Resolve #268 by adding a Zeroize to DigestTranscript which writes a full block

This is a 'better-than-nothing' attempt to invalidate its state.

Also replaces black_box features with usage of the rustversion crate.

crypto/multiexp/Cargo.toml

@@ -13,6 +13,8 @@ all-features = true
 rustdoc-args = ["--cfg", "docsrs"]
 
 [dependencies]
+rustversion = "1"
+
 zeroize = { version = "^1.5", features = ["zeroize_derive"] }
 
 ff = "0.13"
@@ -27,5 +29,4 @@ k256 = { version = "0.13", features = ["bits"] }
 dalek-ff-group = { path = "../dalek-ff-group" }
 
 [features]
-black_box = []
 batch = ["rand_core"]

crypto/multiexp/src/lib.rs

@@ -22,14 +22,11 @@ pub use batch::BatchVerifier;
 #[cfg(test)]
 mod tests;
 
-// Feature gated due to MSRV requirements
-#[cfg(feature = "black_box")]
-pub(crate) fn black_box<T>(val: T) -> T {
-  core::hint::black_box(val)
-}
-
-#[cfg(not(feature = "black_box"))]
-pub(crate) fn black_box<T>(val: T) -> T {
+// Use black_box when possible
+#[rustversion::since(1.66)]
+use core::hint::black_box;
+#[rustversion::before(1.66)]
+fn black_box<T>(val: T) -> T {
   val
 }