Card entropy uses secure hashing when > 256 bits

author: Ian Coleman <coleman.ian@gmail.com> 2016-12-22 15:40:41 +1100
committer: Ian Coleman <coleman.ian@gmail.com> 2016-12-22 15:40:41 +1100
commit: 9d33c8925dc07783e2cd819c91eee1144598fcf2 (patch)
tree: 9e38c1e63d500d4f641f6940c2165f677054e921
parent: 0a1f0259d1cfe5217ca9c08f7fbd371a03703594 (diff)
download: BIP39-9d33c8925dc07783e2cd819c91eee1144598fcf2.tar.gz
BIP39-9d33c8925dc07783e2cd819c91eee1144598fcf2.tar.zst
BIP39-9d33c8925dc07783e2cd819c91eee1144598fcf2.zip
2 files changed, 21 insertions, 24 deletions
diff --git a/src/js/entropy.js b/src/js/entropy.js
index 24fc21a..a709c78 100644
--- a/src/js/entropy.js
+++ b/src/js/entropy.js
@@ -293,15 +293,12 @@ window.Entropy = new (function() {
        // Create a normalized string of the selected cards
        var normalizedCards = cards.join("").toUpperCase();
        // Convert to binary using the SHA256 hash of the normalized cards.
-        // If the number of bits is more than 256, multiple rounds of hashing
+        // If the number of bits is more than 256, multiple hashes
        // are used until the required number of bits is reached.
        var entropyBin = "";
        var iterations = 0;
        while (entropyBin.length < numberOfBits) {
-            var hashedCards = sjcl.hash.sha256.hash(normalizedCards);
+            var hashedCards = sjcl.hash.sha256.hash(normalizedCards + ":" + iterations);
-            for (var j=0; j<iterations; j++) {
-                hashedCards = sjcl.hash.sha256.hash(hashedCards);
-            }
            var hashHex = sjcl.codec.hex.fromBits(hashedCards);
            for (var i=0; i<hashHex.length; i++) {
                var decimal = parseInt(hashHex[i], 16);
diff --git a/tests.js b/tests.js
index 3cde75f..4d229ab 100644
--- a/tests.js
+++ b/tests.js
@@ -2155,10 +2155,10 @@ page.open(url, function(status) {
            return e.message;
        }
        // Leading zeros for card entropy as binary string.
-        // Card entropy is hashed so 2c does not produce leading zeros.
+        // Card entropy is hashed so 2c does not necessarily produce leading zeros.
        try {
-            e = Entropy.fromString("4c");
+            e = Entropy.fromString("2c");
-            if (e.binaryStr != "0001") {
+            if (e.binaryStr != "0010") {
                return "Card entropy as binary has leading zeros";
            }
        }
@@ -2190,24 +2190,24 @@ page.open(url, function(status) {
        // [ cards, binary ]
        try {
            var cards = [
-                [ "ac", "0100" ],
+                [ "ac", "0101" ],
-                [ "acqs", "10111101" ],
+                [ "acqs", "11011100" ],
-                [ "acks", "11110000" ],
+                [ "acks", "01011100" ],
-                [ "2cac", "11000010" ],
+                [ "2cac", "11111000" ],
-                [ "2c", "1000" ],
+                [ "2c", "0010" ],
-                [ "3d", "1111" ],
+                [ "3d", "0001" ],
-                [ "4h", "0011" ],
+                [ "4h", "1001" ],
                [ "5s", "1001" ],
-                [ "6c", "1011" ],
+                [ "6c", "0000" ],
-                [ "7d", "1101" ],
+                [ "7d", "0001" ],
                [ "8h", "1011" ],
-                [ "9s", "1010" ],
+                [ "9s", "0010" ],
-                [ "tc", "1101" ],
+                [ "tc", "1001" ],
-                [ "jd", "1101" ],
+                [ "jd", "1111" ],
-                [ "qh", "1100" ],
+                [ "qh", "0010" ],
-                [ "ks", "1111" ],
+                [ "ks", "0101" ],
-                [ "ks2c", "10000001" ],
+                [ "ks2c", "01010100" ],
-                [ "KS2C", "10000001" ],
+                [ "KS2C", "01010100" ],
            ];
            for (var i=0; i<cards.length; i++) {
                var card = cards[i][0];
author	Ian Coleman <coleman.ian@gmail.com>	2016-12-22 15:40:41 +1100
committer	Ian Coleman <coleman.ian@gmail.com>	2016-12-22 15:40:41 +1100
commit	9d33c8925dc07783e2cd819c91eee1144598fcf2 (patch)
tree	9e38c1e63d500d4f641f6940c2165f677054e921
parent	0a1f0259d1cfe5217ca9c08f7fbd371a03703594 (diff)
download	BIP39-9d33c8925dc07783e2cd819c91eee1144598fcf2.tar.gz BIP39-9d33c8925dc07783e2cd819c91eee1144598fcf2.tar.zst BIP39-9d33c8925dc07783e2cd819c91eee1144598fcf2.zip

