http://www.bouncycastle.org/jira/browse/BMA-82

- use SecureRandom to generate "arbitrary" values

2 files changed, 2 insertions, 4 deletions

diff --git a/crypto/src/math/ec/ECCurve.cs b/crypto/src/math/ec/ECCurve.cs
index 40b46ce72..fa2c72570 100644
--- a/crypto/src/math/ec/ECCurve.cs
+++ b/crypto/src/math/ec/ECCurve.cs
@@ -760,10 +760,9 @@ namespace Org.BouncyCastle.Math.EC
             ECFieldElement gamma, z, zeroElement = FromBigInteger(BigInteger.Zero);
 
             int m = FieldSize;
-            Random rand = new Random();
             do
             {
-                ECFieldElement t = FromBigInteger(new BigInteger(m, rand));
+                ECFieldElement t = FromBigInteger(BigInteger.Arbitrary(m));
                 z = zeroElement;
                 ECFieldElement w = beta;
                 for (int i = 1; i < m; i++)
diff --git a/crypto/src/math/ec/ECFieldElement.cs b/crypto/src/math/ec/ECFieldElement.cs
index 4d4fb3e4d..d0e008aab 100644
--- a/crypto/src/math/ec/ECFieldElement.cs
+++ b/crypto/src/math/ec/ECFieldElement.cs
@@ -306,13 +306,12 @@ namespace Org.BouncyCastle.Math.EC
             BigInteger k = legendreExponent.Add(BigInteger.One), qMinusOne = q.Subtract(BigInteger.One);
 
             BigInteger U, V;
-            Random rand = new Random();
             do
             {
                 BigInteger P;
                 do
                 {
-                    P = new BigInteger(q.BitLength, rand);
+                    P = BigInteger.Arbitrary(q.BitLength);
                 }
                 while (P.CompareTo(q) >= 0
                     || !ModReduce(P.Multiply(P).Subtract(fourX)).ModPow(legendreExponent, q).Equals(qMinusOne));