fix(deps): update RustCrypto ecosystem for rand 0.10 compatibility

Bump the full RustCrypto dependency tree to align with rand 0.10 and
rand_core 0.10. This resolves the split dependency graph where
ssh-key's transitive deps used signature v3 / elliptic-curve v0.14
while russh used the older stable versions.

Key dependency changes:
- signature 2.2 → 3.0.0-rc.10 (removes signature_next shim)
- elliptic-curve 0.13 → 0.14.0-rc.28, ecdsa 0.16 → 0.17.0-rc.16
- p256/p384/p521 0.13 → 0.14.0-rc.7
- ed25519-dalek 2.x → 3.0.0-pre.6 (add alloc feature for EncodePrivateKey)
- curve25519-dalek 4.x → 5.0.0-pre.6
- der 0.7 → 0.8, sec1 0.7 → 0.8, spki 0.7 → 0.8.0-rc.4
- pkcs8 0.10 → 0.11.0-rc.11, pkcs5 0.7 → 0.8.0-rc.13
- num-bigint pinned to git (PR Eugeny#338) for rand_0_10 feature

Code changes to match new APIs:
- OsRng removed in rand 0.10; replaced with rand::rng()
- PrivateKeyInfo/EncryptedPrivateKeyInfo now generic; use Ref aliases
- SecretKey::from_bytes → from_slice for ECDSA key construction
- FromEncodedPoint/ToEncodedPoint → FromSec1Point/ToSec1Point
- EphemeralSecret::random → generate_from_rng (Generate trait)
- RandBigInt → BigRng010, gen_biguint_range → random_biguint_range
- Remove duplicate Pkcs8Next error variant (now same pkcs8 version)

Temporary workarounds (with tracking comments):
- [patch.crates-io] hmac: git pin for digest 0.11.2 Clone regression
  (RustCrypto/MACs#254 merged, awaiting hmac 0.13.0-rc.6 release)
- num-bigint: git dep on PR Eugeny#338 branch for rand 0.10 support

Author: jgrund

Cargo.toml

@@ -16,7 +16,7 @@ log = "0.4.11"
 rand = { version = "0.10", features = ["thread_rng"] }
 sha1 = { version = "0.10.5", features = ["oid"] }
 sha2 = { version = "0.10.6", features = ["oid"] }
-signature = "2.2"
+signature = "3.0.0-rc.10"
 ssh-encoding = { version = "0.2", features = ["bytes"] }
 ssh-key = { version = "=0.6.18", features = [
     "ed25519",
@@ -30,3 +30,10 @@ ssh-key = { version = "=0.6.18", features = [
 thiserror = "2.0.18"
 tokio = { version = "1.17.0" }
 tokio-stream = { version = "0.1.3", features = ["net", "sync"] }
+
+[patch.crates-io]
+# digest 0.11.2 removed Clone from MacTraits (RustCrypto/traits#2329), breaking
+# hmac 0.13.0-rc.5 which still relies on it. The fix landed in hmac's repo
+# (RustCrypto/MACs#254) but no rc.6 has been published yet. Remove this patch
+# once hmac 0.13.0-rc.6+ is released.
+hmac = { git = "https://github.com/RustCrypto/MACs.git", rev = "da485cd7baf0b7f5e501f5b42644bf9ddd428c6b" }

