From dc0db358abe19481e475e10c32149b53370f1a1c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Thu, 30 May 2024 05:57:31 +0200 Subject: Merging upstream version 1.72.1+dfsg1. Signed-off-by: Daniel Baumann --- vendor/subtle/README.md | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) (limited to 'vendor/subtle/README.md') diff --git a/vendor/subtle/README.md b/vendor/subtle/README.md index 81ac448fe..de7757554 100644 --- a/vendor/subtle/README.md +++ b/vendor/subtle/README.md @@ -7,7 +7,7 @@ instead of `bool` which are intended to execute in constant-time. The `Choice` type is a wrapper around a `u8` that holds a `0` or `1`. ```toml -subtle = "2.4" +subtle = "2.5" ``` This crate represents a “best-effort” attempt, since side-channels @@ -26,6 +26,13 @@ prevent this refinement, the crate tries to hide the value of a `Choice`'s inner `u8` by passing it through a volatile read. For more information, see the _About_ section below. +Rust versions from 1.66 or higher support a new best-effort optimization +barrier ([`core::hint::black_box`]). To use the new optimization barrier, +enable the `core_hint_black_box` feature. + +Rust versions from 1.51 or higher have const generics support. You may enable +`const-generics` feautre to have `subtle` traits implemented for arrays `[T; N]`. + Versions prior to `2.2` recommended use of the `nightly` feature to enable an optimization barrier; this is not required in versions `2.2` and above. @@ -48,10 +55,15 @@ Minimum supported Rust version can be changed in the future, but it will be done This library aims to be the Rust equivalent of Go’s `crypto/subtle` module. -The optimization barrier in `impl From for Choice` was based on Tim -Maclean's [work on `rust-timing-shield`][rust-timing-shield], which attempts to -provide a more comprehensive approach for preventing software side-channels in -Rust code. +Old versions of the optimization barrier in `impl From for Choice` were +based on Tim Maclean's [work on `rust-timing-shield`][rust-timing-shield], +which attempts to provide a more comprehensive approach for preventing +software side-channels in Rust code. + +From version `2.2`, it was based on Diane Hosfelt and Amber Sprenkels' work on +"Secret Types in Rust". Version `2.5` adds the `core_hint_black_box` feature, +which uses the original method through the [`core::hint::black_box`] function +from the Rust standard library. `subtle` is authored by isis agora lovecruft and Henry de Valence. @@ -66,4 +78,5 @@ effort is fundamentally limited. **USE AT YOUR OWN RISK** [docs]: https://docs.rs/subtle +[`core::hint::black_box`]: https://doc.rust-lang.org/core/hint/fn.black_box.html [rust-timing-shield]: https://www.chosenplaintext.ca/open-source/rust-timing-shield/security -- cgit v1.2.3