Hywan
diff --git a/‎Cargo.lock
+65-21 b/‎Cargo.lock
+65-21
diff --git a/‎Cargo.toml
+1-1 b/‎Cargo.toml
+1-1
diff --git a/‎bindings/matrix-sdk-crypto-ffi/src/backup_recovery_key.rs
+3-7 b/‎bindings/matrix-sdk-crypto-ffi/src/backup_recovery_key.rs
+3-7
diff --git a/‎bindings/matrix-sdk-crypto-ffi/src/dehydrated_devices.rs
+1-5 b/‎bindings/matrix-sdk-crypto-ffi/src/dehydrated_devices.rs
+1-5
diff --git a/‎bindings/matrix-sdk-crypto-ffi/src/lib.rs
+2-3 b/‎bindings/matrix-sdk-crypto-ffi/src/lib.rs
+2-3
diff --git a/‎crates/matrix-sdk-crypto/src/backups/keys/decryption.rs
+4-4 b/‎crates/matrix-sdk-crypto/src/backups/keys/decryption.rs
+4-4
diff --git a/‎crates/matrix-sdk-crypto/src/backups/mod.rs
+4-4 b/‎crates/matrix-sdk-crypto/src/backups/mod.rs
+4-4
@@ -55,7 +55,7 @@ once_cell = "1.20.2"
 pbkdf2 = { version = "0.12.2" }
 pin-project-lite = "0.2.16"
 proptest = { version = "1.6.0", default-features = false, features = ["std"] }
-rand = "0.8.5"
+rand = "0.9.0"
 reqwest = { version = "0.12.12", default-features = false }
 rmp-serde = "1.3.0"
 # Be careful to use commits from the https://github.com/ruma/ruma/tree/ruma-0.12
 
@@ -6,7 +6,7 @@ use matrix_sdk_crypto::{
     store::{BackupDecryptionKey, CryptoStoreError as InnerStoreError},
 };
 use pbkdf2::pbkdf2;
-use rand::{distributions::Alphanumeric, thread_rng, Rng};
+use rand::{distr::Alphanumeric, rng, Rng};
 use sha2::Sha512;
 use thiserror::Error;
 use zeroize::Zeroize;
@@ -75,11 +75,7 @@ impl BackupRecoveryKey {
     #[allow(clippy::new_without_default)]
     #[uniffi::constructor]
     pub fn new() -> Arc<Self> {
-        Arc::new(Self {
-            inner: BackupDecryptionKey::new()
-                .expect("Can't gather enough randomness to create a recovery key"),
-            passphrase_info: None,
-        })
+        Arc::new(Self { inner: BackupDecryptionKey::new(), passphrase_info: None })
     }
 
     /// Try to create a [`BackupRecoveryKey`] from a base 64 encoded string.
@@ -97,7 +93,7 @@ impl BackupRecoveryKey {
     /// Create a new [`BackupRecoveryKey`] from the given passphrase.
     #[uniffi::constructor]
     pub fn new_from_passphrase(passphrase: String) -> Arc<Self> {
-        let mut rng = thread_rng();
+        let mut rng = rng();
         let salt: String = iter::repeat(())
             .map(|()| rng.sample(Alphanumeric))
             .map(char::from)
 
@@ -28,8 +28,6 @@ pub enum DehydrationError {
     Store(#[from] matrix_sdk_crypto::CryptoStoreError),
     #[error("The pickle key has an invalid length, expected 32 bytes, got {0}")]
     PickleKeyLength(usize),
-    #[error(transparent)]
-    Rand(#[from] rand::Error),
 }
 
 impl From<matrix_sdk_crypto::dehydrated_devices::DehydrationError> for DehydrationError {
@@ -226,9 +224,7 @@ mod tests {
 
     #[test]
     fn test_creating_dehydrated_key() {
-        let result = DehydratedDeviceKey::new();
-        assert!(result.is_ok());
-        let dehydrated_device_key = result.unwrap();
+        let dehydrated_device_key = DehydratedDeviceKey::new();
         let base_64 = dehydrated_device_key.to_base64();
         let inner_bytes = dehydrated_device_key.inner;
 
