ECKey: fix modulo bias in makeRandom

2015-08-21 16:56:11 +10:00 · 2015-08-21 16:56:11 +10:00 · b89c82b9a6
commit b89c82b9a6
parent d50d49bd29
1 changed files with 8 additions and 5 deletions
--- a/src/eckey.js
+++ b/src/eckey.js
@ -49,12 +49,15 @@ ECKey.fromWIF = function (string) {
 ECKey.makeRandom = function (compressed, rng) {
  rng = rng || randomBytes
-  var buffer = rng(32)
+  var d
  typeForce('Buffer', buffer)
  assert.equal(buffer.length, 32, 'Expected 256-bit Buffer from RNG')
-  var d = BigInteger.fromBuffer(buffer)
+  do {
-  d = d.mod(ECKey.curve.n)
+    var buffer = rng(32)
    typeForce('Buffer', buffer)
    assert.equal(buffer.length, 32, 'Expected 256-bit Buffer from RNG')
    d = BigInteger.fromBuffer(buffer)
  } while (d.compareTo(ECKey.curve) >= 0)
  return new ECKey(d, compressed)
 }