diff --git a/ch04.asciidoc b/ch04.asciidoc index 3dfa491..38be5e8 100644 --- a/ch04.asciidoc +++ b/ch04.asciidoc @@ -553,6 +553,11 @@ include::code/ec-math.py[] <> shows the output produced by running this script.(((range="endofrange", startref="ix_ch04-asciidoc22")))(((range="endofrange", startref="ix_ch04-asciidoc21")))(((range="endofrange", startref="ix_ch04-asciidoc20")))(((range="endofrange", startref="ix_ch04-asciidoc19")))(((range="endofrange", startref="ix_ch04-asciidoc18"))) +[NOTE] +==== +The example above uses +os.urandom+ which reflects a cryptographically secure random number generator (CSRNG) provided by the underlying OS. In the case of UNIX-like operating system such as Linux, it draws from +/dev/urandom+ and in the case of Windows calls +CryptGenRandom()+. If a suitable randomness source is not found, +NotImplementedError+ will be raised. While the random number generator used here is for demonstration purposes, it is not appropriate for generating production-quality bitcoin keys as it is not implemented with sufficient security. +==== + [[ec_math_run]] .Installing the Python ECDSA library and running the ec_math.py script ==== diff --git a/code/ec-math.py b/code/ec-math.py index b9c7b55..c7f389e 100644 --- a/code/ec-math.py +++ b/code/ec-math.py @@ -1,5 +1,5 @@ import ecdsa -import random +import os import time from ecdsa.util import string_to_number, number_to_string @@ -20,9 +20,11 @@ curve = curve_secp256k1 generator = generator_secp256k1 def random_secret(): - random_char = lambda: chr(random.randint(0, 255)) convert_to_int = lambda array: int("".join(array).encode("hex"), 16) - byte_array = [random_char() for i in range(32)] + + # Collect 256 bits of random data from the OS's cryptographically secure random generator + byte_array = os.urandom(32) + return convert_to_int(byte_array) def get_point_pubkey(point): @@ -38,8 +40,6 @@ def get_point_pubkey_uncompressed(point): '%064x' % point.y() return key.decode('hex') -# Seed random number generator. -random.seed(time.time()) # Generate a new private key. secret = random_secret()