crypto/rsa: add rand initialization for rsa.SignPSS

If nil as random source is being passed to rsa.SignPSS.
This is going to lead to a nil pointer dereference and invalid memory
access. This commit intents to this fix via initializing
a secure random source with crypto/rand.Reader

Author: shibumi

src/crypto/rsa/pss.go

@@ -262,6 +262,11 @@ func (opts *PSSOptions) saltLength() int {
 // function. The opts argument may be nil, in which case sensible defaults are
 // used. If opts.Hash is set, it overrides hash.
 func SignPSS(rand io.Reader, priv *PrivateKey, hash crypto.Hash, digest []byte, opts *PSSOptions) ([]byte, error) {
+	// if no random source has been passed
+	// initialize with secure random from crypto/rand.Reader
+	if rand == nil {
+		rand = rand.Reader
+	}
 	if opts != nil && opts.Hash != 0 {
 		hash = opts.Hash
 	}