From f69cf9bb74ad5ee7002ac1e84caaad635b9b52b3 Mon Sep 17 00:00:00 2001
From: Justus Winter <justus@sequoia-pgp.org>
Date: Thu, 20 Dec 2018 18:04:46 +0100
Subject: openpgp: Time-constant eq for Passwords, SessionKeys.

---
 openpgp/src/crypto/mod.rs | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to 'openpgp')

diff --git a/openpgp/src/crypto/mod.rs b/openpgp/src/crypto/mod.rs
index 9da5a8d9..d3deb2e1 100644
--- a/openpgp/src/crypto/mod.rs
+++ b/openpgp/src/crypto/mod.rs
@@ -22,9 +22,15 @@ pub(crate) mod symmetric;
 /// Holds a session key.
 ///
 /// The session key is cleared when dropped.
-#[derive(Clone, PartialEq, Eq)]
+#[derive(Clone, Eq)]
 pub struct SessionKey(Box<[u8]>);
 
+impl PartialEq for SessionKey {
+    fn eq(&self, other: &Self) -> bool {
+        secure_cmp(&self.0, &other.0) == Ordering::Equal
+    }
+}
+
 impl SessionKey {
     /// Creates a new session key.
     pub fn new(rng: &mut Yarrow, size: usize) -> Self {
@@ -75,9 +81,15 @@ impl fmt::Debug for SessionKey {
 /// Holds a password.
 ///
 /// The password is cleared when dropped.
-#[derive(Clone, PartialEq, Eq)]
+#[derive(Clone, Eq)]
 pub struct Password(Box<[u8]>);
 
+impl PartialEq for Password {
+    fn eq(&self, other: &Self) -> bool {
+        secure_cmp(&self.0, &other.0) == Ordering::Equal
+    }
+}
+
 impl Deref for Password {
     type Target = [u8];
 
-- 
cgit v1.2.3