get rid of math/rand usages

lib/transport/ntcp/padding.go

@@ -3,7 +3,6 @@ package ntcp
 import (
 	"crypto/rand"
 	"io"
-	mrand "math/rand"
 	"net"
 
 	"github.com/samber/oops"
@@ -73,7 +72,7 @@ func CalculatePaddingLength(contentSize int, minSize int, minPadding int, maxExt
 	}
 
 	// Add random additional padding
-	padding += mrand.Intn(maxExtraPadding) + minPadding
+	padding += Intn(maxExtraPadding) + minPadding
 
 	return padding
 }

lib/transport/ntcp/session_confirmed_new.go

@@ -5,7 +5,6 @@ import (
 	"encoding/binary"
 	"fmt"
 	"io"
-	mrand "math/rand"
 	"net"
 
 	"github.com/go-i2p/go-i2p/lib/common/data"
@@ -301,7 +300,7 @@ func (s *SessionConfirmedProcessor) calculatePaddingLength(ri *router_info.Route
 	}
 
 	// Add random additional padding between minPadding and minPadding+maxExtraPadding
-	padding += mrand.Intn(maxExtraPadding) + minPadding
+	padding += Intn(maxExtraPadding) + minPadding
 
 	return padding
 }

lib/transport/ntcp/utils.go

@@ -1,7 +1,9 @@
 package ntcp
 
 import (
+	"crypto/rand"
 	"io"
+	"math/big"
 	"net"
 	"time"
 
@@ -99,3 +101,16 @@ func (c *NTCP2Session) readAndValidatePadding(conn net.Conn, paddingLen int) err
 	// No need to validate padding content - it's random data
 	return nil
 }
+
+// Intn generates a random integer in the range [0, n)
+// This is a secure alternative to math/rand.Intn
+// It uses crypto/rand to generate a cryptographically secure random number
+// Which might be dumb and or pointless for padding.
+func Intn(n int) int {
+	// implementation of Intn function using crypto/rand
+	cryptoRand, err := rand.Int(rand.Reader, big.NewInt(int64(n)))
+	if err != nil {
+		return 0
+	}
+	return int(cryptoRand.Int64())
+}