wycheproof
wycheproof copied to clipboard
C2SP
Add Go AES-GCM tests.
This is a preliminary piece of work, beginning to apply Wycheproof to Golang's crypto library.
Some tests fail for minor issues, but I thought it more important to mirror the Java tests accurately than to achieve no failures.
Tests that fail:
- AllVectors - The Go crypto library allows you to force a non-standard sized nonce. If forced, it will allow a zero size nonce.
- IVReuse - The Go crypto library does not track IVs, and thus allows IV reuse.
- ByteArrayTooShort - Go does not throw an error on writing to an array that is too short, the write fails silently. This behaviour differs from the Java behaviour.
- EncryptWithPlaintextWithEmptyIv (forced) - See 1.
- DecryptWithEmptyIv (forced) - See 1.
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).
:memo: Please visit https://cla.developers.google.com/ to sign.
Once you've signed (or fixed any issues), please reply here (e.g. I signed it!) and we'll verify it.
What to do if you already signed the CLA
Individual signers
- It's possible we don't have your GitHub username or you're using a different email address on your commit. Check your existing CLA data and verify that your email is set on your git commits.
Corporate signers
- Your company has a Point of Contact who decides which employees are authorized to participate. Ask your POC to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the Google project maintainer to go/cla#troubleshoot (Public version).
- The email used to register you as an authorized contributor must be the email used for the Git commit. Check your existing CLA data and verify that your email is set on your git commits.
- The email used to register you as an authorized contributor must also be attached to your GitHub account.
We'll take a look. In order to merge something, our internal tooling requires us to sync internal changes to here first, but we're blocked by a logistic issue that prevents us from updating this repo.
Stay tuned!
The logistic issue was resolved. I'm trying to merge this by the end of this week.
This PR is on hold because it's not clear atm that we'd have resources to maintain new test drivers.
Following up after a long while... I'm going to close this PR as maintaining additional drivers is out of scope, as alluded to previously.
If you haven't already seen it, you may be interested in https://cs.opensource.google/go/x/crypto/+/master:internal/wycheproof/.
Those tests include coverage for a large chunk of the Go crypto libraries. For reference., the AES-GCM tests can be found here alongside other AEADs.
