diff --git a/examples/musig.c b/examples/musig.c index 1fbd2207..3a657410 100644 --- a/examples/musig.c +++ b/examples/musig.c @@ -18,6 +18,8 @@ #include #include +#include "random.h" + struct signer_secrets { secp256k1_keypair keypair; secp256k1_musig_secnonce secnonce; @@ -34,20 +36,14 @@ struct signer { /* Create a key pair, store it in signer_secrets->keypair and signer->pubkey */ int create_keypair(const secp256k1_context* ctx, struct signer_secrets *signer_secrets, struct signer *signer) { unsigned char seckey[32]; - FILE *frand = fopen("/dev/urandom", "r"); - if (frand == NULL) { - return 0; - } - do { - if(!fread(seckey, sizeof(seckey), 1, frand)) { - fclose(frand); - return 0; - } - /* The probability that this not a valid secret key is approximately 2^-128 */ - } while (!secp256k1_ec_seckey_verify(ctx, seckey)); - fclose(frand); - if (!secp256k1_keypair_create(ctx, &signer_secrets->keypair, seckey)) { - return 0; + while (1) { + if (!fill_random(seckey, sizeof(seckey))) { + printf("Failed to generate randomness\n"); + return 1; + } + if (secp256k1_keypair_create(ctx, &signer_secrets->keypair, seckey)) { + break; + } } if (!secp256k1_keypair_xonly_pub(ctx, &signer->pubkey, NULL, &signer_secrets->keypair)) { return 0; @@ -103,21 +99,14 @@ int sign(const secp256k1_context* ctx, struct signer_secrets *signer_secrets, st secp256k1_musig_session session; for (i = 0; i < N_SIGNERS; i++) { - FILE *frand; unsigned char seckey[32]; unsigned char session_id[32]; /* Create random session ID. It is absolutely necessary that the session ID * is unique for every call of secp256k1_musig_nonce_gen. Otherwise * it's trivial for an attacker to extract the secret key! */ - frand = fopen("/dev/urandom", "r"); - if(frand == NULL) { + if (!fill_random(session_id, sizeof(session_id))) { return 0; } - if (!fread(session_id, 32, 1, frand)) { - fclose(frand); - return 0; - } - fclose(frand); if (!secp256k1_keypair_sec(ctx, seckey, &signer_secrets[i].keypair)) { return 0; }