chore(deps): bump constant_time_eq from 0.3.1 to 0.4.2

[dependabot]

Bumps constant_time_eq from 0.3.1 to 0.4.2.

Changelog

Sourced from constant_time_eq's changelog.

0.4.2

• Refactor detection of the DIT feature on ARM. For builds without the "std" feature, there's now an undocumented function to force the use of the DIT bit.

0.4.1

• Simplify code to make it easier to review.

0.4.0

BREAKING CHANGE: this crate now has a "std" feature which is enabled by default. Disable it if you need to use this crate as a no_std crate.

Previous versions of this crate protected against the optimizer doing an early exit when the accumulator becomes non-zero (found a difference), but not against a sufficiently smart optimizer doing an early exit when the accumulator has all bits set (the accumulator never clears a bit, so having all bits set means it will no longer change).

Protecting against that also prevents autovectorization, so this release does manual vectorization to recover most of the speed lost. Where there is enough compiler support (stable vector intrinsics), it uses a mix of vector intrinsics and inline assembly for inputs which are a multiple of the vector size, while for other architectures and for the remainder of an input which is not a multiple of the vector size, it uses a generic word-at-a-time implementation with the native word size.

Some newer implementations of the ARM architecture do not guarantee the timing of instructions unless the DIT bit is set. Fortunately, that bit can be set on all privilege levels; unfortunately, that bit only exists on these newer implementations of the ARM architecture, and the flag to detect whether it exists is not accessible on all privilege levels. How to obtain that flag varies depending on the operating system, but Rust has a good implementation of that on its standard library. This means that runtime detection introduces a dependency on std (enabled by the "std" feature, which is enabled by default); compile-time detection is always available.

This release is a candidate for becoming the 1.0 release. In preparation for that, it uses the 2024 edition, which enables the new resolver which will allow future updates to the set of architectures which can use the inline assembly implementation of optimizer_hide(), without breaking downstream crates (for instance, s390x and arm64ec were stabilized in Rust 1.84.0).

• Rewrite the generic implementation to process one word at a time, instead of byte by byte. Depending on the architecture, this means 8 bytes or 4 bytes processed on each loop iteration.

... (truncated)

Commits

• 86f38ed Release 0.4.2
• c8b7924 Update count_instructions to 0.2.0
• 508e633 Small cleanups
• 421e49a Refactor DIT detection
• 039ea77 Release 0.4.1
• d2354c3 Merge branch 'reduce_unsafe'
• ef90980 WIP: cleanup
• 661b858 WIP: changelog
• d77ccd7 WIP: simplify generic code
• 3b8be90 WIP: simplify NEON code
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)