go/doc/next/6-stdlib/99-minor/crypto/rsa/70924.md

The random parameter to [GenerateKey], [GenerateMultiPrimeKey], and [EncryptPKCS1v15] is now ignored.
Instead, they now always use a secure source of cryptographically random bytes.
For deterministic testing, use the new [testing/cryptotest.SetGlobalRandom] function.
The new GODEBUG setting `cryptocustomrand=1` temporarily restores the old behavior.
crypto,testing/cryptotest: ignore random io.Reader params, add SetGlobalRandom First, we centralize all random bytes generation through drbg.Read. The rest of the FIPS 140-3 module can't use external functions anyway, so drbg.Read needs to have all the logic. Then, make sure that the crypto/... tree uses drbg.Read (or the new crypto/internal/rand.Reader wrapper) instead of crypto/rand, so it is unaffected by applications setting crypto/rand.Reader. Next, pass all unspecified random io.Reader parameters through the new crypto/internal/rand.CustomReader, which just redirects to drbg.Read unless GODEBUG=cryptocustomrand=1 is set. Move all the calls to MaybeReadByte there, since it's only needed for these custom Readers. Finally, add testing/cryptotest.SetGlobalRandom which sets crypto/rand.Reader to a locked deterministic source and overrides drbg.Read. This way SetGlobalRandom should affect all cryptographic randomness in the standard library. Fixes #70942 Co-authored-by: qiulaidongfeng <2645477756@qq.com> Change-Id: I6a6a69641311d9fac318abcc6d79677f0e406100 Reviewed-on: https://go-review.googlesource.com/c/go/+/724480 Reviewed-by: Nicholas Husin <nsh@golang.org> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Nicholas Husin <husin@google.com> Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> 2025-09-15 18:58:04 +02:00			`The random parameter to [GenerateKey], [GenerateMultiPrimeKey], and [EncryptPKCS1v15] is now ignored.`
			`Instead, they now always use a secure source of cryptographically random bytes.`
			`For deterministic testing, use the new [testing/cryptotest.SetGlobalRandom] function.`
			The new GODEBUG setting `cryptocustomrand=1` temporarily restores the old behavior.