diff --git a/digest/CHANGELOG.md b/digest/CHANGELOG.md
index 35427260f..8d614e628 100644
--- a/digest/CHANGELOG.md
+++ b/digest/CHANGELOG.md
@@ -27,6 +27,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - `HashReader` and `HashWriter` are moved to the `digest-io` crate ([#1809])
 - `io::Write/Read` implementations in favor of the `digest_io::IoWrapper` type ([#1809])
 - `VariableOutput` trait ([#2043])
+- Implementation of `subtle::ConstantTimeEq` for `CtOutput`. Note that implementation of
+  `PartialEq`/`Eq` trait is still const time. ([#2292])
 
 [#1173]: https://github.com/RustCrypto/traits/pull/1173
 [#1334]: https://github.com/RustCrypto/traits/pull/1334
@@ -38,6 +40,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 [#1958]: https://github.com/RustCrypto/traits/pull/1958
 [#2043]: https://github.com/RustCrypto/traits/pull/2043
 [#2237]: https://github.com/RustCrypto/traits/pull/2237
+[#2292]: https://github.com/RustCrypto/traits/pull/2292
 
 ## 0.10.7 (2023-05-19)
 ### Changed
diff --git a/digest/src/mac.rs b/digest/src/mac.rs
index a482b8883..2fa86360b 100644
--- a/digest/src/mac.rs
+++ b/digest/src/mac.rs
@@ -3,7 +3,7 @@ use common::{Output, OutputSizeUser, Reset};
 
 use common::typenum::Unsigned;
 use core::fmt;
-use subtle::{Choice, ConstantTimeEq};
+use subtle::ConstantTimeEq;
 
 /// Marker trait for Message Authentication algorithms.
 pub trait MacMarker {}
@@ -215,17 +215,10 @@ impl<'a, T: OutputSizeUser> From<&'a Output<T>> for CtOutput<T> {
     }
 }
 
-impl<T: OutputSizeUser> ConstantTimeEq for CtOutput<T> {
-    #[inline(always)]
-    fn ct_eq(&self, other: &Self) -> Choice {
-        self.bytes.ct_eq(&other.bytes)
-    }
-}
-
 impl<T: OutputSizeUser> PartialEq for CtOutput<T> {
     #[inline(always)]
-    fn eq(&self, x: &CtOutput<T>) -> bool {
-        self.ct_eq(x).into()
+    fn eq(&self, other: &CtOutput<T>) -> bool {
+        self.bytes.ct_eq(&other.bytes).into()
     }
 }