From ef0e2af7b0296c61c17877b84f09221335a962f7 Mon Sep 17 00:00:00 2001
From: Filippo Valsorda <hi@filippo.io>
Date: Sun, 5 Nov 2017 14:33:21 -0500
Subject: [PATCH] math/big: add security warning to (*Int).Rand

Change-Id: I22a67733aa2d07298e124077654c9b1473802100
Reviewed-on: https://go-review.googlesource.com/76012
Reviewed-by: Aliaksandr Valialkin <valyala@gmail.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
---
 src/math/big/int.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/math/big/int.go b/src/math/big/int.go
index 2245514835..a89f7a2d17 100644
--- a/src/math/big/int.go
+++ b/src/math/big/int.go
@@ -644,6 +644,9 @@ func (z *Int) lehmerGCD(a, b *Int) *Int {
 }
 
 // Rand sets z to a pseudo-random number in [0, n) and returns z.
+//
+// As this uses the math/rand package, it must not be used for
+// security-sensitive work. Use crypto/rand.Int instead.
 func (z *Int) Rand(rnd *rand.Rand, n *Int) *Int {
 	z.neg = false
 	if n.neg || len(n.abs) == 0 {
-- 
2.48.1