ECPair: fix modulo bias in makeRandom

2015-08-21 16:46:18 +10:00 · 2015-08-21 16:46:18 +10:00 · 252336ab8c
commit 252336ab8c
parent e5e24256fd
1 changed files with 7 additions and 4 deletions
--- a/src/ecpair.js
+++ b/src/ecpair.js
@ -105,11 +105,14 @@ ECPair.makeRandom = function (options) {
  options = options || {}

  var rng = options.rng || randomBytes
-  var buffer = rng(32)
-  typeforce(types.Buffer256bit, buffer)

-  var d = BigInteger.fromBuffer(buffer)
-  d = d.mod(secp256k1.n)
+  var d
+  do {
+    var buffer = rng(32)
+    typeforce(types.Buffer256bit, buffer)
+
+    d = BigInteger.fromBuffer(buffer)
+  } while (d.compareTo(secp256k1.n) > 0)

  return new ECPair(d, null, options)
 }