Only derive PartialEq and Eq for PrivateKey for tests

We shouldn't compare private keys in prod for side-channel resilience. Ideally
we shouldn't clone too. We currently do for storage. Fixing this would probably
require to serialize the private key in the credential struct.

src/ctap/data_formats.rs

@@ -571,7 +571,8 @@ impl TryFrom<cbor::Value> for CredentialProtectionPolicy {
 //
 // Note that we only use the WebAuthn definition as an example. This data-structure is not specified
 // by FIDO. In particular we may choose how we serialize and deserialize it.
-#[derive(Clone, Debug, PartialEq, Eq)]
+#[derive(Clone, Debug)]
+#[cfg_attr(test, derive(PartialEq, Eq))]
 pub struct PublicKeyCredentialSource {
     pub key_type: PublicKeyCredentialType,
     pub credential_id: Vec<u8>,