemonic, wordlist) {
|
2014-08-17 11:11:28 +10:00
|
|
|
try {
|
|
|
|
mnemonicToEntropy(mnemonic, wordlist)
|
|
|
|
} catch (e) {
|
|
|
|
return false
|
|
|
|
}
|
2014-06-23 15:49:54 +10:00
|
|
|
|
2014-08-17 11:11:28 +10:00
|
|
|
return true
|
2014-06-23 15:49:54 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
function checksumBits(entropyBuffer) {
|
|
|
|
var hash = crypto.createHash('sha256').update(entropyBuffer).digest()
|
|
|
|
|
|
|
|
// Calculated constants from BIP39
|
|
|
|
var ENT = entropyBuffer.length * 8
|
|
|
|
var CS = ENT / 32
|
2014-04-05 12:44:16 +08:00
|
|
|
|
2014-06-23 16:19:32 +10:00
|
|
|
return bytesToBinary([].slice.call(hash)).slice(0, CS)
|
2014-04-05 12:44:16 +08:00
|
|
|
}
|
|
|
|
|
2014-03-10 10:49:53 +08:00
|
|
|
function salt(password) {
|
|
|
|
return encode_utf8('mnemonic' + (password || ''))
|
|
|
|
}
|
|
|
|
|
2014-06-23 13:35:21 +10:00
|
|
|
function encode_utf8(s) {
|
2014-03-10 10:49:53 +08:00
|
|
|
return unescape(encodeURIComponent(s))
|
|
|
|
}
|
2014-03-11 16:01:14 +08:00
|
|
|
|
|
|
|
//=========== helper methods from bitcoinjs-lib ========
|
|
|
|
|
|
|
|
function bytesToBinary(bytes) {
|
|
|
|
return bytes.map(function(x) {
|
|
|
|
return lpad(x.toString(2), '0', 8)
|
|
|
|
}).join('');
|
|
|
|
}
|
|
|
|
|
|
|
|
function lpad(str, padString, length) {
|
|
|
|
while (str.length < length) str = padString + str;
|
|
|
|
return str;
|
|
|
|
}
|
|
|
|
|
2014-08-17 10:37:14 +10:00
|
|
|
module.exports = {
|
2014-09-06 00:49:28 +10:00
|
|
|
mnemonicToSeed: mnemonicToSeed,
|
2014-08-17 10:38:11 +10:00
|
|
|
mnemonicToSeedHex: mnemonicToSeedHex,
|
2014-08-17 11:11:28 +10:00
|
|
|
mnemonicToEntropy: mnemonicToEntropy,
|
2014-08-17 10:37:14 +10:00
|
|
|
entropyToMnemonic: entropyToMnemonic,
|
|
|
|
generateMnemonic: generateMnemonic,
|
|
|
|
validateMnemonic: validateMnemonic
|
|
|
|
}
|