1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
open StdLabels
let acceptable_num_words = [12; 15; 18; 21; 24]
type entropy = {
bytes : Bytes.t;
length : int;
digest_length : int;
num_words : int;
}
let entropy_of_bytes bytes =
match Bytes.length bytes with
| 16 -> Some {bytes; length = 16; digest_length = 4; num_words = 12}
| 20 -> Some {bytes; length = 20; digest_length = 5; num_words = 15}
| 24 -> Some {bytes; length = 24; digest_length = 6; num_words = 18}
| 28 -> Some {bytes; length = 28; digest_length = 7; num_words = 21}
| 32 -> Some {bytes; length = 32; digest_length = 8; num_words = 24}
| _ -> None
type t = int list
let index_of_word word =
let index = ref (-1) in
try
List.iteri Bip39_english.words ~f:(fun i w ->
if String.compare word w = 0 then (
index := i ;
raise Exit)) ;
None
with Exit -> Some !index
let of_words words =
try
List.fold_right words ~init:(0, []) ~f:(fun word (count, acc) ->
match index_of_word word with
| Some i -> (succ count, i :: acc)
| _ -> raise Exit)
|> fun (count, x) ->
if List.(mem count ~set:acceptable_num_words) then Some x else None
with Exit -> None
let of_indices idxs =
try
List.fold_right idxs ~init:(0, []) ~f:(fun i (count, acc) ->
if i < 0 || i > 2047 then raise Exit else (succ count, i :: acc))
|> fun (count, x) ->
if List.(mem count ~set:acceptable_num_words) then Some x else None
with Exit -> None
let to_words = List.map ~f:(List.nth Bip39_english.words)
let to_indices t = t
let pp ppf t =
let open Format in
let words = to_words t in
let pp_mnemonic =
pp_print_list ~pp_sep:(fun fmt () -> fprintf fmt " ") pp_print_string
in
fprintf ppf "%a" pp_mnemonic words
let show t = Format.asprintf "%a" pp t
let int_of_bits bits =
snd
@@ List.fold_right bits ~init:(0, 0) ~f:(fun b (i, res) ->
(succ i, if b then res lor (1 lsl i) else res))
let bits_of_char c =
let b = Char.code c in
let res = ref [] in
for i = 0 to 7 do
res := (b land (1 lsl i) <> 0) :: !res
done ;
!res
let bits_of_bytes bytes =
let acc = ref [] in
Bytes.iter bytes ~f:(fun c -> acc := List.rev_append (bits_of_char c) !acc) ;
List.rev !acc
let list_sub l n =
let rec inner acc n l =
if n > 0 then
match l with
| h :: tl -> inner (h :: acc) (pred n) tl
| _ -> invalid_arg "Bip39.list_sub"
else List.rev acc
in
inner [] n l
let pack l pack_len =
let rec inner (sub_acc_len, sub_acc, acc) = function
| [] -> if sub_acc <> [] then List.rev sub_acc :: acc else acc
| h :: tl ->
if sub_acc_len = pack_len then
inner (1, [h], List.rev sub_acc :: acc) tl
else inner (succ sub_acc_len, h :: sub_acc, acc) tl
in
List.rev (inner (0, [], []) l)
let of_entropy entropy =
match entropy_of_bytes entropy with
| None -> invalid_arg "Bip39.of_entropy: wrong entropy length"
| Some {bytes; digest_length; _} ->
let digest = Bytes.get (Tezos_crypto.Hacl.Hash.SHA256.digest entropy) 0 in
let digest = list_sub (bits_of_char digest) digest_length in
let entropy = bits_of_bytes bytes @ digest in
List.map (pack entropy 11) ~f:int_of_bits
let to_seed ?(passphrase = Bytes.empty) t =
let words = to_words t in
let password = Bytes.of_string (String.concat ~sep:" " words) in
let salt = Bytes.(cat (of_string "mnemonic") passphrase) in
Pbkdf.SHA512.pbkdf2 ~password ~salt ~count:2048 ~dk_len:64l