diff --git a/crypto/Cargo.toml b/crypto/Cargo.toml
index 22204622..4c7e3a01 100644
--- a/crypto/Cargo.toml
+++ b/crypto/Cargo.toml
@@ -13,7 +13,7 @@ cfg-if = "1.0.0"
 chacha20poly1305 = { version = "0.10.1", optional = true }
 jsonwebtoken = "9.3.0"
 pbkdf2 = { version = "0.12.2", optional = true }
-rand.workspace = true
+rand = { workspace = true, optional = true }
 sha2 = "0.10.8"
 thiserror.workspace = true
 serde_json.workspace = true
@@ -25,8 +25,14 @@ time.workspace = true
 
 [features]
 fips = []
-crypto = ["dep:aes-gcm", "dep:argon2", "dep:chacha20poly1305", "dep:pbkdf2"]
-# default = ["crypto", "fips"]
+crypto = [
+    "dep:aes-gcm",
+    "dep:argon2",
+    "dep:chacha20poly1305",
+    "dep:pbkdf2",
+    "dep:rand",
+]
+default = ["crypto", "fips"]
 
 [lints.clippy]
 unwrap_used = "deny"
diff --git a/crypto/src/encdec/decrypt.rs b/crypto/src/encdec/decrypt.rs
index 13a81dd1..92de9005 100644
--- a/crypto/src/encdec/decrypt.rs
+++ b/crypto/src/encdec/decrypt.rs
@@ -1,6 +1,7 @@
 #[cfg(any(test, feature = "crypto"))]
 pub fn decrypt_data(password: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Error> {
     use crate::encdec::id::ID;
+    use crate::error::Error;
     use aes_gcm::{Aes256Gcm, KeyInit as _};
     use chacha20poly1305::ChaCha20Poly1305;
 
@@ -30,6 +31,7 @@ pub fn decrypt_data(password: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Erro
 #[cfg(any(test, feature = "crypto"))]
 #[inline]
 fn decryp<T: aes_gcm::aead::Aead>(stream: T, nonce: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Error> {
+    use crate::error::Error;
     stream
         .decrypt(aes_gcm::Nonce::from_slice(nonce), data)
         .map_err(Error::ErrDecryptFailed)
diff --git a/crypto/src/encdec/encrypt.rs b/crypto/src/encdec/encrypt.rs
index a6b5c28d..76ddd2a1 100644
--- a/crypto/src/encdec/encrypt.rs
+++ b/crypto/src/encdec/encrypt.rs
@@ -3,6 +3,7 @@ pub fn encrypt_data(password: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Erro
     use crate::encdec::id::ID;
     use aes_gcm::Aes256Gcm;
     use aes_gcm::KeyInit as _;
+    use rand::random;
 
     let salt: [u8; 32] = random();
 
@@ -34,7 +35,14 @@ pub fn encrypt_data(password: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Erro
 }
 
 #[cfg(any(test, feature = "crypto"))]
-fn encrypt<T: aes_gcm::aead::Aead>(stream: T, salt: &[u8], id: ID, data: &[u8]) -> Result<Vec<u8>, crate::Error> {
+fn encrypt<T: aes_gcm::aead::Aead>(
+    stream: T,
+    salt: &[u8],
+    id: crate::encdec::id::ID,
+    data: &[u8],
+) -> Result<Vec<u8>, crate::Error> {
+    use crate::error::Error;
+
     let nonce = T::generate_nonce(rand::thread_rng());
     let encryptor = stream.encrypt(&nonce, data).map_err(Error::ErrEncryptFailed)?;