russh/Cargo.toml

@@ -37,15 +37,15 @@ byteorder.workspace = true
 bytes.workspace = true
 cbc = { version = "0.1" }
 ctr = "0.9"
-curve25519-dalek = "4.1.3"
+curve25519-dalek = "5.0.0-pre.6"
 crypto-bigint = { version = "0.7.0-rc.28", features = ["alloc"] }
 data-encoding = "2.3"
 delegate.workspace = true
 digest.workspace = true
-der = "0.7"
+der = "0.8"
 des = { version = "0.8.1", optional = true }
-ecdsa = "0.16"
-ed25519-dalek = { version = "3.0.0-pre.6", features = ["rand_core", "pkcs8"] }
+ecdsa = "0.17.0-rc.16"
+ed25519-dalek = { version = "3.0.0-pre.6", features = ["alloc", "rand_core", "pkcs8"] }
 elliptic-curve = { version = "0.14.0-rc.28", features = ["ecdh"] }
 enum_dispatch = "0.3.13"
 flate2 = { version = "1.0.15", optional = true }
@@ -58,15 +58,18 @@ inout = { version = "0.1", features = ["std"] }
 libcrux-ml-kem = { version = "0.0.4" }
 log.workspace = true
 md5 = "0.7"
-num-bigint = { version = "0.4.2", features = ["rand"] }
+# num-bigint 0.4.x only supports rand 0.8. PR #338 adds rand 0.10 support
+# via the `rand_0_10` feature flag. Remove this git dep once a release with
+# rand 0.10 support is published. https://github.com/rust-num/num-bigint/pull/338
+num-bigint = { git = "https://github.com/rust-num/num-bigint.git", rev = "09ed9207ec8e8cbf770c552d335fb894a894db86", features = ["rand_0_10"] }
 # num-integer = "0.1"
 p256 = { version = "0.14.0-rc.7", features = ["ecdh"] }
 p384 = { version = "0.14.0-rc.7", features = ["ecdh"] }
 p521 = { version = "0.14.0-rc.7", features = ["ecdh"] }
 pbkdf2 = "0.12"
 pkcs1 = { version = "0.8.0-rc.4", optional = true }
-pkcs5 = "0.7"
-pkcs8 = { version = "0.10", features = ["pkcs5", "encryption", "std"] }
+pkcs5 = "0.8.0-rc.13"
+pkcs8 = { version = "0.11.0-rc.11", features = ["encryption", "std"] }
 rand_core = { version = "0.10.0" }
 rand.workspace = true
 ring = { version = "0.17.14", optional = true }
@@ -75,12 +78,11 @@ russh-cryptovec = { version = "0.58.0", path = "../cryptovec", features = [
   "ssh-encoding",
 ] }
 russh-util = { version = "0.52.0", path = "../russh-util" }
-sec1 = { version = "0.7", features = ["pkcs8", "der"] }
+sec1 = { version = "0.8", features = ["der"] }
 sha1.workspace = true
 sha2.workspace = true
 signature.workspace = true
-signature_next = { package = "signature", version = "3.0.0-rc.10", default-features = false }
-spki = "0.7"
+spki = "0.8.0-rc.4"
 ssh-encoding.workspace = true
 ssh-key.workspace = true
 subtle = "2.4"

russh/examples/echoserver.rs

@@ -1,7 +1,6 @@
 use std::collections::HashMap;
 use std::sync::Arc;
 
-use russh::keys::ssh_key::rand_core::OsRng;
 use russh::keys::{Certificate, *};
 use russh::server::{Msg, Server as _, Session};
 use russh::*;
@@ -19,7 +18,7 @@ async fn main() {
         auth_rejection_time: std::time::Duration::from_secs(3),
         auth_rejection_time_initial: Some(std::time::Duration::from_secs(0)),
         keys: vec![
-            russh::keys::PrivateKey::random(&mut OsRng, russh::keys::Algorithm::Ed25519).unwrap(),
+            russh::keys::PrivateKey::random(&mut rand::rng(), russh::keys::Algorithm::Ed25519).unwrap(),
         ],
         preferred: Preferred {
             // kex: std::borrow::Cow::Owned(vec![russh::kex::DH_GEX_SHA256]),

russh/examples/ratatui_app.rs

@@ -7,7 +7,6 @@ use ratatui::style::{Color, Style};
 use ratatui::widgets::{Block, Borders, Clear, Paragraph};
 use ratatui::{Terminal, TerminalOptions, Viewport};
 use russh::keys::ssh_key::PublicKey;
-use russh::keys::ssh_key::rand_core::OsRng;
 use russh::server::*;
 use russh::{Channel, ChannelId, Pty};
 use tokio::sync::Mutex;
@@ -120,7 +119,7 @@ impl AppServer {
             auth_rejection_time: std::time::Duration::from_secs(3),
             auth_rejection_time_initial: Some(std::time::Duration::from_secs(0)),
             keys: vec![
-                russh::keys::PrivateKey::random(&mut OsRng, ssh_key::Algorithm::Ed25519).unwrap(),
+                russh::keys::PrivateKey::random(&mut rand::rng(), ssh_key::Algorithm::Ed25519).unwrap(),
             ],
             nodelay: true,
             ..Default::default()

russh/examples/ratatui_shared_app.rs

@@ -7,7 +7,6 @@ use ratatui::style::{Color, Style};
 use ratatui::widgets::{Block, Borders, Clear, Paragraph};
 use ratatui::{Terminal, TerminalOptions, Viewport};
 use russh::keys::ssh_key::PublicKey;
-use russh::keys::ssh_key::rand_core::OsRng;
 use russh::server::*;
 use russh::{Channel, ChannelId, Pty};
 use tokio::sync::Mutex;
@@ -122,7 +121,7 @@ impl AppServer {
             auth_rejection_time: std::time::Duration::from_secs(3),
             auth_rejection_time_initial: Some(std::time::Duration::from_secs(0)),
             keys: vec![
-                russh::keys::PrivateKey::random(&mut OsRng, ssh_key::Algorithm::Ed25519).unwrap(),
+                russh::keys::PrivateKey::random(&mut rand::rng(), ssh_key::Algorithm::Ed25519).unwrap(),
             ],
             nodelay: true,
             ..Default::default()

russh/examples/sftp_server.rs

@@ -4,7 +4,6 @@ use std::sync::Arc;
 use std::time::Duration;
 
