(opendal-reqsign) branch dependabot/cargo/rand-0.10.0 updated: fix(google): use rsa rand_core rng

Wed, 18 Mar 2026 01:43:15 -0700 

This is an automated email from the ASF dual-hosted git repository.

xuanwo pushed a commit to branch dependabot/cargo/rand-0.10.0
in repository https://gitbox.apache.org/repos/asf/opendal-reqsign.git


The following commit(s) were added to refs/heads/dependabot/cargo/rand-0.10.0 
by this push:
     new 313ab1b  fix(google): use rsa rand_core rng
313ab1b is described below

commit 313ab1b7413f5e78e99780bee56d68e6e46df80b
Author: Xuanwo <[email protected]>
AuthorDate: Wed Mar 18 16:42:53 2026 +0800

    fix(google): use rsa rand_core rng
---
 Cargo.toml                          | 1 -
 services/google/Cargo.toml          | 1 -
 services/google/src/sign_request.rs | 3 ++-
 3 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index a43dc56..b4ecc99 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -58,7 +58,6 @@ log = "0.4"
 percent-encoding = "2"
 pretty_assertions = "1.3"
 quick-xml = { version = "0.39.2", features = ["serialize"] }
-rand = { version = "0.10.0" }
 reqwest = { version = "0.13.1", default-features = false }
 rsa = { version = "0.9.2", features = ["pkcs5", "sha2"] }
 rust-ini = { version = "0.21" }
diff --git a/services/google/Cargo.toml b/services/google/Cargo.toml
index f41226d..81c5646 100644
--- a/services/google/Cargo.toml
+++ b/services/google/Cargo.toml
@@ -32,7 +32,6 @@ http = { workspace = true }
 jsonwebtoken = { workspace = true }
 log = { workspace = true }
 percent-encoding = { workspace = true }
-rand = { workspace = true }
 reqsign-core = { workspace = true }
 rsa = { workspace = true }
 serde = { workspace = true }
diff --git a/services/google/src/sign_request.rs 
b/services/google/src/sign_request.rs
index 420036b..8f594cd 100644
--- a/services/google/src/sign_request.rs
+++ b/services/google/src/sign_request.rs
@@ -21,6 +21,7 @@ use log::debug;
 use percent_encoding::{percent_decode_str, utf8_percent_encode};
 use rsa::pkcs1v15::SigningKey;
 use rsa::pkcs8::DecodePrivateKey;
+use rsa::rand_core::OsRng;
 use rsa::signature::RandomizedSigner;
 use serde::{Deserialize, Serialize};
 use std::borrow::Cow;
@@ -242,7 +243,7 @@ impl RequestSigner {
     }
 
     fn sign_with_service_account(private_key_pem: &str, string_to_sign: &str) 
-> Result<String> {
-        let mut rng = rand::thread_rng();
+        let mut rng = OsRng;
         let private_key = 
rsa::RsaPrivateKey::from_pkcs8_pem(private_key_pem).map_err(|e| {
             reqsign_core::Error::unexpected("failed to parse private 
key").with_source(e)
         })?;

Reply via email to