use try_from_rng for signing and secret keys (#1130)

baloo · web-flow · commit c6b8af1aabf6 · 2025-03-09T20:40:31.000-06:00
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/bign256/src/ecdsa.rs b/bign256/src/ecdsa.rs
@@ -14,7 +14,7 @@
 //! };
 //!
 //! // Signing
-//! let secret_key = SecretKey::random(&mut OsRng.unwrap_mut()); // serialize with `::to_bytes()`
+//! let secret_key = SecretKey::try_from_rng(&mut OsRng).unwrap(); // serialize with `::to_bytes()`
 //! let signing_key = SigningKey::new(&secret_key)?;
 //! let verifying_key_bytes = signing_key.verifying_key().to_bytes();
 //! let message = b"test message";
diff --git a/bign256/src/secret_key.rs b/bign256/src/secret_key.rs
@@ -13,7 +13,10 @@ use pkcs8::{
 use crate::FieldBytes;
 use crate::{ALGORITHM_OID, PublicKey, ScalarPrimitive, SecretKey};
 #[cfg(feature = "arithmetic")]
-use crate::{BignP256, NonZeroScalar, Result, elliptic_curve::rand_core::CryptoRng};
+use crate::{
+    BignP256, NonZeroScalar, Result,
+    elliptic_curve::rand_core::{CryptoRng, TryCryptoRng},
+};
 
 impl SecretKey {
     const MIN_SIZE: usize = 24;
@@ -26,6 +29,16 @@ impl SecretKey {
         }
     }
 
+    /// Generate a random [`SecretKey`].
+    #[cfg(feature = "arithmetic")]
+    pub fn try_from_rng<R: TryCryptoRng + ?Sized>(
+        rng: &mut R,
+    ) -> core::result::Result<Self, R::Error> {
+        Ok(Self {
+            inner: NonZeroScalar::try_from_rng(rng)?.into(),
+        })
+    }
+
     /// Borrow the inner secret [`elliptic_curve::ScalarPrimitive`] value.
     ///
     /// # ⚠️ Warning
diff --git a/k256/src/ecdh.rs b/k256/src/ecdh.rs
@@ -13,11 +13,11 @@
 //! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
 //!
 //! // Alice
-//! let alice_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let alice_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let alice_pk_bytes = EncodedPoint::from(alice_secret.public_key());
 //!
 //! // Bob
-//! let bob_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let bob_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let bob_pk_bytes = EncodedPoint::from(bob_secret.public_key());
 //!
 //! // Alice decodes Bob's serialized public key and computes a shared secret from it
diff --git a/k256/src/ecdsa.rs b/k256/src/ecdsa.rs
@@ -28,10 +28,10 @@
 //!     ecdsa::{SigningKey, Signature, signature::Signer},
 //!     SecretKey,
 //! };
-//! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
+//! use rand_core::OsRng; // requires 'os_rng' feature
 //!
 //! // Signing
-//! let signing_key = SigningKey::random(&mut OsRng.unwrap_mut()); // Serialize with `::to_bytes()`
+//! let signing_key = SigningKey::try_from_rng(&mut OsRng).unwrap(); // Serialize with `::to_bytes()`
 //! let message = b"ECDSA proves knowledge of a secret number in the context of a single message";
 //!
 //! // Note: The signature type must be annotated or otherwise inferable as
diff --git a/k256/src/schnorr.rs b/k256/src/schnorr.rs
@@ -35,12 +35,12 @@
 //!     signature::{Signer, Verifier},
 //!     SigningKey, VerifyingKey
 //! };
-//! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
+//! use rand_core::OsRng; // requires 'os_rng' feature
 //!
 //! //
 //! // Signing
 //! //
-//! let signing_key = SigningKey::random(&mut OsRng.unwrap_mut()); // serialize with `.to_bytes()`
+//! let signing_key = SigningKey::try_from_rng(&mut OsRng).unwrap(); // serialize with `.to_bytes()`
 //! let verifying_key_bytes = signing_key.verifying_key().to_bytes(); // 32-bytes
 //!
