ECPair: fix modulo bias in makeRandom

10 years ago · 252336ab8c
1 changed files with 7 additions and 4 deletions
--- a/src/ecpair.js
+++ b/src/ecpair.js
@ -105,11 +105,14 @@ ECPair.makeRandom = function (options) {
  options = options || {}
  var rng = options.rng || randomBytes
  var d
  do {
    var buffer = rng(32)
    typeforce(types.Buffer256bit, buffer)
-  var d = BigInteger.fromBuffer(buffer)
+    d = BigInteger.fromBuffer(buffer)
-  d = d.mod(secp256k1.n)
+  } while (d.compareTo(secp256k1.n) > 0)
  return new ECPair(d, null, options)
 }