Copy the shuffle code from go 1.10's math/rand.Shuffle, which is unbiased. Reasons for copying:
Don't have to deal with the awkwardness of trying to make the shuffle function
handle errors from crypto/rand.Reader properly. (Or rather, the awkwardness is
pushed to the less critical testing code.)
Works with earlier versions of go.
Low chance of behavior drift, since rand.Shuffle is covered by compatibility
guarantee.
Only adds 50 or so lines of non-test code.
Also make as much as possible use csprngRead utility function.
Also handle unlikely overflow in receiver count when signcrypting.
Coverage increased (+0.2%) to 84.439% when pulling d1ebc1e917a0eba44f64bc4f1ba4ee3d3e6339b3 on akalin/better-shuffle into 0c8b960f9a0d60e5f4e6c43b8169553692aa21b9 on master.
Coverage increased (+0.2%) to 84.502% when pulling 5cc4032d5bfd98b62201052603111cd58d4b893e on akalin/better-shuffle into 0c8b960f9a0d60e5f4e6c43b8169553692aa21b9 on master.
Copy the shuffle code from go 1.10's math/rand.Shuffle, which is unbiased. Reasons for copying:
Also make as much as possible use
csprngRead
utility function.Also handle unlikely overflow in receiver count when signcrypting.
Run go vet, golint, and GOARCH=386 tests in CI.