From 9f9e2f1d41bdf0b55e1021c96985900bc8ce21e9 Mon Sep 17 00:00:00 2001 From: "Ryan X. Charles" Date: Sun, 10 Aug 2014 21:25:52 -0400 Subject: [PATCH] k should be 32 bytes, not 8 bytes This is a bug with security implications. It is much easier to guess the value of k within a 64 byte range. This would lead to compromised private keys. The cryptography interface of bitcore is extremely poor. I recommend: * Get rid of the C++ code, since it makes everything more difficult with little benefit * Refactor all crypto, and have easily auditable bignum, point, ecdsa, and key classes * Then actually audit the crypto --- lib/common/Key.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/common/Key.js b/lib/common/Key.js index 160d030..f13ad91 100644 --- a/lib/common/Key.js +++ b/lib/common/Key.js @@ -159,7 +159,8 @@ Key.calcPubKeyRecoveryParam = function(e, r, s, Q) { Key.genk = function() { //TODO: account for when >= n - return new bignum(SecureRandom.getRandomBuffer(8)); + var k = new bignum(SecureRandom.getRandomBuffer(32)) + return k; }; module.exports = Key;