diff --git a/src/js/entropy.js b/src/js/entropy.js index 24fc21a..a709c78 100644 --- a/src/js/entropy.js +++ b/src/js/entropy.js
@@ -293,15 +293,12 @@ window.Entropy = new (function() {
293	// Create a normalized string of the selected cards	293	// Create a normalized string of the selected cards
294	var normalizedCards = cards.join("").toUpperCase();	294	var normalizedCards = cards.join("").toUpperCase();
295	// Convert to binary using the SHA256 hash of the normalized cards.	295	// Convert to binary using the SHA256 hash of the normalized cards.
296	// If the number of bits is more than 256, multiple rounds of hashing	296	// If the number of bits is more than 256, multiple hashes
297	// are used until the required number of bits is reached.	297	// are used until the required number of bits is reached.
298	var entropyBin = "";	298	var entropyBin = "";
299	var iterations = 0;	299	var iterations = 0;
300	while (entropyBin.length < numberOfBits) {	300	while (entropyBin.length < numberOfBits) {
301	var hashedCards = sjcl.hash.sha256.hash(normalizedCards);	301	var hashedCards = sjcl.hash.sha256.hash(normalizedCards + ":" + iterations);
302	for (var j=0; j<iterations; j++) {
303	hashedCards = sjcl.hash.sha256.hash(hashedCards);
304	}
305	var hashHex = sjcl.codec.hex.fromBits(hashedCards);	302	var hashHex = sjcl.codec.hex.fromBits(hashedCards);
306	for (var i=0; i<hashHex.length; i++) {	303	for (var i=0; i<hashHex.length; i++) {
307	var decimal = parseInt(hashHex[i], 16);	304	var decimal = parseInt(hashHex[i], 16);


diff --git a/tests.js b/tests.js index 3cde75f..4d229ab 100644 --- a/tests.js +++ b/tests.js
@@ -2155,10 +2155,10 @@ page.open(url, function(status) {
2155	return e.message;	2155	return e.message;
2156	}	2156	}
2157	// Leading zeros for card entropy as binary string.	2157	// Leading zeros for card entropy as binary string.
2158	// Card entropy is hashed so 2c does not produce leading zeros.	2158	// Card entropy is hashed so 2c does not necessarily produce leading zeros.
2159	try {	2159	try {
2160	e = Entropy.fromString("4c");	2160	e = Entropy.fromString("2c");
2161	if (e.binaryStr != "0001") {	2161	if (e.binaryStr != "0010") {
2162	return "Card entropy as binary has leading zeros";	2162	return "Card entropy as binary has leading zeros";
2163	}	2163	}
2164	}	2164	}
@@ -2190,24 +2190,24 @@ page.open(url, function(status) {
2190	// [ cards, binary ]	2190	// [ cards, binary ]
2191	try {	2191	try {
2192	var cards = [	2192	var cards = [
2193	[ "ac", "0100" ],	2193	[ "ac", "0101" ],
2194	[ "acqs", "10111101" ],	2194	[ "acqs", "11011100" ],
2195	[ "acks", "11110000" ],	2195	[ "acks", "01011100" ],
2196	[ "2cac", "11000010" ],	2196	[ "2cac", "11111000" ],
2197	[ "2c", "1000" ],	2197	[ "2c", "0010" ],
2198	[ "3d", "1111" ],	2198	[ "3d", "0001" ],
2199	[ "4h", "0011" ],	2199	[ "4h", "1001" ],
2200	[ "5s", "1001" ],	2200	[ "5s", "1001" ],
2201	[ "6c", "1011" ],	2201	[ "6c", "0000" ],
2202	[ "7d", "1101" ],	2202	[ "7d", "0001" ],
2203	[ "8h", "1011" ],	2203	[ "8h", "1011" ],
2204	[ "9s", "1010" ],	2204	[ "9s", "0010" ],
2205	[ "tc", "1101" ],	2205	[ "tc", "1001" ],
2206	[ "jd", "1101" ],	2206	[ "jd", "1111" ],
2207	[ "qh", "1100" ],	2207	[ "qh", "0010" ],
2208	[ "ks", "1111" ],	2208	[ "ks", "0101" ],
2209	[ "ks2c", "10000001" ],	2209	[ "ks2c", "01010100" ],
2210	[ "KS2C", "10000001" ],	2210	[ "KS2C", "01010100" ],
2211	];	2211	];
2212	for (var i=0; i<cards.length; i++) {	2212	for (var i=0; i<cards.length; i++) {
2213	var card = cards[i][0];	2213	var card = cards[i][0];