Update to bitflags v2, bump to 0.10.1

[DJAndries]

[rozbb]

Thank you for the PR! Some points:

1. Since this is a security-sensitive crate, I try not to do dep updates unless they come with a security fix or performance benefit. Do you know if either is the case for bitflags?
2. This is a breaking change, since they changed their serialization format in 2.0. A change here would also have to pull in the linked legacy serialization crate.
3. Nit: calling clear() is not the same thing as calling bits.zeroize(), since the latter does a volitile write. Basically attempts to make sure that the instruction is not ignored by an optimizing compiler/CPU.

[DJAndries]

Thank you for the PR! Some points:

Thank you kindly for taking a look.

1. Since this is a security-sensitive crate, I try not to do dep updates unless they come with a security fix or performance benefit. Do you know if either is the case for bitflags?

In our project, we're in the process of consolidating some of our dependencies and removing duplicate crate versions wherever possible. We're focusing on removing bitflags v1.

2. This is a breaking change, since they changed their serialization format in 2.0. A change here would also have to pull in the linked legacy serialization crate.

Good point, I didn't consider that. Amended to include legacy serialization.

3. Nit: calling clear() is not the same thing as calling bits.zeroize(), since the latter does a volitile write. Basically attempts to make sure that the instruction is not ignored by an optimizing compiler/CPU.

Right. Replaced with a volatile write, thanks.

[rozbb]

Will merge. Currently trying to fix the MSRV testing stuff here

[rozbb]

Superceded by #14 . Thank you!!