Google Releases Crypto Test Suite
In cryptography, subtle mistakes can have catastrophic consequences, and mistakes in open source cryptographic software libraries repeat too often and remain undiscovered for too long. Good implementation guidelines, however, are hard to come by: understanding how to implement cryptography securely requires digesting decades' worth of academic literature. We recognize that software engineers fix and prevent bugs with unit testing, and we found that many cryptographic issues can be resolved by the same means
The tool has already found over 40 security bugs in cryptographic libraries, which are (all? mostly?) currently being fixed.
Posted on December 20, 2016 at 6:12 AM • 11 Comments