From ccf441450b964d6605e24f8027b38f7be4068990 Mon Sep 17 00:00:00 2001
From: Arthur Gautier <arthur.gautier@arista.com>
Date: Thu, 8 Jan 2026 14:32:02 -0800
Subject: [PATCH] chore(deps): bump elliptic-curve from `0.14.0-rc.19` to
 `0.14.0-rc.21`

---
 Cargo.lock                 | 27 +++++++++++++++------------
 cms/Cargo.toml             |  2 +-
 cms/src/builder/kari.rs    |  4 ++--
 x509-cert/Cargo.toml       |  2 +-
 x509-cert/src/builder.rs   | 12 ++++++++----
 x509-cert/tests/builder.rs |  6 +++---
 6 files changed, 30 insertions(+), 23 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 2cf38cba1..bf75a6a74 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -414,9 +414,9 @@ checksum = "460fbee9c2c2f33933d720630a6a0bac33ba7053db5344fac858d4b8952d77d5"
 
 [[package]]
 name = "crypto-bigint"
-version = "0.7.0-rc.14"
+version = "0.7.0-rc.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c9c6daa2049db6a5fad90a981b8c63f023dbaf75a0fae73db4dcf234556fc957"
+checksum = "1a9e36ac79ac44866b74e08a0b4925f97b984e3fff17680d2c6fbce8317ab0f6"
 dependencies = [
  "ctutils",
  "getrandom 0.4.0-rc.0",
@@ -434,6 +434,7 @@ version = "0.2.0-rc.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "41b8986f836d4aeb30ccf4c9d3bd562fd716074cfd7fc4a2948359fbd21ed809"
 dependencies = [
+ "getrandom 0.4.0-rc.0",
  "hybrid-array",
  "rand_core 0.10.0-rc-3",
 ]
@@ -537,9 +538,9 @@ dependencies = [
 
 [[package]]
 name = "ecdsa"
-version = "0.17.0-rc.11"
+version = "0.17.0-rc.12"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "569a1f3377df19ab839b2811061095ff7d9fb7ea3c0e500b7a4724343cf6ee3d"
+checksum = "a18ccb2afbad0782e073b602a7d59dd08966d2b1173e08f96ebffb5446f8446d"
 dependencies = [
  "der",
  "digest",
@@ -558,12 +559,13 @@ checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719"
 
 [[package]]
 name = "elliptic-curve"
-version = "0.14.0-rc.19"
+version = "0.14.0-rc.21"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6bfae4ab886ff791e2119cc79402281e35408f22b6b7322acef371d01061054b"
+checksum = "6ee4530cd12af66979d89bf0e555c66d04ed1dc58479d7a69d93c98a650fb738"
 dependencies = [
  "base16ct",
  "crypto-bigint",
+ "crypto-common",
  "digest",
  "getrandom 0.4.0-rc.0",
  "hkdf",
@@ -941,9 +943,9 @@ checksum = "d6790f58c7ff633d8771f42965289203411a5e5c68388703c06e14f24770b41e"
 
 [[package]]
 name = "p256"
-version = "0.14.0-rc.3"
+version = "0.14.0-rc.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4caab26e75ab3d0790a0f29df73f006308ada2e1fbbfcbab03e92346adc43dd9"
+checksum = "dcb1056e093c065babf1e9b0e28a630bee540cd9f5b905230ddc475175f5e9c8"
 dependencies = [
  "ecdsa",
  "elliptic-curve",
@@ -1092,11 +1094,12 @@ dependencies = [
 
 [[package]]
 name = "primefield"
-version = "0.14.0-rc.3"
+version = "0.14.0-rc.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "29b2bd4ddf14d08c2bc8d9cceaf362f28c146b0737d58c7fee6534b99e19a3ee"
+checksum = "bf1f23afb6185c65efc97605dea2d667f6fef71cb9d3198992c1e9002e349f40"
 dependencies = [
  "crypto-bigint",
+ "crypto-common",
  "rand_core 0.10.0-rc-3",
  "rustcrypto-ff",
  "subtle",
@@ -1105,9 +1108,9 @@ dependencies = [
 
