1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

//! [`BoxedUint`] comparisons.
//!
//! By default these are all constant-time and use the `subtle` crate.

use super::BoxedUint;
use crate::Limb;
use subtle::{Choice, ConstantTimeEq};

impl ConstantTimeEq for BoxedUint {
    #[inline]
    fn ct_eq(&self, other: &Self) -> Choice {
        let (shorter, longer) = Self::sort_by_precision(self, other);
        let mut ret = Choice::from(1u8);

        for i in 0..longer.limbs.len() {
            let a = shorter.limbs.get(i).unwrap_or(&Limb::ZERO);
            let b = longer.limbs.get(i).unwrap_or(&Limb::ZERO);
            ret &= a.ct_eq(b);
        }

        ret
    }
}

impl Eq for BoxedUint {}
impl PartialEq for BoxedUint {
    fn eq(&self, other: &Self) -> bool {
        self.ct_eq(other).into()
    }
}

#[cfg(test)]
mod tests {
    use super::BoxedUint;
    use subtle::ConstantTimeEq;

    #[test]
    fn ct_eq() {
        let a = BoxedUint::zero();
        let b = BoxedUint::one();

        assert!(bool::from(a.ct_eq(&a)));
        assert!(!bool::from(a.ct_eq(&b)));
        assert!(!bool::from(b.ct_eq(&a)));
        assert!(bool::from(b.ct_eq(&b)));
    }
}