add proof of concept bip39 bruteforce benchmark

tools/.gitignore

@@ -1,2 +1,3 @@
 xpubaddrgen
 mksecptable
+bip39bruteforce

tools/Makefile

@@ -23,9 +23,9 @@ CFLAGS   += $(OPTFLAGS) \
             -Werror \
             -I..
 
-all: xpubaddrgen mksecptable
+all: xpubaddrgen mksecptable bip39bruteforce
 
-OBJS = ../bip32.o ../ecdsa.o ../sha2.o ../bignum.o ../base58.o ../secp256k1.o ../ripemd160.o ../hmac.o ../rand.o
+OBJS = ../bip32.o ../bip39.o ../ecdsa.o ../sha2.o ../bignum.o ../base58.o ../secp256k1.o ../ripemd160.o ../hmac.o ../rand.o ../pbkdf2.o
 
 %.o: %.c %.h options.h
 	$(CC) $(CFLAGS) -o $@ -c $<
@@ -36,5 +36,8 @@ xpubaddrgen: xpubaddrgen.o $(OBJS)
 mksecptable: mksecptable.o $(OBJS)
 	$(CC) mksecptable.o $(OBJS) -o mksecptable
 
+bip39bruteforce: bip39bruteforce.o $(OBJS)
+	$(CC) bip39bruteforce.o $(OBJS) -o bip39bruteforce
+
 clean:
-	rm -f *.o xpubaddrgen mksecptable
+	rm -f *.o xpubaddrgen mksecptable bip39bruteforce

tools/bip39bruteforce.c

@@ -0,0 +1,70 @@
+#include <stdio.h>
+#include <time.h>
+#include <string.h>
+#include <bip39.h>
+#include <bip32.h>
+#include <ecdsa.h>
+
+char passphrase[256];
+uint8_t seed[512 / 8];
+uint8_t addr[21], pubkeyhash[20];
+int count = 0, found = 0;
+HDNode node;
+clock_t start;
+
+// around 120 tries per second
+
+// testing data:
+//
+// mnemonic:   "all all all all all all all all all all all all"
+// address:    "1N3uJ5AU3FTYQ1ZQgTMtYmgSvMBmQiGVBS"
+// passphrase: "testing"
+
+int main(int argc, char **argv)
+{
+	if (argc != 3) {
+		fprintf(stderr, "Usage: bip39bruteforce mnemonic address\n");
+		return 1;
+	}
+	const char *mnemonic = argv[1];
+	const char *address = argv[2];
+	if (!mnemonic_check(mnemonic)) {
+		fprintf(stderr, "\"%s\" is not a valid mnemonic\n", mnemonic);
+		return 2;
+	}
+	if (!ecdsa_address_decode(address, addr)) {
+		fprintf(stderr, "\"%s\" is not a valid address\n", address);
+		return 3;
+	}
+	printf("Reading passphrases from stdin ...\n");
+	start = clock();
+	for (;;) {
+		if (fgets(passphrase, 256, stdin) == NULL) break;
+		int len = strlen(passphrase);
+		if (len <= 0) {
+			continue;
+		}
+		count++;
+		passphrase[len - 1] = 0;
+		mnemonic_to_seed(mnemonic, passphrase, seed, NULL);
+		hdnode_from_seed(seed, 512 / 8, &node);
+		hdnode_private_ckd_prime(&node, 44);
+		hdnode_private_ckd_prime(&node, 0);
+		hdnode_private_ckd_prime(&node, 0);
+		hdnode_private_ckd(&node, 0);
+		hdnode_private_ckd(&node, 0);
+		ecdsa_get_pubkeyhash(node.public_key, pubkeyhash);
+		if (memcmp(addr + 1, pubkeyhash, 20) == 0) {
+			found = 1;
+			break;
+		}
+	}
+	float dur = (float)(clock() - start) / CLOCKS_PER_SEC;
+	printf("Tried %d passphrases in %f seconds = %f tries/second\n", count, dur, (float)count/dur);
+	if (found) {
+		printf("Correct passphrase found! :-)\n\"%s\"\n", passphrase);
+		return 0;
+	}
+	printf("Correct passphrase not found. :-(\n");
+	return 4;
+}

tools/mksecptable.c

@@ -14,9 +14,6 @@ int main(int __attribute__((unused)) argc, char __attribute__((unused)) **argv)
 	int i,j,k;
 	curve_point ng = G256k1;
 	curve_point pow2ig = G256k1;
-#ifndef NDEBUG
-	init_rand(); // needed for point_multiply()
-#endif
 	for (i = 0; i < 64; i++) {
 		// invariants:
 		//   pow2ig = 16^i * G