From 97407152d735e4741dbe992272d9ba2c2cd3db00 Mon Sep 17 00:00:00 2001
From: Aaron Feickert <66188213+AaronFeickert@users.noreply.github.com>
Date: Wed, 3 Jul 2024 10:17:32 -0500
Subject: [PATCH] Use constant-time equality checking for DHKE

---
 src/dhke.rs | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/dhke.rs b/src/dhke.rs
index 0ab1c6c..8f524d6 100644
--- a/src/dhke.rs
+++ b/src/dhke.rs
@@ -18,7 +18,7 @@ use zeroize::{Zeroize, ZeroizeOnDrop};
 use crate::keys::PublicKey;
 
 /// The result of a Diffie-Hellman key exchange
-#[derive(PartialEq, Eq, Zeroize, ZeroizeOnDrop)]
+#[derive(Zeroize, ZeroizeOnDrop)]
 pub struct DiffieHellmanSharedSecret<P>(P)
 where P: PublicKey;
 
@@ -52,6 +52,16 @@ where P: PublicKey
     }
 }
 
+impl<P> Eq for DiffieHellmanSharedSecret<P> where P: PublicKey {}
+
+impl<P> PartialEq for DiffieHellmanSharedSecret<P>
+where P: PublicKey
+{
+    fn eq(&self, other: &Self) -> bool {
+        self.0.ct_eq(&other.0).into()
+    }
+}
+
 #[cfg(test)]
 mod test {
     use rand_core::OsRng;