Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Project Development
Re: [coinb.in] Open Source, Multi Signature, HD Wallet, SegWit/Bech32 and more!
by
volfr
on 03/03/2024, 16:59:25 UTC
Hi all! If we slightly modify the function for generating the private key in this script, coinjs.newPrivkey, and add a couple of lines generated by the JavaScript method Crypto.getRandomValues(), will we get a more robust key?

Original code:
Code:
/* generate a new random private key */
coinjs.newPrivkey = function(){
var x = window.location;
x += (window.screen.height * window.screen.width * window.screen.colorDepth);
x += coinjs.random(64);
x += (window.screen.availHeight * window.screen.availWidth * window.screen.pixelDepth);
x += navigator.language;
x += window.history.length;
x += coinjs.random(64);
x += navigator.userAgent;
x += 'coinb.in';
x += (Crypto.util.randomBytes(64)).join("");
x += x.length;
var dateObj = new Date();
x += dateObj.getTimezoneOffset();
x += coinjs.random(64);
x += (document.getElementById("entropybucket")) ? document.getElementById("entropybucket").innerHTML : '';
x += x+''+x;
var r = x;
for(i=0;i<(x).length/25;i++){
r = Crypto.SHA256(r.concat(x));
}
var checkrBigInt = new BigInteger(r);
var orderBigInt = new BigInteger("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
while (checkrBigInt.compareTo(orderBigInt) >= 0 || checkrBigInt.equals(BigInteger.ZERO) || checkrBigInt.equals(BigInteger.ONE)) {
r = Crypto.SHA256(r.concat(x));
checkrBigInt = new BigInteger(r);
}
return r;
}

Modified code:
Code:
/* generate a new random private key */
coinjs.newPrivkey = function(){
var x = window.location;
x += (window.screen.height * window.screen.width * window.screen.colorDepth);
x += coinjs.random(64);
x += (window.screen.availHeight * window.screen.availWidth * window.screen.pixelDepth);
x += navigator.language;
x += window.history.length;
x += coinjs.random(64);
x += 'coinb.in';
x += coinjs.newRand();
x += coinjs.newRand();
x += (Crypto.util.randomBytes(64)).join("");
x += x.length;
var dateObj = new Date();
x += dateObj.getTimezoneOffset();
x += coinjs.random(64);
x += (document.getElementById("entropybucket")) ? document.getElementById("entropybucket").innerHTML : '';
x += x+''+x;
var r = x;
for(i=0;i<(x).length/25;i++){
r = Crypto.SHA256(r.concat(x)).toUpperCase();
}
var checkrBigInt = new BigInteger(r);
var orderBigInt = new BigInteger("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
while (checkrBigInt.compareTo(orderBigInt) >= 0 || checkrBigInt.equals(BigInteger.ZERO) || checkrBigInt.equals(BigInteger.ONE)) {
r = Crypto.SHA256(r.concat(x));
checkrBigInt = new BigInteger(r);
}
return r;
}
//new function for random
coinjs.newRand = function(){
var arr = new Uint8Array(32)
  window.crypto.getRandomValues(arr);
  var ran = arr.join('')+'New Random';
return ran;
}

Thanks in advance!