Addressing errata 151300

ch04.asciidoc

@@ -553,6 +553,11 @@ include::code/ec-math.py[]
 
 <<ec_math_run>> shows the output produced by running this script.(((range="endofrange", startref="ix_ch04-asciidoc22")))(((range="endofrange", startref="ix_ch04-asciidoc21")))(((range="endofrange", startref="ix_ch04-asciidoc20")))(((range="endofrange", startref="ix_ch04-asciidoc19")))(((range="endofrange", startref="ix_ch04-asciidoc18")))
 
+[NOTE]
+====
+The example above uses +os.urandom+ which reflects a cryptographically secure random number generator (CSRNG) provided by the underlying OS. In the case of UNIX-like operating system such as Linux, it draws from +/dev/urandom+ and in the case of Windows calls +CryptGenRandom()+. If a suitable randomness source is not found, +NotImplementedError+ will be raised. While the random number generator used here is for demonstration purposes, it is not appropriate for generating production-quality bitcoin keys as it is not implemented with sufficient security.
+====
+
 [[ec_math_run]]
 .Installing the Python ECDSA library and running the ec_math.py script
 ====

code/ec-math.py

@@ -1,5 +1,5 @@
 import ecdsa
-import random
+import os
 import time
 from ecdsa.util import string_to_number, number_to_string
 
@@ -20,9 +20,11 @@ curve = curve_secp256k1
 generator = generator_secp256k1
 
 def random_secret():
-    random_char = lambda: chr(random.randint(0, 255))
     convert_to_int = lambda array: int("".join(array).encode("hex"), 16)
-    byte_array = [random_char() for i in range(32)]
+    
+    # Collect 256 bits of random data from the OS's cryptographically secure random generator
+    byte_array = os.urandom(32)
+    
     return convert_to_int(byte_array)
 
 def get_point_pubkey(point):
@@ -38,8 +40,6 @@ def get_point_pubkey_uncompressed(point):
           '%064x' % point.y()
     return key.decode('hex')
 
-# Seed random number generator.
-random.seed(time.time())
 
 # Generate a new private key.
 secret = random_secret()