pickRandomPolynomial shouldn't enforce the degree of the polynomial

[glibdud]

The pickRandomPolynomial function ensures that the generated polynomial has a non-zero top coefficient. This isn't necessary, and actually causes a small information leak. If an attacker with k-1 keys runs them through the decode (and knows the value of k), he can say for certain that none of the bytes of the resulting secret are correct. Ideally, about 1/256 of them should be correct (but the attacker of course won't know which), which is what you get if you allow the top coefficient to be zero.