From b89c82b9a651f11fe69a5d9a4f1e40bc72af2941 Mon Sep 17 00:00:00 2001
From: Daniel Cousens <github@dcousens.com>
Date: Fri, 21 Aug 2015 16:56:11 +1000
Subject: [PATCH] ECKey: fix modulo bias in makeRandom

---
 src/eckey.js | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/eckey.js b/src/eckey.js
index 06bed6a..e919834 100644
--- a/src/eckey.js
+++ b/src/eckey.js
@@ -49,12 +49,15 @@ ECKey.fromWIF = function (string) {
 ECKey.makeRandom = function (compressed, rng) {
   rng = rng || randomBytes
 
-  var buffer = rng(32)
-  typeForce('Buffer', buffer)
-  assert.equal(buffer.length, 32, 'Expected 256-bit Buffer from RNG')
+  var d
 
-  var d = BigInteger.fromBuffer(buffer)
-  d = d.mod(ECKey.curve.n)
+  do {
+    var buffer = rng(32)
+    typeForce('Buffer', buffer)
+    assert.equal(buffer.length, 32, 'Expected 256-bit Buffer from RNG')
+
+    d = BigInteger.fromBuffer(buffer)
+  } while (d.compareTo(ECKey.curve) >= 0)
 
   return new ECKey(d, compressed)
 }