diff options
| author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2018-07-24 20:53:09 +0100 |
|---|---|---|
| committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2018-09-11 13:38:12 +0000 |
| commit | 7434df1cc6e96b5d98ea6e3ec095eaae4ac9a95c (patch) | |
| tree | 2dd3fed815b3d48a06b678068e2280ccad1de257 /src | |
| parent | multiexp: fix wrong Bos-Coster result for 1 non trivial input (diff) | |
| download | monero-7434df1cc6e96b5d98ea6e3ec095eaae4ac9a95c.tar.xz | |
crypto: never return zero in random32_unbiased
This avoids problems when the caller can't deal with a zero
walue, which happens often enough that it's worth nipping the
problem in the bud.
Diffstat (limited to 'src')
| -rw-r--r-- | src/crypto/crypto.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/crypto/crypto.cpp b/src/crypto/crypto.cpp index 4243c71fd..d6e3b8e0e 100644 --- a/src/crypto/crypto.cpp +++ b/src/crypto/crypto.cpp @@ -116,7 +116,7 @@ namespace crypto { do { generate_random_bytes_thread_safe(32, bytes); - } while (!less32(bytes, limit)); // should be good about 15/16 of the time + } while (!sc_isnonzero(bytes) && !less32(bytes, limit)); // should be good about 15/16 of the time sc_reduce32(bytes); } /* generate a random 32-byte (256-bit) integer and copy it to res */ |