Lib: Further reduce dependency list

Cargo.toml

@@ -20,6 +20,7 @@ members = [
   "crates/macros",
   "crates/macro_test",
   "crates/platform-utils",
+  "crates/utils",
   "crates/spark",
   "crates/spark-itest",
   "crates/spark-postgres",
@@ -54,7 +55,8 @@ bech32 = "0.11.0"
 bip39 = "2.2.0"
 bitcoin = { version = "0.32.6", features = ["serde"] }
 bitflags = "2.10.0"
-bitreq = { version = "0.3.4" }
+# bitreq = { version = "0.3.4" }
+bitreq = { git = "https://github.com/breez/corepc", branch = "yse-bitreq-rustls" }
 breez-sdk-common = { path = "crates/breez-sdk/common", default-features = false }
 breez-sdk-spark = { path = "crates/breez-sdk/core" }
 built = { version = "0.8.0", features = ["git2"] }
@@ -64,8 +66,9 @@ cbc = "0.1.2"
 chrono = { version = "0.4.37", features = ["serde"] }
 clap = "4.5.40"
 dirs = "6.0.0"
-ecies = { version = "0.2.7", default-features = false, features = ["pure"] }
-enum_to_enum = "0.1.0"
+aes-gcm = "0.10"
+hkdf = "0.12"
+sha2 = "0.10"
 figment = "0.10.19"
 flashnet = { path = "crates/flashnet", default-features = false }
 # frost-core = "2.1.0"
@@ -81,30 +84,30 @@ http = "1.3.1"
 http-body = "1.0.1"
 http-body-util = "0.1.3"
 js-sys = "0.3.77"
-k256 = { version = "0.13.0", features = ["arithmetic", "schnorr", "ecdsa"] }
+k256 = { version = "0.13.0", features = ["arithmetic"] }
 lightning = "0.1.3"
 lightning-invoice = "0.33.1"
 lnurl-models = { path = "crates/breez-sdk/lnurl-models" }
 macros = { path = "crates/macros" }
 nostr = { version = "0.43.1", default-features = false, features = ["std"] }
 nostr-sdk = { version = "0.43.0", default-features = false }
-openssl = { version = "0.10.70", default-features = false, features = ["vendored"] }
 platform-utils = { path = "crates/platform-utils" }
+utils = { path = "crates/utils" }
 proc-macro2 = "1.0.97"
 prost = "0.13.4"
 prost-types = "0.13.4"
 quote = "1.0.40"
 rand = "0.8"
-rayon = "1.10"
 rcgen = "0.14.5"
-regex = "1.11.2"
+secp256k1 = { version = "0.29", features = ["rand"] }
+regex-lite = "0.1.6"
 reqwest = { version = "0.12.23", default-features = false, features = ["json", "http2", "charset", "system-proxy"] }
 rstest = "0.26.1"
 rstest_reuse = "0.7.0"
 # We want to match the rusqlite version used by ldk-node and the rest of the ecosystem
 rusqlite = { version = "0.32.1", features = ["backup", "bundled"] }
 rusqlite_migration = { version = "1.3.1" }
-rustls = { version = "0.23.28", default-features = false, features = ["ring"] }
+rustls = { version = "0.23.37", default-features = false, features = ["ring"] }
 rustyline = "16.0.0"
 serde = "1.0.219"
 serde_json = "1.0.140"
@@ -114,8 +117,6 @@ shlex = "1.3.0"
 spark = { path = "crates/spark", default-features = false }
 spark-postgres = { path = "crates/spark-postgres" }
 spark-wallet = { path = "crates/spark-wallet", default-features = false }
-strum = "0.27.1"
-strum_macros = "0.27.1"
 syn = "2.0.105"
 test-log = { version = "0.2.18", default-features = false }
 testcontainers = "0.24.0"

Makefile

@@ -70,4 +70,7 @@ claude-check:
 	make fmt-check clippy-check cargo-test
 
 open-core-rustdocs:
-	cd crates/breez-sdk/core && cargo doc --no-deps --open
+	cd crates/breez-sdk/core && cargo doc --no-deps --open
+
+update-lockfiles:
+	./scripts/update-lock-files.sh

crates/breez-sdk/common/Cargo.toml

@@ -29,10 +29,9 @@ lightning.workspace = true
 macros.workspace = true
 platform-utils.workspace = true
 prost.workspace = true
-regex.workspace = true
+regex-lite.workspace = true
 serde = { workspace = true, features = ["derive"] }
 serde_json.workspace = true
-strum = { workspace = true, features = ["derive"] }
 thiserror.workspace = true
 tokio.workspace = true
 tracing.workspace = true

crates/breez-sdk/common/src/input/error.rs

@@ -66,8 +66,8 @@ impl From<ServiceConnectivityError> for ParseError {
     }
 }
 
-impl From<regex::Error> for ParseError {
-    fn from(value: regex::Error) -> Self {
+impl From<regex_lite::Error> for ParseError {
+    fn from(value: regex_lite::Error) -> Self {
         Self::InvalidExternalInputParser(format!("Couldn't parse regex: {value}"))
     }
 }

crates/breez-sdk/common/src/input/parser/mod.rs

@@ -3,7 +3,7 @@ use std::ops::Not;
 use bitcoin::{Address, Denomination, address::NetworkUnchecked};
 use lightning::bolt11_invoice::Bolt11InvoiceDescriptionRef;
 use platform_utils::time::UNIX_EPOCH;
-use regex::Regex;
+use regex_lite::Regex;
 use spark_wallet::{SparkAddress, SparkAddressPaymentType};
 use tracing::{debug, error, warn};
 

crates/breez-sdk/common/src/network.rs

@@ -1,8 +1,9 @@
+use std::fmt;
+
 use serde::{Deserialize, Serialize};
 use spark::Network;
-use strum::Display;
 
