Merge pull request #309 from ryanxcharles/bug/signing

iterate array correctly so that random number is actually used in signing
2014-05-01 10:51:25 -04:00 · 2014-05-01 10:51:25 -04:00 · 1f49286b2a
parent d413b5f43a b1f34d4015
commit 1f49286b2a
3 changed files with 25 additions and 1 deletions
--- a/lib/browser/Key.js
+++ b/lib/browser/Key.js
@ -99,7 +99,7 @@ Key.prototype.signSync = function(hash) {
  rng.nextBytes = function(array) {
    var buf = SecureRandom.getRandomBuffer(array.length);
    var a = bufferToArray(SecureRandom.getRandomBuffer(array.length));
-    for (var i in array) {
+    for (var i in a) {
      array[i] = a[i];
    }
  };
--- a/test/test.Key.js
+++ b/test/test.Key.js
@ -130,4 +130,19 @@ describe('Key', function() {
    ret.should.equal(false);
  });

+  describe('signSync', function() {
+    it('should sign 10 times and have a different signature each time', function() {
+      var key = new Key();
+      key.private = coinUtil.sha256('my fake private key');
+      key.regenerateSync();
+      var data = coinUtil.sha256('the data i am signing');
+      var sigs = [];
+      for (var i = 0; i < 10; i++)
+        sigs[i] = key.signSync(data);
+      for (var i = 0; i < 10; i++)
+        for (var j = i + 1; j < 10; j++)
+          sigs[i].toString('hex').should.not.equal(sigs[j].toString('hex'));
+    });
+  });
+
 });
--- a/test/test.SecureRandom.js
+++ b/test/test.SecureRandom.js
@ -22,6 +22,15 @@ describe('SecureRandom', function() {
      bytes1.toString('hex').should.not.equal(bytes2.toString('hex'));
    });

+    it('should generate 1000 8 byte buffers in a row that are not equal', function() {
+      var bufs = [];
+      for (var i = 0; i < 100; i++)
+        bufs[i] = SecureRandom.getRandomBuffer(8);
+      for (var i = 0; i < 100; i++)
+        for (var j = i + 1; j < 100; j++)
+          bufs[i].toString('hex').should.not.equal(bufs[j].toString('hex'));
+    });
+
  });

  describe('getPseudoRandomBuffer', function() {