From d1dfb9b19a2141c50d6ec853efd5bd40369e8934 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 17 Jun 2025 11:26:05 +0000
Subject: [PATCH 1/2] deps(deps): bump rand from 0.8.5 to 0.9.1 in the crypto
 group

Bumps the crypto group with 1 update: [rand](https://github.com/rust-random/rand).


Updates `rand` from 0.8.5 to 0.9.1
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-random/rand/compare/0.8.5...rand_core-0.9.1)

---
updated-dependencies:
- dependency-name: rand
  dependency-version: 0.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crypto
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Cargo.lock | 24 ++++++++++++++++--------
 Cargo.toml |  2 +-
 2 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 3150f88..f614606 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -593,23 +593,22 @@ checksum = "74765f6d916ee2faa39bc8e68e4f3ed8949b48cccdac59983d287a7cb71ce9c5"
 
 [[package]]
 name = "rand"
-version = "0.8.5"
+version = "0.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
+checksum = "9fbfd9d094a40bf3ae768db9361049ace4c0e04a4fd6b359518bd7b73a73dd97"
 dependencies = [
- "libc",
  "rand_chacha",
- "rand_core",
+ "rand_core 0.9.3",
 ]
 
 [[package]]
 name = "rand_chacha"
-version = "0.3.1"
+version = "0.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
+checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
 dependencies = [
  "ppv-lite86",
- "rand_core",
+ "rand_core 0.9.3",
 ]
 
 [[package]]
@@ -621,6 +620,15 @@ dependencies = [
  "getrandom 0.2.16",
 ]
 
+[[package]]
+name = "rand_core"
+version = "0.9.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "99d9a13982dcf210057a8a78572b2217b667c3beacbf3a0d8b454f6f82837d38"
+dependencies = [
+ "getrandom 0.3.3",
+]
+
 [[package]]
 name = "regex"
 version = "1.11.1"
@@ -727,7 +735,7 @@ version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de"
 dependencies = [
- "rand_core",
+ "rand_core 0.6.4",
 ]
 
 [[package]]
diff --git a/Cargo.toml b/Cargo.toml
index 2d83c06..1aed82b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -11,7 +11,7 @@ categories = ["command-line-utilities", "cryptography"]
 
 [dependencies]
 ed25519-dalek = "2"
-rand = "0.8.5"
+rand = "0.9.1"
 regex = "1.10.2"
 anyhow = "1.0.89"
 thiserror = "2.0.12"

From 9438705c5962ebe59a4120f27b9d9d951a26de4a Mon Sep 17 00:00:00 2001
From: Keng Susumpow <patipat@me.com>
Date: Tue, 17 Jun 2025 18:34:05 +0700
Subject: [PATCH 2/2] Fix rand 0.9.1 compatibility issues
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Update import from RngCore to TryRngCore
- Replace fill_bytes() with try_fill_bytes()
- Add proper error handling for RNG failures
- All tests passing, code formatted and linted

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 src/keygen.rs | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/keygen.rs b/src/keygen.rs
index a1fdce6..f09a70b 100644
--- a/src/keygen.rs
+++ b/src/keygen.rs
@@ -5,13 +5,18 @@ use crate::error::Result;
 use crate::ssh::{private_key, public_key};
 use ed25519_dalek::{SecretKey, SigningKey, VerifyingKey};
 use rand::rngs::OsRng;
-use rand::RngCore;
+use rand::TryRngCore;
 
 /// Generates an ed25519 key pair and returns the public key and private key as hex strings.
 pub fn generate_key_pair() -> Result<(String, String)> {
     // Generate a random secret key
     let mut secret_key_bytes = [0u8; 32];
-    OsRng.fill_bytes(&mut secret_key_bytes);
+    OsRng.try_fill_bytes(&mut secret_key_bytes).map_err(|e| {
+        crate::error::VanityError::KeyGenerationError(format!(
+            "Failed to generate random bytes: {}",
+            e
+        ))
+    })?;
     let secret_key = SecretKey::from(secret_key_bytes);
     let signing_key = SigningKey::from(secret_key);
     let verifying_key = VerifyingKey::from(&signing_key);
@@ -32,7 +37,12 @@ pub fn generate_key_pair() -> Result<(String, String)> {
 pub fn generate_openssh_key_pair(comment: Option<&str>) -> Result<(String, String)> {
     // Generate a random secret key
     let mut secret_key_bytes = [0u8; 32];
-    OsRng.fill_bytes(&mut secret_key_bytes);
+    OsRng.try_fill_bytes(&mut secret_key_bytes).map_err(|e| {
+        crate::error::VanityError::KeyGenerationError(format!(
+            "Failed to generate random bytes: {}",
+            e
+        ))
+    })?;
     let secret_key = SecretKey::from(secret_key_bytes);
     let signing_key = SigningKey::from(secret_key);
     let verifying_key = VerifyingKey::from(&signing_key);