 [[package]]
 name = "primeorder"
-version = "0.14.0-rc.3"
+version = "0.14.0-rc.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4e56388fad6b8c7576e6987fd0c8c7f3bf94d73d74ae794edaac3e420f9cabfe"
+checksum = "12459f4bdd430002b812017c3e99f5a27a2c2689f1b140cb82a73c23431b71e0"
 dependencies = [
  "elliptic-curve",
 ]
diff --git a/cms/Cargo.toml b/cms/Cargo.toml
index 9acbf16aa..1ba7fb99c 100644
--- a/cms/Cargo.toml
+++ b/cms/Cargo.toml
@@ -45,7 +45,7 @@ pbkdf2 = "0.13.0-rc.5"
 rand = "0.10.0-rc.6"
 rsa = { version = "0.10.0-rc.11", features = ["sha2"] }
 ecdsa = { version = "0.17.0-rc.10", features = ["digest", "pem"] }
-p256 = "0.14.0-rc.2"
+p256 = "0.14.0-rc.4"
 tokio = { version = "1.45.1", features = ["macros", "rt"] }
 x509-cert = { version = "0.3.0-rc.3", features = ["pem"] }
 
diff --git a/cms/src/builder/kari.rs b/cms/src/builder/kari.rs
index 88564c7ee..cd9586851 100644
--- a/cms/src/builder/kari.rs
+++ b/cms/src/builder/kari.rs
@@ -45,7 +45,7 @@ use aes::cipher::{
 };
 use digest::{Digest, FixedOutputReset};
 use elliptic_curve::{
-    AffinePoint, Curve, CurveArithmetic, FieldBytesSize, PublicKey,
+    AffinePoint, Curve, CurveArithmetic, FieldBytesSize, Generate, PublicKey,
     ecdh::{EphemeralSecret, SharedSecret},
     point::PointCompression,
     sec1::{FromEncodedPoint, ModulusSize, ToEncodedPoint},
@@ -305,7 +305,7 @@ where
         ) = match self.eckey_encryption_info {
             EcKeyEncryptionInfo::Ec(recipient_public_key) => {
                 // Generate ephemeral key using ecdh
-                let Ok(ephemeral_secret) = EphemeralSecret::try_from_rng(rng);
+                let ephemeral_secret = EphemeralSecret::generate_from_rng(rng);
                 let ephemeral_public_key_encoded_point =
                     ephemeral_secret.public_key().to_encoded_point(false);
 
