From 2a1715a588953b2d21030f4019bf5565272a51d8 Mon Sep 17 00:00:00 2001
From: Aaron Feickert <66188213+AaronFeickert@users.noreply.github.com>
Date: Mon, 15 Jul 2024 03:11:04 -0500
Subject: [PATCH] feat: use constant-time equality checking for DHKE (#232)

This PR ensures that `DiffieHellmanSharedSecret` equality testing is
done in constant time.

Previously, this equality testing was offloaded to the underlying
`PublicKey` type. While this type supports the `ConstantTimeEq` trait,
it is not guaranteed that equality testing will use this in all
implementations.
---
 src/dhke.rs | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/dhke.rs b/src/dhke.rs
index 0ab1c6c..8f524d6 100644
--- a/src/dhke.rs
+++ b/src/dhke.rs
@@ -18,7 +18,7 @@ use zeroize::{Zeroize, ZeroizeOnDrop};
 use crate::keys::PublicKey;
 
 /// The result of a Diffie-Hellman key exchange
-#[derive(PartialEq, Eq, Zeroize, ZeroizeOnDrop)]
+#[derive(Zeroize, ZeroizeOnDrop)]
 pub struct DiffieHellmanSharedSecret<P>(P)
 where P: PublicKey;
 
@@ -52,6 +52,16 @@ where P: PublicKey
     }
 }
 
+impl<P> Eq for DiffieHellmanSharedSecret<P> where P: PublicKey {}
+
+impl<P> PartialEq for DiffieHellmanSharedSecret<P>
+where P: PublicKey
+{
+    fn eq(&self, other: &Self) -> bool {
+        self.0.ct_eq(&other.0).into()
+    }
+}
+
 #[cfg(test)]
 mod test {
     use rand_core::OsRng;