use non-cryptographic random to generate skipped packet numbers

internal/ackhandler/packet_number_generator.go

@@ -2,7 +2,8 @@ package ackhandler
 
 import (
 	"crypto/rand"
-	"math"
+	"encoding/binary"
+	mrand "math/rand"
 
 	"github.com/lucas-clemente/quic-go/internal/protocol"
 )
@@ -11,6 +12,7 @@ import (
 // it randomly skips a packet number every averagePeriod packets (on average).
 // It is guaranteed to never skip two consecutive packet numbers.
 type packetNumberGenerator struct {
+	rand          *mrand.Rand
 	averagePeriod protocol.PacketNumber
 
 	next       protocol.PacketNumber
@@ -18,7 +20,10 @@ type packetNumberGenerator struct {
 }
 
 func newPacketNumberGenerator(initial, averagePeriod protocol.PacketNumber) *packetNumberGenerator {
+	b := make([]byte, 8)
+	rand.Read(b) // it's not the end of the world if we don't get perfect random here
 	g := &packetNumberGenerator{
+		rand:          mrand.New(mrand.NewSource(int64(binary.LittleEndian.Uint64(b)))),
 		next:          initial,
 		averagePeriod: averagePeriod,
 	}
@@ -44,18 +49,6 @@ func (p *packetNumberGenerator) Pop() protocol.PacketNumber {
 }
 
 func (p *packetNumberGenerator) generateNewSkip() {
-	num := p.getRandomNumber()
-	skip := protocol.PacketNumber(num) * (p.averagePeriod - 1) / (math.MaxUint16 / 2)
 	// make sure that there are never two consecutive packet numbers that are skipped
-	p.nextToSkip = p.next + 2 + skip
-}
-
-// getRandomNumber() generates a cryptographically secure random number between 0 and MaxUint16 (= 65535)
-// The expectation value is 65535/2
-func (p *packetNumberGenerator) getRandomNumber() uint16 {
-	b := make([]byte, 2)
-	rand.Read(b) // ignore the error here
-
-	num := uint16(b[0])<<8 + uint16(b[1])
-	return num
+	p.nextToSkip = p.next + 2 + protocol.PacketNumber(p.rand.Int31n(int32(2*p.averagePeriod)))
 }