-#[derive(Clone, Copy, Debug, Display, Eq, PartialEq, Serialize, Deserialize)]
+#[derive(Clone, Copy, Debug, Eq, PartialEq, Serialize, Deserialize)]
 pub enum BitcoinNetwork {
     /// Mainnet
     Bitcoin,
@@ -12,6 +13,18 @@ pub enum BitcoinNetwork {
     Regtest,
 }
 
+impl fmt::Display for BitcoinNetwork {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        match self {
+            Self::Bitcoin => write!(f, "Bitcoin"),
+            Self::Testnet3 => write!(f, "Testnet3"),
+            Self::Testnet4 => write!(f, "Testnet4"),
+            Self::Signet => write!(f, "Signet"),
+            Self::Regtest => write!(f, "Regtest"),
+        }
+    }
+}
+
 impl From<bitcoin::Network> for BitcoinNetwork {
     fn from(network: bitcoin::Network) -> Self {
         match network {

crates/breez-sdk/core/Cargo.toml

@@ -5,8 +5,7 @@ version.workspace = true
 
 [features]
 browser-tests = ["passkey"]                 # Enable browser wasm-pack tests
-uniffi = ["dep:uniffi", "openssl-vendored"]
-openssl-vendored = ["openssl"]
+uniffi = ["dep:uniffi"]
 test-utils = ["spark-wallet/test-utils"]
 # Passkey functionality
 passkey = ["dep:nostr", "dep:nostr-sdk"]
@@ -31,14 +30,13 @@ bitflags.workspace = true
 breez-sdk-common.workspace = true
 platform-utils.workspace = true
 chrono.workspace = true
-ecies.workspace = true
+utils.workspace = true
 flashnet.workspace = true
 hex.workspace = true
 lnurl-models.workspace = true
 macros.workspace = true
 nostr = { workspace = true, optional = true }
 nostr-sdk = { workspace = true, optional = true }
-openssl = { workspace = true, optional = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json.workspace = true
 spark-postgres = { workspace = true, optional = true }
@@ -48,7 +46,7 @@ tracing.workspace = true
 tracing-subscriber = { workspace = true, features = ["env-filter"] }
 uuid.workspace = true
 uniffi = { workspace = true, optional = true }
-x509-parser = { version = "0.16.0" }
+x509-cert = { version = "0.2", default-features = false }
 anyhow.workspace = true
 frost-secp256k1-tr = { workspace = true }
 k256 = { workspace = true, features = ["arithmetic"] }

crates/breez-sdk/core/src/sdk/helpers.rs

@@ -8,7 +8,8 @@ use spark_wallet::SparkWallet;
 use std::{str::FromStr, sync::Arc};
 use tokio::sync::mpsc;
 use tracing::{debug, error, info};
-use x509_parser::parse_x509_certificate;
+use x509_cert::Certificate;
+use x509_cert::der::{Decode, asn1::ObjectIdentifier};
 
 use crate::{
     PaymentDetails, WaitForPaymentIdentifier,
@@ -167,6 +168,9 @@ pub(crate) fn process_success_action(
     Ok(Some(SuccessActionProcessed::Aes { result }))
 }
 
+// OID 2.5.4.3 = commonName
+const OID_COMMON_NAME: ObjectIdentifier = ObjectIdentifier::new_unwrap("2.5.4.3");
+
 pub(crate) fn validate_breez_api_key(api_key: &str) -> Result<(), SdkError> {
     let api_key_decoded = base64::engine::general_purpose::STANDARD
         .decode(api_key.as_bytes())
@@ -175,15 +179,18 @@ pub(crate) fn validate_breez_api_key(api_key: &str) -> Result<(), SdkError> {
                 "Could not base64 decode the Breez API key: {err:?}"
             ))
         })?;
-    let (_rem, cert) = parse_x509_certificate(&api_key_decoded).map_err(|err| {
+    let cert = Certificate::from_der(&api_key_decoded).map_err(|err| {
         SdkError::Generic(format!("Invalid certificate for Breez API key: {err:?}"))
     })?;
 
     let issuer = cert
-        .issuer()
-        .iter_common_name()
-        .next()
-        .and_then(|cn| cn.as_str().ok());
+        .tbs_certificate
+        .issuer
+        .0
+        .iter()
+        .flat_map(|rdn| rdn.0.iter())
+        .find(|atv| atv.oid == OID_COMMON_NAME)
+        .and_then(|atv| str::from_utf8(atv.value.value()).ok());
     match issuer {
         Some(common_name) => {
             if !common_name.starts_with("Breez") {

crates/breez-sdk/core/src/signer/breez.rs

@@ -95,7 +95,7 @@ impl BreezSigner for BreezSignerImpl {
             .derive_priv(&self.secp, path)
             .map_err(|e| SdkError::Generic(e.to_string()))?;
         let rc_pub = derived.private_key.public_key(&self.secp).serialize();
-        ecies::encrypt(&rc_pub, message)
+        utils::ecies::encrypt(&rc_pub, message)
             .map_err(|err| SdkError::Generic(format!("Could not encrypt data: {err}")))
     }
 
@@ -110,7 +110,7 @@ impl BreezSigner for BreezSignerImpl {
             .derive_priv(&self.secp, path)
             .map_err(|e| SdkError::Generic(e.to_string()))?;
         let rc_prv = derived.private_key.secret_bytes();
-        ecies::decrypt(&rc_prv, message)
+        utils::ecies::decrypt(&rc_prv, message)
             .map_err(|err| SdkError::Generic(format!("Could not decrypt data: {err}")))
     }