From c71920722cf6cf1fbb73b5ef83c734b5050a0dbd Mon Sep 17 00:00:00 2001 From: Evgeny Vlasenko Date: Fri, 16 Jun 2023 19:43:12 +0400 Subject: [PATCH] fix: check extraEntropy according to the spec --- src/abstract/weierstrass.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/abstract/weierstrass.ts b/src/abstract/weierstrass.ts index 5981ca4..afa3f2c 100644 --- a/src/abstract/weierstrass.ts +++ b/src/abstract/weierstrass.ts @@ -964,7 +964,7 @@ export function weierstrass(curveDef: CurveType): CurveFn { if (ent != null) { // K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is - seedArgs.push(ensureBytes('extraEntropy', e, Fp.BYTES)); // check for being of size BYTES + seedArgs.push(ensureBytes('extraEntropy', e)); // check for being of size BYTES } const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2 const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash!