9f9e2f1d41
This is a bug with security implications. It is much easier to guess the value of k within a 64 byte range. This would lead to compromised private keys. The cryptography interface of bitcore is extremely poor. I recommend: * Get rid of the C++ code, since it makes everything more difficult with little benefit * Refactor all crypto, and have easily auditable bignum, point, ecdsa, and key classes * Then actually audit the crypto |
||
---|---|---|
.. | ||
ECIES.js | ||
Key.js | ||
PayPro.js | ||
Point.js | ||
RootCerts.js | ||
SecureRandom.js |