build(deps): update to rand 0.9 is possible

Except for code using ed25519-dalek, since we are blocked by them. Also tweak RNG source so only key generation uses `OsRng`. PoW nonce generation only need unpredictability thus `ThreadRng` suffices. See: https://github.com/dalek-cryptography/curve25519-dalek/issues/731
2025-08-20 02:52:41 +00:00 · 2025-04-15 20:20:00 -04:00 · 2025-04-15 20:20:00 -04:00 · 40e4a53886
commit 40e4a53886
parent 172559973b
8 changed files with 20 additions and 17 deletions
--- a/blah-types/Cargo.toml
+++ b/blah-types/Cargo.toml
@ -19,7 +19,7 @@ bitflags = "2"
 ed25519-dalek = { version = "2", default-features = false }
 hex = { version = "0.4", features = ["serde"] }
 html-escape = "0.2"
-rand = "0.8"
+rand = { version = "0.9", default-features = false, features = ["thread_rng"] }
 serde = { version = "1", features = ["derive"] }
 serde_jcs = "0.1"
 serde_json = "1"
@ -43,6 +43,8 @@ optional = true
 criterion = "0.5"
 ed25519-dalek = { version = "2", features = ["rand_core"] }
 expect-test = "1"
+# WAIT: https://github.com/dalek-cryptography/curve25519-dalek/issues/731
+rand08 = { package = "rand", version = "0.8" }
 sha2 = "0.10"

 [lints]
--- a/blah-types/benches/crypto_ops.rs
+++ b/blah-types/benches/crypto_ops.rs
@ -24,7 +24,9 @@ fn bench_register_pow(c: &mut Criterion) {
        id_key: id_key.clone(),
        server_url: "http://some.example.com".parse().unwrap(),
        id_url: "http://another.example.com".parse().unwrap(),
-        challenge: Some(UserRegisterChallengeResponse::Pow { nonce: rng.r#gen() }),
+        challenge: Some(UserRegisterChallengeResponse::Pow {
+            nonce: rng.random(),
+        }),
    };
    let mut signee = Signee {
        nonce: 0,
@ -35,7 +37,7 @@ fn bench_register_pow(c: &mut Criterion) {

    c.bench_function("register_pow_iter", |b| {
        b.iter_custom(|iters| {
-            signee.nonce = rng.r#gen();
+            signee.nonce = rng.random();

            let inst = Instant::now();
            for _ in 0..iters {
@ -67,8 +69,9 @@ fn avg_msg() -> ChatPayload {
 }

 fn bench_msg_sign_verify(c: &mut Criterion) {
-    let rng = &mut StdRng::seed_from_u64(SEED);
+    use rand08::SeedableRng;

+    let rng = &mut rand08::rngs::StdRng::seed_from_u64(SEED);
    let id_key_priv = SigningKey::generate(rng);
    let act_key_priv = SigningKey::generate(rng);
    let id_key = PubKey::from(id_key_priv.verifying_key());
@ -84,6 +87,7 @@ fn bench_msg_sign_verify(c: &mut Criterion) {
        })
    });

+    let rng = &mut StdRng::seed_from_u64(SEED);
    let signed = msg
        .sign_msg_with(&id_key, &act_key_priv, timestamp, rng)
        .unwrap();
--- a/blah-types/src/crypto.rs
+++ b/blah-types/src/crypto.rs
@ -100,7 +100,7 @@ pub trait SignExt: Sized {
        id_key: &PubKey,
        act_key: &SigningKey,
    ) -> Result<Signed<Self>, SignatureError> {
-        self.sign_msg_with(id_key, act_key, get_timestamp(), &mut rand::thread_rng())
+        self.sign_msg_with(id_key, act_key, get_timestamp(), &mut rand::rng())
    }
 }