 //! let message = b"Schnorr signatures prove knowledge of a secret in the random oracle model";
diff --git a/k256/src/schnorr/signing.rs b/k256/src/schnorr/signing.rs
@@ -40,6 +40,13 @@ impl SigningKey {
         NonZeroScalar::random(rng).into()
     }
 
+    /// Generate a cryptographically random [`SigningKey`].
+    pub fn try_from_rng<R: TryCryptoRng + ?Sized>(
+        rng: &mut R,
+    ) -> core::result::Result<Self, R::Error> {
+        Ok(NonZeroScalar::try_from_rng(rng)?.into())
+    }
+
     /// Parse signing key from big endian-encoded bytes.
     pub fn from_bytes(bytes: &[u8]) -> Result<Self> {
         NonZeroScalar::try_from(bytes)
diff --git a/p224/src/ecdh.rs b/p224/src/ecdh.rs
@@ -10,14 +10,14 @@
 //!
 //! ```
 //! use p224::{EncodedPoint, PublicKey, ecdh::EphemeralSecret};
-//! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
+//! use rand_core::OsRng; // requires 'os_rng' feature
 //!
 //! // Alice
-//! let alice_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let alice_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let alice_pk_bytes = EncodedPoint::from(alice_secret.public_key());
 //!
 //! // Bob
-//! let bob_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let bob_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let bob_pk_bytes = EncodedPoint::from(bob_secret.public_key());
 //!
 //! // Alice decodes Bob's serialized public key and computes a shared secret from it
diff --git a/p224/src/ecdsa.rs b/p224/src/ecdsa.rs
@@ -25,7 +25,7 @@
 //! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
 //!
 //! // Signing
-//! let signing_key = SigningKey::random(&mut OsRng.unwrap_mut()); // Serialize with `::to_bytes()`
+//! let signing_key = SigningKey::try_from_rng(&mut OsRng).unwrap(); // Serialize with `::to_bytes()`
 //! let message = b"ECDSA proves knowledge of a secret number in the context of a single message";
 //! let signature: Signature = signing_key.sign(message);
 //!
diff --git a/p256/src/ecdh.rs b/p256/src/ecdh.rs
@@ -10,14 +10,14 @@
 //!
 //! ```
 //! use p256::{EncodedPoint, PublicKey, ecdh::EphemeralSecret};
-//! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
+//! use rand_core::OsRng; // requires 'os_rng' feature
 //!
 //! // Alice
-//! let alice_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let alice_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let alice_pk_bytes = EncodedPoint::from(alice_secret.public_key());
 //!
 //! // Bob
-//! let bob_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let bob_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let bob_pk_bytes = EncodedPoint::from(bob_secret.public_key());
 //!
 //! // Alice decodes Bob's serialized public key and computes a shared secret from it
diff --git a/p256/src/ecdsa.rs b/p256/src/ecdsa.rs
@@ -24,10 +24,10 @@
 //! use p256::{
 //!     ecdsa::{SigningKey, Signature, signature::Signer},
 //! };
-//! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
+//! use rand_core::OsRng; // requires 'os_rng' feature
 //!
 //! // Signing
-//! let signing_key = SigningKey::random(&mut OsRng.unwrap_mut()); // Serialize with `::to_bytes()`
+//! let signing_key = SigningKey::try_from_rng(&mut OsRng).unwrap(); // Serialize with `::to_bytes()`
 //! let message = b"ECDSA proves knowledge of a secret number in the context of a single message";
 //! let signature: Signature = signing_key.sign(message);
 //!
diff --git a/p384/src/ecdh.rs b/p384/src/ecdh.rs
@@ -10,14 +10,14 @@
 //!
 //! ```
 //! use p384::{EncodedPoint, PublicKey, ecdh::EphemeralSecret};
-//! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
+//! use rand_core::OsRng; // requires 'os_rng' feature
 //!
 //! // Alice
-//! let alice_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let alice_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let alice_pk_bytes = EncodedPoint::from(alice_secret.public_key());
 //!
