build(deps): update to rand 0.9 is possible

Except for code using ed25519-dalek, since we are blocked by them.

Also tweak RNG source so only key generation uses `OsRng`. PoW nonce
generation only need unpredictability thus `ThreadRng` suffices.

See: https://github.com/dalek-cryptography/curve25519-dalek/issues/731

Cargo.lock

@@ -224,6 +224,7 @@ dependencies = [
  "html-escape",
  "mock_instant",
  "rand 0.8.5",
+ "rand 0.9.0",
  "rusqlite",
  "schemars",
  "serde",
@@ -274,7 +275,7 @@ dependencies = [
  "mock_instant",
  "parking_lot",
  "paste",
- "rand 0.8.5",
+ "rand 0.9.0",
  "reqwest",
  "rstest",
  "rusqlite",

blah-types/Cargo.toml

@@ -19,7 +19,7 @@ bitflags = "2"
 ed25519-dalek = { version = "2", default-features = false }
 hex = { version = "0.4", features = ["serde"] }
 html-escape = "0.2"
-rand = "0.8"
+rand = { version = "0.9", default-features = false, features = ["thread_rng"] }
 serde = { version = "1", features = ["derive"] }
 serde_jcs = "0.1"
 serde_json = "1"
@@ -43,6 +43,8 @@ optional = true
 criterion = "0.5"
 ed25519-dalek = { version = "2", features = ["rand_core"] }
 expect-test = "1"
+# WAIT: https://github.com/dalek-cryptography/curve25519-dalek/issues/731
+rand08 = { package = "rand", version = "0.8" }
 sha2 = "0.10"
 
 [lints]

blah-types/benches/crypto_ops.rs

@@ -24,7 +24,9 @@ fn bench_register_pow(c: &mut Criterion) {
         id_key: id_key.clone(),
         server_url: "http://some.example.com".parse().unwrap(),
         id_url: "http://another.example.com".parse().unwrap(),
-        challenge: Some(UserRegisterChallengeResponse::Pow { nonce: rng.r#gen() }),
+        challenge: Some(UserRegisterChallengeResponse::Pow {
+            nonce: rng.random(),
+        }),
     };
     let mut signee = Signee {
         nonce: 0,
@@ -35,7 +37,7 @@ fn bench_register_pow(c: &mut Criterion) {
 
     c.bench_function("register_pow_iter", |b| {
         b.iter_custom(|iters| {
-            signee.nonce = rng.r#gen();
+            signee.nonce = rng.random();
 
             let inst = Instant::now();
             for _ in 0..iters {
@@ -67,8 +69,9 @@ fn avg_msg() -> ChatPayload {
 }
 
 fn bench_msg_sign_verify(c: &mut Criterion) {
-    let rng = &mut StdRng::seed_from_u64(SEED);
+    use rand08::SeedableRng;
 
+    let rng = &mut rand08::rngs::StdRng::seed_from_u64(SEED);
     let id_key_priv = SigningKey::generate(rng);
     let act_key_priv = SigningKey::generate(rng);
     let id_key = PubKey::from(id_key_priv.verifying_key());
@@ -84,6 +87,7 @@ fn bench_msg_sign_verify(c: &mut Criterion) {
         })
     });
 
+    let rng = &mut StdRng::seed_from_u64(SEED);
     let signed = msg
         .sign_msg_with(&id_key, &act_key_priv, timestamp, rng)
         .unwrap();

blah-types/src/crypto.rs

@@ -100,7 +100,7 @@ pub trait SignExt: Sized {
         id_key: &PubKey,
         act_key: &SigningKey,
     ) -> Result<Signed<Self>, SignatureError> {
-        self.sign_msg_with(id_key, act_key, get_timestamp(), &mut rand::thread_rng())
+        self.sign_msg_with(id_key, act_key, get_timestamp(), &mut rand::rng())
     }
 }
 

blahctl/Cargo.toml

@@ -8,7 +8,7 @@ anyhow = "1"
 clap = { version = "4", features = ["derive"] }
 ed25519-dalek = { version = "2", features = ["pkcs8", "pem", "rand_core"] }
 humantime = "2"
-rand = "0.8"
+rand08 = { package = "rand", version = "0.8" }
 reqwest = { version = "0.12", features = ["json"] }
 rusqlite = { version = "0.34", features = ["rusqlite-macros"] }
 serde_jcs = "0.1.0"

blahctl/src/main.rs

@@ -11,7 +11,6 @@ use ed25519_dalek::pkcs8::spki::der::pem::LineEnding;
 use ed25519_dalek::pkcs8::{DecodePrivateKey, DecodePublicKey, EncodePrivateKey};
 use ed25519_dalek::{SigningKey, VerifyingKey};
 use humantime::Duration;
-use rand::thread_rng;
 use reqwest::Url;
 use rusqlite::{Connection, named_params, prepare_and_bind};
 use tokio::runtime::Runtime;
@@ -353,7 +352,7 @@ fn main_id(cmd: IdCommand) -> Result<()> {
             id_key_file,
             id_url,
         } => {
-            let id_key_priv = SigningKey::generate(&mut thread_rng());
+            let id_key_priv = SigningKey::generate(&mut rand08::rngs::OsRng);
             let id_key = PubKey::from(id_key_priv.verifying_key());
 
             let act_key_desc = UserActKeyDesc {

blahd/Cargo.toml

@@ -21,7 +21,7 @@ http-body-util = "0.1"
 humantime = "2"
 parking_lot = "0.12" # Maybe no better performance, just that we hate poisoning. ¯\_(ツ)_/¯
 paste = "1.0.15"
-rand = "0.8"
+rand = "0.9"
 reqwest = "0.12"
 rusqlite = { version = "0.34", features = ["rusqlite-macros"] }
 rustix = { version = "1", features = ["net"] }

blahd/src/register.rs

@@ -9,8 +9,6 @@ use blah_types::msg::{UserRegisterChallengeResponse, UserRegisterPayload};
 use blah_types::server::UserRegisterChallenge;
 use http_body_util::BodyExt;
 use parking_lot::Mutex;
-use rand::RngCore;
-use rand::rngs::OsRng;
 use serde::Deserialize;
 use sha2::{Digest, Sha256};
 
@@ -109,7 +107,6 @@ struct Nonces {
 
 impl State {
     pub fn new(config: Config) -> Self {
-        // TODO: Audit this.
         let client = reqwest::ClientBuilder::new()
             .user_agent(SERVER_AND_VERSION)
             .redirect(reqwest::redirect::Policy::none())
@@ -121,8 +118,8 @@ impl State {
         } = config.challenge;
         Self {
             nonces: Nonces {
-                nonce: OsRng.next_u32(),
+                nonce: rand::random(),
-                prev_nonce: OsRng.next_u32(),
+                prev_nonce: rand::random(),
                 update_period: 0,
             }
             .into(),
@@ -143,10 +140,10 @@ impl State {
             n.prev_nonce = if n.update_period + 1 == cur_period {
                 n.nonce
             } else {
-                OsRng.next_u32()
+                rand::random()
             };
             n.update_period = cur_period;
-            n.nonce = OsRng.next_u32();
+            n.nonce = rand::random();
             [n.nonce, n.prev_nonce]
         }
     }