Swift
Swift
BIP39 Compute Binary Seed from Mnemonic
See more Encryption Examples
Creates a binary seed from a mnemonic. Uses the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes).Chilkat Swift Downloads
func chilkatTest() {
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
let crypt = CkoCrypt2()!
// Test with the test vectors at https://github.com/trezor/python-mnemonic/blob/master/vectors.json
// This is the 2nd test vector..
var mnemonic: String? = "legal winner thank year wave sausage worth useful legal winner thank yellow"
var passphrase: String? = "TREZOR"
var expectedSeed: String? = "2e8905819b8723fe2c1d161860e5ee1830318dbf49a83bd451cfb8440c28bd6fa457fe1296106559a3c80937a1c1069be3a3a5bd381ee6260e8d9739fce1f607"
var expectedMasterKey: String? = "xprv9s21ZrQH143K2gA81bYFHqU68xz1cX2APaSq5tt6MFSLeXnCKV1RVUJt9FWNTbrrryem4ZckN8k4Ls1H6nwdvDTvnV7zEXs2HgPezuVccsq"
// The mnemonic sentence (in UTF-8 NFKD) used as the password.
// The string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt.
// The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function.
// The length of the derived key is 512 bits (= 64 bytes).
// We want the computed seed to be lowercase hex, therefore our salt must also be hex.
// The seed is the keyword "mnemonic" + passphrase (in this case is "TREZOR") converted to hex.
let bdSalt = CkoBinData()!
bdSalt.appendString(str: "mnemonic", charset: "utf-8")
bdSalt.appendString(str: passphrase, charset: "utf-8")
var computedSeed: String? = crypt.pbkdf2(password: mnemonic, charset: "utf-8", hashAlg: "sha512", salt: bdSalt.getEncoded(encoding: "hex_lower"), iterationCount: 2048, outputKeyBitLen: 512, encoding: "hex_lower")
print("Expected: \(expectedSeed!)")
print("Computed: \(computedSeed!)")
// To compute the hd_master_key, duplicate this Python code:
// def to_hd_master_key(seed: bytes, testnet: bool = False) -> str:
// if len(seed) != 64:
// raise ValueError("Provided seed should have length of 64")
//
// # Compute HMAC-SHA512 of seed
// seed = hmac.new(b"Bitcoin seed", seed, digestmod=hashlib.sha512).digest()
//
// # Serialization format can be found at: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#Serialization_format
// xprv = b"\x04\x88\xad\xe4" # Version for private mainnet
// if testnet:
// xprv = b"\x04\x35\x83\x94" # Version for private testnet
// xprv += b"\x00" * 9 # Depth, parent fingerprint, and child number
// xprv += seed[32:] # Chain code
// xprv += b"\x00" + seed[:32] # Master key
//
// # Double hash using SHA256
// hashed_xprv = hashlib.sha256(xprv).digest()
// hashed_xprv = hashlib.sha256(hashed_xprv).digest()
//
// # Append 4 bytes of checksum
// xprv += hashed_xprv[:4]
//
// # Return base58
// return b58encode(xprv)
// First compute the HMAC-SHA512 of the computedSeed
let bdSeed = CkoBinData()!
bdSeed.appendEncoded(encData: computedSeed, encoding: "hex_lower")
crypt.encodingMode = "hex_lower"
crypt.hashAlgorithm = "sha512"
crypt.setMacKeyString(key: "Bitcoin seed")
var hmacSha512_hex: String? = crypt.macBdENC(bd: bdSeed)
let bdHmac = CkoBinData()!
bdHmac.appendEncoded(encData: hmacSha512_hex, encoding: "hex_lower")
let bdXprv = CkoBinData()!
bdXprv.appendEncoded(encData: "0488ade4", encoding: "hex_lower")
bdXprv.appendEncoded(encData: "000000000000000000", encoding: "hex_lower")
bdXprv.appendEncoded(encData: bdHmac.getEncodedChunk(offset: 32, numBytes: 32, encoding: "hex_lower"), encoding: "hex_lower")
bdXprv.appendByte(byteValue: 0)
bdXprv.appendEncoded(encData: bdHmac.getEncodedChunk(offset: 0, numBytes: 32, encoding: "hex_lower"), encoding: "hex_lower")
// Double hash using SHA256
crypt.encodingMode = "hex_lower"
crypt.hashAlgorithm = "sha256"
let bdHash = CkoBinData()!
bdHash.appendEncoded(encData: crypt.hashBdENC(bd: bdXprv), encoding: "hex_lower")
var secondHash: String? = crypt.hashBdENC(bd: bdHash)
bdHash.clear()
bdHash.appendEncoded(encData: secondHash, encoding: "hex_lower")
// Append the 1st 4 bytes of the bdHash to bdXprv.
bdXprv.appendEncoded(encData: bdHash.getEncodedChunk(offset: 0, numBytes: 4, encoding: "hex_lower"), encoding: "hex_lower")
// Base58 encode bdXprv
var computedMasterKey: String? = bdXprv.getEncoded(encoding: "base58")
print("Expected Master Key: \(expectedMasterKey!)")
print("Computed Master Key: \(computedMasterKey!)")
}