diff --git a/x509-cert/Cargo.toml b/x509-cert/Cargo.toml
index 843bebd80..bd023879b 100644
--- a/x509-cert/Cargo.toml
+++ b/x509-cert/Cargo.toml
@@ -32,7 +32,7 @@ hex-literal = "1"
 rand = "0.10.0-rc.6"
 rsa = { version = "0.10.0-rc.11", features = ["sha2"] }
 ecdsa = { version = "0.17.0-rc.9", features = ["digest", "pem"] }
-p256 = "0.14.0-rc.2"
+p256 = "0.14.0-rc.4"
 rstest = "0.26"
 sha2 = { version = "0.11.0-rc.3", features = ["oid"] }
 tempfile = "3.5"
diff --git a/x509-cert/src/builder.rs b/x509-cert/src/builder.rs
index 811d0c5c4..bb054eea8 100644
--- a/x509-cert/src/builder.rs
+++ b/x509-cert/src/builder.rs
@@ -259,6 +259,7 @@ pub trait Builder: Sized {
     /// This would look like:
     #[cfg_attr(feature = "std", doc = "```no_run")]
     #[cfg_attr(not(feature = "std"), doc = "```ignore")]
+    /// # use p256::elliptic_curve::Generate;
     /// # use rand::rng;
     /// # use std::{
     /// #     str::FromStr,
@@ -273,7 +274,7 @@ pub trait Builder: Sized {
     /// # };
     /// #
     /// # let mut rng = rng();
-    /// # let signer = p256::ecdsa::SigningKey::try_from_rng(&mut rng).unwrap();
+    /// # let signer = p256::ecdsa::SigningKey::generate_from_rng(&mut rng);
     /// # let builder = CertificateBuilder::new(
     /// #     builder::profile::cabf::Root::new(
     /// #         false,
@@ -310,6 +311,7 @@ pub trait Builder: Sized {
     /// This would look like:
     #[cfg_attr(feature = "std", doc = "```no_run")]
     #[cfg_attr(not(feature = "std"), doc = "```ignore")]
+    /// # use p256::elliptic_curve::Generate;
     /// # use rand::rng;
     /// # use std::{
     /// #     str::FromStr,
@@ -324,7 +326,7 @@ pub trait Builder: Sized {
     /// # };
     /// #
     /// # let mut rng = rng();
-    /// # let signer = p256::ecdsa::SigningKey::try_from_rng(&mut rng).unwrap();
+    /// # let signer = p256::ecdsa::SigningKey::generate_from_rng(&mut rng);
     /// # let builder = CertificateBuilder::new(
     /// #     builder::profile::cabf::Root::new(
     /// #         false,
@@ -442,6 +444,7 @@ pub trait AsyncBuilder: Sized {
     /// This would look like:
     #[cfg_attr(feature = "std", doc = "```no_run")]
     #[cfg_attr(not(feature = "std"), doc = "```ignore")]
+    /// # use p256::elliptic_curve::Generate;
     /// # use rand::rng;
     /// # use std::{
     /// #     str::FromStr,
@@ -457,7 +460,7 @@ pub trait AsyncBuilder: Sized {
     /// #
     /// # async fn build() -> builder::Result<()> {
     /// # let mut rng = rng();
-    /// # let signer = p256::ecdsa::SigningKey::try_from_rng(&mut rng).unwrap();
+    /// # let signer = p256::ecdsa::SigningKey::generate_from_rng(&mut rng);
     /// # let builder = CertificateBuilder::new(
     /// #     builder::profile::cabf::Root::new(
     /// #         false,
@@ -496,6 +499,7 @@ pub trait AsyncBuilder: Sized {
     /// This would look like:
     #[cfg_attr(feature = "std", doc = "```no_run")]
     #[cfg_attr(not(feature = "std"), doc = "```ignore")]
+    /// # use p256::elliptic_curve::Generate;
     /// # use rand::rng;
     /// # use std::{
     /// #     str::FromStr,
@@ -511,7 +515,7 @@ pub trait AsyncBuilder: Sized {
     /// #
     /// # async fn build() -> builder::Result<()> {
     /// # let mut rng = rng();
-    /// # let signer = p256::ecdsa::SigningKey::try_from_rng(&mut rng).unwrap();
+    /// # let signer = p256::ecdsa::SigningKey::generate_from_rng(&mut rng);
     /// # let builder = CertificateBuilder::new(
     /// #     builder::profile::cabf::Root::new(
     /// #         false,
diff --git a/x509-cert/tests/builder.rs b/x509-cert/tests/builder.rs
index ca6269c50..c88ca91f6 100644
--- a/x509-cert/tests/builder.rs
+++ b/x509-cert/tests/builder.rs
@@ -5,8 +5,7 @@ use der::{
     asn1::{Ia5String, PrintableString},
     pem::LineEnding,
 };
-use p256::{NistP256, ecdsa::DerSignature, pkcs8::DecodePrivateKey};
-use rand::rngs::SysRng;
+use p256::{NistP256, ecdsa::DerSignature, elliptic_curve::Generate, pkcs8::DecodePrivateKey};
 use rsa::pkcs1::DecodeRsaPrivateKey;
 use rsa::pkcs1v15::SigningKey;
 use sha2::Sha256;
@@ -314,9 +313,10 @@ fn dynamic_signer() {
     let subject = Name::from_str("CN=Test").expect("parse common name");
 
     let csr_builder = RequestBuilder::new(subject).expect("construct builder");
+    let mut rng = rand::rng();
 
     let csr = if true {
-        let req_signer = p256::ecdsa::SigningKey::try_from_rng(&mut SysRng).unwrap();
+        let req_signer = p256::ecdsa::SigningKey::generate_from_rng(&mut rng);
         csr_builder
             .build::<_, p256::ecdsa::DerSignature>(&req_signer)
             .expect("Sign request")