Which algorithms does this skill support?

It supports a wide range of standard algorithms including AES-GCM, RSA, ECDSA, EdDSA, ECDH, HMAC, and ChaCha20-Poly1305.

Is it suitable for custom cryptographic algorithms?

Wycheproof is specifically designed for established, standardized cryptographic constructions rather than experimental or proprietary algorithms.

Can I use this for CI/CD automation?

Yes, this skill provides patterns for integrating Wycheproof via git submodules or automated fetch scripts to ensure ongoing security compliance.

Wycheproof is a collection of test vectors developed by Google to check cryptographic libraries for known attacks and edge cases.

Does it detect timing side-channel attacks?

No, Wycheproof focuses on implementation correctness and logical edge cases. Timing attacks require specialized constant-time testing tools.

Wycheproof Crypto Testing

Name: Wycheproof Crypto Testing
Author: trailofbits

bytrailofbits

•

939

Seguridad y Pruebas

Validates cryptographic implementations against known attack vectors and edge cases using Project Wycheproof test vectors.

Acerca de

This skill integrates Project Wycheproof's extensive collection of test vectors into your development workflow to ensure the correctness and security of cryptographic code. It helps developers and security auditors verify implementations of algorithms like AES-GCM, RSA, and ECDSA against vulnerabilities such as signature malleability, invalid curve attacks, and padding oracles. By providing domain-specific guidance on parsing JSON test vectors and constructing robust test harnesses, it streamlines the process of identifying subtle cryptographic bugs that standard unit tests often miss.

Características Principales

Detection of signature malleability and invalid curve attacks
Comprehensive test vectors for AES, RSA, ECDSA, and EdDSA
Multi-language support for Python and JavaScript harnesses
Schema-based parsing for structured cryptographic test groups
Guidance on CI/CD integration for automated crypto validation
939 GitHub stars

Casos de Uso

Implementing robust test suites for custom blockchain or security protocols
Verifying that library updates haven't introduced regressions in edge-case handling
Auditing third-party cryptographic libraries for security vulnerabilities

Acerca de

Características Principales

Detection of signature malleability and invalid curve attacks
Comprehensive test vectors for AES, RSA, ECDSA, and EdDSA
Multi-language support for Python and JavaScript harnesses
Schema-based parsing for structured cryptographic test groups
Guidance on CI/CD integration for automated crypto validation
939 GitHub stars

Casos de Uso

Implementing robust test suites for custom blockchain or security protocols
Verifying that library updates haven't introduced regressions in edge-case handling
Auditing third-party cryptographic libraries for security vulnerabilities