doxygen/html/bip39_8cpp_source.html

 // Source:
 // https://github.com/trezor/trezor-crypto

 #include "bip39.h"
 #include "bip39_english.h"
 #include "crypto/sha256.h"
 #include "random.h"

 #include <openssl/evp.h>

 SecureString CMnemonic::Generate(int strength)
 {
     if (strength % 32 || strength < 128 || strength > 256) {
         return SecureString();
     }
     SecureVector data(32);
     GetRandBytes(&data[0], 32);
     SecureString mnemonic = FromData(data, strength / 8);
     return mnemonic;
 }

 // SecureString CMnemonic::FromData(const uint8_t *data, int len)
 SecureString CMnemonic::FromData(const SecureVector& data, int len)
 {
     if (len % 4 || len < 16 || len > 32) {
         return SecureString();
     }

     SecureVector checksum(32);
     CSHA256().Write(&data[0], len).Finalize(&checksum[0]);

     // data
     SecureVector bits(len);
     memcpy(&bits[0], &data[0], len);
     // checksum
     bits.push_back(checksum[0]);

     int mlen = len * 3 / 4;
     SecureString mnemonic;

     int i, j, idx;
     for (i = 0; i < mlen; i++) {
         idx = 0;
         for (j = 0; j < 11; j++) {
             idx <<= 1;
             idx += (bits[(i * 11 + j) / 8] & (1 << (7 - ((i * 11 + j) % 8)))) > 0;
         }
         mnemonic.append(wordlist[idx]);
         if (i < mlen - 1) {
             mnemonic += ' ';
         }
     }

     return mnemonic;
 }

 bool CMnemonic::Check(SecureString mnemonic)
 {
     if (mnemonic.empty()) {
         return false;
     }

     uint32_t nWordCount{};

     for (size_t i = 0; i < mnemonic.size(); ++i) {
         if (mnemonic[i] == ' ') {
             nWordCount++;
         }
     }
     nWordCount++;
     // check number of words
     if (nWordCount != 12 && nWordCount != 18 && nWordCount != 24) {
         return false;
     }

     SecureString ssCurrentWord;
     SecureVector bits(32 + 1);

     uint32_t nWordIndex, ki, nBitsCount{};

     for (size_t i = 0; i < mnemonic.size(); ++i)
     {
         ssCurrentWord = "";
         while (i + ssCurrentWord.size() < mnemonic.size() && mnemonic[i + ssCurrentWord.size()] != ' ') {
             if (ssCurrentWord.size() >= 9) {
                 return false;
             }
             ssCurrentWord += mnemonic[i + ssCurrentWord.size()];
         }
         i += ssCurrentWord.size();
         nWordIndex = 0;
         for (;;) {
             if (!wordlist[nWordIndex]) { // word not found
                 return false;
             }
             if (ssCurrentWord == wordlist[nWordIndex]) { // word found on index nWordIndex
                 for (ki = 0; ki < 11; ki++) {
                     if (nWordIndex & (1 << (10 - ki))) {
                         bits[nBitsCount / 8] |= 1 << (7 - (nBitsCount % 8));
                     }
                     nBitsCount++;
                 }
                 break;
             }
             nWordIndex++;
         }
     }
     if (nBitsCount != nWordCount * 11) {
         return false;
     }
     bits[32] = bits[nWordCount * 4 / 3];
     CSHA256().Write(&bits[0], nWordCount * 4 / 3).Finalize(&bits[0]);

     bool fResult = 0;
     if (nWordCount == 12) {
         fResult = (bits[0] & 0xF0) == (bits[32] & 0xF0); // compare first 4 bits
     } else
     if (nWordCount == 18) {
         fResult = (bits[0] & 0xFC) == (bits[32] & 0xFC); // compare first 6 bits
     } else
     if (nWordCount == 24) {
         fResult = bits[0] == bits[32]; // compare 8 bits
     }

     return fResult;
 }

 // passphrase must be at most 256 characters or code may crash
 void CMnemonic::ToSeed(SecureString mnemonic, SecureString passphrase, SecureVector& seedRet)
 {
     SecureString ssSalt = SecureString("mnemonic") + passphrase;
     SecureVector vchSalt(ssSalt.begin(), ssSalt.end());
     seedRet.resize(64);
     // int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
     //                    const unsigned char *salt, int saltlen, int iter,
     //                    const EVP_MD *digest,
     //                    int keylen, unsigned char *out);
     PKCS5_PBKDF2_HMAC(mnemonic.c_str(), mnemonic.size(), &vchSalt[0], vchSalt.size(), 2048, EVP_sha512(), 64, &seedRet[0]);
 }
SecureString
std::basic_string< char, std::char_traits< char >, secure_allocator< char > > SecureString
Definition: secure.h:61

CSHA256::Finalize
void Finalize(unsigned char hash[OUTPUT_SIZE])
Definition: sha256.cpp:167

CMnemonic::FromData
static SecureString FromData(const SecureVector &data, int len)
Definition: bip39.cpp:46

gen_base58_test_vectors.data
data
Definition: gen_base58_test_vectors.py:123

CMnemonic::Check
static bool Check(SecureString mnemonic)
Definition: bip39.cpp:80

SecureVector
std::vector< unsigned char, secure_allocator< unsigned char > > SecureVector
Definition: secure.h:63

base58.checksum
def checksum(v)
Definition: base58.py:71

wordlist
const char *const wordlist[]
Definition: bip39_english.h:24

CSHA256::Write
CSHA256 & Write(const unsigned char *data, size_t len)
Definition: sha256.cpp:141

memcpy
void * memcpy(void *a, const void *b, size_t c)
Definition: glibc_compat.cpp:17

CMnemonic::Generate
static SecureString Generate(int strength)
Definition: bip39.cpp:34

GetRandBytes
void GetRandBytes(unsigned char *buf, int num)
Definition: random.cpp:86

random.h

bip39_english.h

sha256.h

CSHA256
Definition: sha256.h:12

CMnemonic::ToSeed
static void ToSeed(SecureString mnemonic, SecureString passphrase, SecureVector &seedRet)
Definition: bip39.cpp:152

bip39.h