Revert "feat: add constant-time equality checking"

This reverts commit 004f3da.

Author: seqre

Cargo.lock

@@ -11,11 +11,11 @@ documentation = "https://docs.rs/secure-string/"
 edition = "2021"
 
 [dependencies]
-libc = "0.2"
-zeroize = { version = "1", features = ["std"] }
-serde = { version = "1", optional = true }
-subtle = "2"
+libc = "0.2.148"
+zeroize = { version = "1.6.0", features = ["std"] }
+serde = { version = "1.0.188", optional = true }
 
 [dev-dependencies]
+pre = "0.2.1"
 serde_cbor = "0.11"
-serde_json = "1"
+serde_json = "1.0.105"

Cargo.toml

@@ -4,7 +4,6 @@ use std::{
     str::FromStr,
 };
 
-use subtle::ConstantTimeEq;
 use zeroize::Zeroize;
 
 use crate::secure_utils::memlock;
@@ -18,7 +17,7 @@ use crate::secure_utils::memlock;
 /// - Automatic `madvise(MADV_NOCORE/MADV_DONTDUMP)` to protect against leaking into core dumps (FreeBSD, DragonflyBSD, Linux)
 ///
 /// Comparisons using the `PartialEq` implementation are undefined behavior (and most likely wrong) if `T` has any padding bytes.
-#[derive(Eq, PartialOrd, Ord, Hash)]
+#[derive(Eq, PartialEq, PartialOrd, Ord, Hash)]
 pub struct SecureArray<T, const LENGTH: usize>
 where
     T: Copy + Zeroize,
@@ -57,29 +56,6 @@ impl<T: Copy + Zeroize, const LENGTH: usize> Clone for SecureArray<T, LENGTH> {
     }
 }
 
-impl<T, const LENGTH: usize> PartialEq for SecureArray<T, LENGTH>
-where
-    T: Copy + Zeroize,
-{
-    fn eq(&self, other: &Self) -> bool {
-        let self_bytes = unsafe {
-            std::slice::from_raw_parts(
-                self.content.as_ptr() as *const T as *const u8,
-                LENGTH * std::mem::size_of::<T>(),
-            )
-        };
-
-        let other_bytes = unsafe {
-            std::slice::from_raw_parts(
-                other.content.as_ptr() as *const T as *const u8,
-                LENGTH * std::mem::size_of::<T>(),
-            )
-        };
-        
-        self_bytes.ct_eq(other_bytes).into()
-    }
-}
-
 // Creation
 impl<T, const LENGTH: usize> From<[T; LENGTH]> for SecureArray<T, LENGTH>
 where

src/secure_types/array.rs

@@ -4,7 +4,6 @@ use std::{
     mem::MaybeUninit,
 };
 
-use subtle::ConstantTimeEq;
 use zeroize::Zeroize;
 
 use crate::secure_utils::memlock;
@@ -18,7 +17,7 @@ use crate::secure_utils::memlock;
 /// - Automatic `madvise(MADV_NOCORE/MADV_DONTDUMP)` to protect against leaking into core dumps (FreeBSD, DragonflyBSD, Linux)
 ///
 /// Comparisons using the `PartialEq` implementation are undefined behavior (and most likely wrong) if `T` has any padding bytes.
-#[derive(Eq, PartialOrd, Ord, Hash)]
+#[derive(Eq, PartialEq, PartialOrd, Ord, Hash)]
 pub struct SecureBox<T>
 where
     T: Copy,
@@ -54,29 +53,6 @@ impl<T: Copy> Clone for SecureBox<T> {
     }
 }
 
-impl<T> PartialEq for SecureBox<T>
-where
-    T: Copy,
-{
-    fn eq(&self, other: &Self) -> bool {
-        let self_bytes = unsafe {
-            std::slice::from_raw_parts(
-                self.content.as_ref().expect("SecureBox content should always be Some").as_ref() as *const T as *const u8,
-                std::mem::size_of::<T>(),
-            )
-        };
-        
-        let other_bytes = unsafe {
-            std::slice::from_raw_parts(
-                other.content.as_ref().expect("SecureBox content should always be Some").as_ref() as *const T as *const u8,
-                std::mem::size_of::<T>(),
-            )
-        };
-        
-        self_bytes.ct_eq(other_bytes).into()
-    }
-}
-
 // Delegate indexing
 impl<T, U> std::ops::Index<U> for SecureBox<T>
 where