 
@@ -841,9 +841,8 @@ pub struct DehydratedDeviceKey {
 
 impl DehydratedDeviceKey {
     /// Generates a new random pickle key.
-    pub fn new() -> Result<Self, DehydrationError> {
-        let inner = InnerDehydratedDeviceKey::new()?;
-        Ok(inner.into())
+    pub fn new() -> Self {
+        InnerDehydratedDeviceKey::new().into()
     }
 
     /// Creates a new dehydration pickle key from the given slice.
 
@@ -303,7 +303,7 @@ mod tests {
 
     #[test]
     fn base64_decoding() -> Result<(), DecodeError> {
-        let key = BackupDecryptionKey::new().expect("Can't create a new recovery key");
+        let key = BackupDecryptionKey::new();
 
         let base64 = key.to_base64();
         let decoded_key = BackupDecryptionKey::from_base64(&base64)?;
@@ -316,7 +316,7 @@ mod tests {
 
     #[test]
     fn base58_decoding() -> Result<(), DecodeError> {
-        let key = BackupDecryptionKey::new().expect("Can't create a new recovery key");
+        let key = BackupDecryptionKey::new();
 
         let base64 = key.to_base58();
         let decoded_key = BackupDecryptionKey::from_base58(&base64)?;
@@ -394,7 +394,7 @@ mod tests {
     async fn test_encryption_cycle() {
         let session = InboundGroupSession::from_export(&room_key()).unwrap();
 
-        let decryption_key = BackupDecryptionKey::new().unwrap();
+        let decryption_key = BackupDecryptionKey::new();
         let encryption_key = decryption_key.megolm_v1_public_key();
 
         let encrypted = encryption_key.encrypt(session).await;
@@ -406,7 +406,7 @@ mod tests {
 
     #[test]
     fn key_matches() {
-        let decryption_key = BackupDecryptionKey::new().unwrap();
+        let decryption_key = BackupDecryptionKey::new();
 
         let key_info = decryption_key.to_backup_info();
 
 
@@ -699,7 +699,7 @@ mod tests {
         assert_eq!(counts.total, 2, "Two room keys need to exist in the store");
         assert_eq!(counts.backed_up, 0, "No room keys have been backed up yet");
 
-        let decryption_key = BackupDecryptionKey::new().expect("Can't create new recovery key");
+        let decryption_key = BackupDecryptionKey::new();
         let backup_key = decryption_key.megolm_v1_public_key();
         backup_key.set_version("1".to_owned());
 
@@ -836,7 +836,7 @@ mod tests {
         let backup_machine = machine.backup_machine();
 
         // We set up a backup key, so that we can test `backup_machine.backup()` later.
-        let decryption_key = BackupDecryptionKey::new().expect("Couldn't create new recovery key");
+        let decryption_key = BackupDecryptionKey::new();
         let backup_key = decryption_key.megolm_v1_public_key();
         backup_key.set_version("1".to_owned());
         backup_machine.enable_backup_v1(backup_key).await.expect("Couldn't enable backup");
@@ -884,7 +884,7 @@ mod tests {
         let machine = OlmMachine::new(alice_id(), alice_device_id()).await;
         let backup_machine = machine.backup_machine();
 
-        let decryption_key = BackupDecryptionKey::new().unwrap();
+        let decryption_key = BackupDecryptionKey::new();
         let mut backup_info = decryption_key.to_backup_info();
 
         let result = backup_machine.verify_backup(backup_info.to_owned(), false).await.unwrap();
@@ -902,7 +902,7 @@ mod tests {
     async fn test_fix_backup_key_mismatch() {
         let store = MemoryStore::new();
 
-        let backup_decryption_key = BackupDecryptionKey::new().unwrap();
+        let backup_decryption_key = BackupDecryptionKey::new();
 
         store
             .save_changes(Changes {