Implement Debug and Eq for ExpandedSecretKey (#748)

daxpedda · web-flow · commit ea6ffc354ec2 · 2025-06-04T10:27:23.000-04:00
diff --git a/ed25519-dalek/src/hazmat.rs b/ed25519-dalek/src/hazmat.rs
@@ -13,10 +13,13 @@
 // defined.
 #![allow(dead_code)]
 
+use core::fmt::Debug;
+
 use crate::{InternalError, SignatureError};
 
 use curve25519_dalek::scalar::{clamp_integer, Scalar};
 
+use subtle::{Choice, ConstantTimeEq};
 #[cfg(feature = "zeroize")]
 use zeroize::{Zeroize, ZeroizeOnDrop};
 
@@ -41,6 +44,26 @@ pub struct ExpandedSecretKey {
     pub hash_prefix: [u8; 32],
 }
 
+impl Debug for ExpandedSecretKey {
+    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
+        f.debug_struct("ExpandedSecretKey").finish_non_exhaustive() // avoids printing secrets
+    }
+}
+
+impl ConstantTimeEq for ExpandedSecretKey {
+    fn ct_eq(&self, other: &Self) -> Choice {
+        self.scalar.ct_eq(&other.scalar) & self.hash_prefix.ct_eq(&other.hash_prefix)
+    }
+}
+
+impl PartialEq for ExpandedSecretKey {
+    fn eq(&self, other: &Self) -> bool {
+        self.ct_eq(other).into()
+    }
+}
+
+impl Eq for ExpandedSecretKey {}
+
 #[cfg(feature = "zeroize")]
 impl Drop for ExpandedSecretKey {
     fn drop(&mut self) {
