Derive Eq, Hash for CsrfToken

[jhpratt]

Can #[derive(PartialEq, Eq, Hash)] be added to CsrfToken? This would allow usage within HashSet and BTreeSet, which would let me keep track of outstanding tokens. The only alternative I can think of is to use a Vec, but that's O(n), which obviously isn't ideal.

[ramosbugs]

These traits are intentionally omitted from the types that wrap secrets in order to prevent timing side channels. To safely use CSRF tokens and other secrets as lookups in data structures, I recommend creating another wrapper type that only performs comparisons on a collision- and preimage-resistant hash (e.g., SHA-2) of the underlying secret and never compares the raw secrets themselves.

In theory we could implement the traits above directly on CsrfToken and the other secret types using a SHA-2 variant, but I think it would surprise users (i.e., violate the principle of least astonishment) to implement those traits in a computationally-expensive manner. I would be open to a PR that adds those traits behind a feature flag (e.g., timing-resistant-secret-traits), though.

[jhpratt]

Using a dedicated crate (like sha2, as mentioned) to hash and compare seems reasonable, and wouldn't require much effort on my end.

Timing attacks are always one thing I never think about — which is why it's best to leave it to others!

Thank you for the quick response. I'll close this, as I won't have a ton of time to put together a proper pull request.