I've been trying to teach myself Python, and as part of that effort, I made my own implementation of BIP0038 from reading the wiki. My encrypted private keys decrypt just fine, both EC multiplied and not, and confirmation codes for uncompressed addresses are handled without error, and in my own implementation the compressed keys work just fine as well, but in the Bitcoin Address Utility app, for the life of me I can't get it to confirm a cfrm38 code with the compression flag added to the flag byte!!! Lot/sequence, no lot/sequence, makes no difference.
Can anybody else confirm this? Here's a couple example tests, both for compressed keys:
Password: "test"
Use lot & sequence: no
Intermediate code generated: passphrasersABUMjrzivGVNvYLTdpjCqfRuh7C5HRe5aLB6oYGGSTZWUta6QhWqj7ViYYVh
Encrypted address generated: 6PnUgftup4jXcP3iwbfK7kASooouTdMNioY8X3pg8UX6JNkLATmFPmkpSy
Confirmation code generated: cfrm38VUVh7yArqgxZFD5FaS48x8pnsh2EZKKPUwcckVG5JHkmPfBmNzmTSTa7jSWFRkGrtZ6jb
Password: "test"
Use lot & sequence: yes, lot = 234567, sequence = 8
Intermediate code generated: passphraseZKN1wyUNP3hhEn2L6PNS3nShfHEGGbYJYWv6XhBG9Ugxr1TehfDMCmmMQ8AozB
Encrypted address generated: 6PoPdExKREgv8d35ew5P6HVct3EWm9wYQnBoCvzeWoAXSaodYyGZ1ZnJYC
Confirmation code generated: cfrm38VXUCiGi9gYG2dvZyikcef3tEtGFuCz4hCCRZSUhnYB1GoH6j2oPNotamefsstTYoytxDR
I was originally hesitant to post my code, because it's very sloppy in the sense that I've created a bunch of my own functions. Early on, I switched from Python 2 to 3, and got all of the "your code isn't nearly as clean sanitized as I'd like" exceptions thrown at me. I also really like working with strings. So I have functions like "hexX()" which converts input to an string of hex characters, and "strr()" which sanitizes strings so I don't get yelled at by the compiler. And of course "printt()" and "inputt()" which checks the Python version and does the appropriate function given the version. Anyway, what I'm getting at is be prepared for very unprofessional code. I'm just learning Python, and I don't yet know all (any) of the conventions, and I whipped out silly functions to do what I wanted so I could focus on the part of the coding I enjoyed rather than constantly sanitizing everything. So without further ado,
here is the relevant portion of the code doing the private key encryption and the confirmation codes.