From 252336ab8c286e962bed8f47862b39cf4f5f9888 Mon Sep 17 00:00:00 2001
From: Daniel Cousens <github@dcousens.com>
Date: Fri, 21 Aug 2015 16:46:18 +1000
Subject: [PATCH] ECPair: fix modulo bias in makeRandom

---
 src/ecpair.js | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/ecpair.js b/src/ecpair.js
index 4599039..432ad69 100644
--- a/src/ecpair.js
+++ b/src/ecpair.js
@@ -105,11 +105,14 @@ ECPair.makeRandom = function (options) {
   options = options || {}
 
   var rng = options.rng || randomBytes
-  var buffer = rng(32)
-  typeforce(types.Buffer256bit, buffer)
 
-  var d = BigInteger.fromBuffer(buffer)
-  d = d.mod(secp256k1.n)
+  var d
+  do {
+    var buffer = rng(32)
+    typeforce(types.Buffer256bit, buffer)
+
+    d = BigInteger.fromBuffer(buffer)
+  } while (d.compareTo(secp256k1.n) > 0)
 
   return new ECPair(d, null, options)
 }