 //! // Bob
-//! let bob_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let bob_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let bob_pk_bytes = EncodedPoint::from(bob_secret.public_key());
 //!
 //! // Alice decodes Bob's serialized public key and computes a shared secret from it
diff --git a/p384/src/ecdsa.rs b/p384/src/ecdsa.rs
@@ -25,7 +25,7 @@
 //! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
 //!
 //! // Signing
-//! let signing_key = SigningKey::random(&mut OsRng.unwrap_mut()); // Serialize with `::to_bytes()`
+//! let signing_key = SigningKey::try_from_rng(&mut OsRng).unwrap(); // Serialize with `::to_bytes()`
 //! let message = b"ECDSA proves knowledge of a secret number in the context of a single message";
 //! let signature: Signature = signing_key.sign(message);
 //!
diff --git a/p521/src/ecdh.rs b/p521/src/ecdh.rs
@@ -13,11 +13,11 @@
 //! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
 //!
 //! // Alice
-//! let alice_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let alice_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let alice_pk_bytes = EncodedPoint::from(alice_secret.public_key());
 //!
 //! // Bob
-//! let bob_secret = EphemeralSecret::random(&mut OsRng.unwrap_mut());
+//! let bob_secret = EphemeralSecret::try_from_rng(&mut OsRng).unwrap();
 //! let bob_pk_bytes = EncodedPoint::from(bob_secret.public_key());
 //!
 //! // Alice decodes Bob's serialized public key and computes a shared secret from it
diff --git a/p521/src/ecdsa.rs b/p521/src/ecdsa.rs
@@ -22,10 +22,10 @@
 //! # #[cfg(feature = "ecdsa")]
 //! # {
 //! use p521::ecdsa::{signature::Signer, Signature, SigningKey};
-//! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng' feature
+//! use rand_core::OsRng; // requires 'os_rng' feature
 //!
 //! // Signing
-//! let signing_key = SigningKey::random(&mut OsRng.unwrap_mut()); // Serialize with `::to_bytes()`
+//! let signing_key = SigningKey::try_from_rng(&mut OsRng).unwrap(); // Serialize with `::to_bytes()`
 //! let message = b"ECDSA proves knowledge of a secret number in the context of a single message";
 //! let signature: Signature = signing_key.sign(message);
 //!
diff --git a/sm2/src/dsa.rs b/sm2/src/dsa.rs
@@ -15,7 +15,7 @@
 //! };
 //!
 //! // Signing
-//! let secret_key = SecretKey::random(&mut OsRng.unwrap_mut()); // serialize with `::to_bytes()`
+//! let secret_key = SecretKey::try_from_rng(&mut OsRng).unwrap(); // serialize with `::to_bytes()`
 //! let distid = "example@rustcrypto.org"; // distinguishing identifier
 //! let signing_key = SigningKey::new(distid, &secret_key)?;
 //! let verifying_key_bytes = signing_key.verifying_key().to_sec1_bytes();
diff --git a/sm2/src/pke.rs b/sm2/src/pke.rs
@@ -9,15 +9,14 @@
 #![cfg_attr(feature = "std", doc = "```")]
 #![cfg_attr(not(feature = "std"), doc = "```ignore")]
 //! # fn example() -> Result<(), Box<dyn std::error::Error>> {
-//! use rand_core::{OsRng, TryRngCore}; // requires 'os_rng` feature
+//! use rand_core::OsRng; // requires 'os_rng` feature
 //! use sm2::{
 //!     pke::{EncryptingKey, Mode},
 //!     {SecretKey, PublicKey}
-//!
 //! };
 //!
 //! // Encrypting
-//! let secret_key = SecretKey::random(&mut OsRng.unwrap_mut()); // serialize with `::to_bytes()`
+//! let secret_key = SecretKey::try_from_rng(&mut OsRng).unwrap(); // serialize with `::to_bytes()`
 //! let public_key = secret_key.public_key();
 //! let encrypting_key = EncryptingKey::new_with_mode(public_key, Mode::C1C2C3);
 //! let plaintext = b"plaintext";