 use log::{LevelFilter, error, info};
-use russh::keys::ssh_key::rand_core::OsRng;
 use russh::server::{Auth, Msg, Server as _, Session};
 use russh::{Channel, ChannelId};
 use russh_sftp::protocol::{File, FileAttributes, Handle, Name, Status, StatusCode, Version};
@@ -179,7 +178,7 @@ async fn main() {
         auth_rejection_time: Duration::from_secs(3),
         auth_rejection_time_initial: Some(Duration::from_secs(0)),
         keys: vec![
-            russh::keys::PrivateKey::random(&mut OsRng, ssh_key::Algorithm::Ed25519).unwrap(),
+            russh::keys::PrivateKey::random(&mut rand::rng(), ssh_key::Algorithm::Ed25519).unwrap(),
         ],
         ..Default::default()
     };

russh/examples/test.rs

@@ -2,7 +2,6 @@ use std::collections::HashMap;
 use std::sync::{Arc, Mutex};
 
 use log::debug;
-use russh::keys::ssh_key::rand_core::OsRng;
 use russh::keys::*;
 use russh::server::{Auth, Msg, Server as _, Session};
 use russh::*;
@@ -14,7 +13,7 @@ async fn main() -> anyhow::Result<()> {
     config.auth_rejection_time = std::time::Duration::from_secs(3);
     config
         .keys
-        .push(russh::keys::PrivateKey::random(&mut OsRng, ssh_key::Algorithm::Ed25519).unwrap());
+        .push(russh::keys::PrivateKey::random(&mut rand::rng(), ssh_key::Algorithm::Ed25519).unwrap());
     let config = Arc::new(config);
     let mut sh = Server {
         clients: Arc::new(Mutex::new(HashMap::new())),

russh/src/cipher/benchmark.rs

@@ -3,7 +3,7 @@ use criterion::*;
 use rand::TryRngCore;
 
 pub fn bench(c: &mut Criterion) {
-    let mut rand_generator = black_box(rand::rngs::OsRng {});
+    let mut rand_generator = black_box(rand::rng());
 
     let mut packet_length = black_box(vec![0u8; 4]);
 

russh/src/client/encrypted.rs

@@ -1015,7 +1015,7 @@ impl Encrypted {
                 )?;
 
                 // Extend with self-signature.
-                signature_next::Signer::try_sign(key.deref(), buffer)?
+                signature::Signer::try_sign(key.deref(), buffer)?
                     .encoded()?
                     .encode(&mut *buffer)?;
 

russh/src/client/kex.rs

@@ -5,19 +5,18 @@ use std::sync::Arc;
 
 use bytes::Bytes;
 use log::{debug, error, warn};
-use signature::Verifier;
 use ssh_encoding::{Decode, Encode};
 use ssh_key::{Mpint, PublicKey, Signature};
 
 use super::IncomingSshPacket;
 use crate::client::{Config, NewKeys};
 use crate::kex::dh::groups::DhGroup;
-use crate::kex::{KexAlgorithm, KexAlgorithmImplementor, KexCause, KexProgress, KEXES};
+use crate::kex::{KEXES, KexAlgorithm, KexAlgorithmImplementor, KexCause, KexProgress};
 use crate::keys::key::parse_public_key;
 use crate::negotiation::{Names, Select};
 use crate::session::Exchange;
 use crate::sshbuffer::PacketWriter;
-use crate::{msg, negotiation, strict_kex_violation, CryptoVec, Error, SshId};
+use crate::{CryptoVec, Error, SshId, msg, negotiation, strict_kex_violation};
 
 thread_local! {
     static HASH_BUFFER: RefCell<CryptoVec> = RefCell::new(CryptoVec::new());
@@ -116,7 +115,9 @@ impl ClientKex {
 
                 let names = {
                     // read algorithms from packet.
-                    self.exchange.server_kex_init.extend_from_slice(&input.buffer);
+                    self.exchange
+                        .server_kex_init
+                        .extend_from_slice(&input.buffer);
                     negotiation::Client::read_kex(
                         &input.buffer,
                         &self.config.preferred,
@@ -270,7 +271,9 @@ impl ClientKex {
                 );
 
                 let server_ephemeral = Bytes::decode(r)?;
-                self.exchange.server_ephemeral.extend_from_slice(&server_ephemeral);
+                self.exchange
+                    .server_ephemeral
+                    .extend_from_slice(&server_ephemeral);
                 kex.compute_shared_secret(&self.exchange.server_ephemeral)?;
 
                 let mut pubkey_vec = Vec::new();
@@ -288,7 +291,9 @@ impl ClientKex {
                 let signature = Bytes::decode(r)?;
                 let signature = Signature::decode(&mut &signature[..])?;
 
-                if let Err(e) = signature_next::Verifier::verify(&server_host_key, hash.as_ref(), &signature) {
+                if let Err(e) =
+                    signature::Verifier::verify(&server_host_key, hash.as_ref(), &signature)
+                {
                     debug!("wrong server sig: {e:?}");
                     return Err(Error::WrongServerSig);
                 }