{"id":15034011,"url":"https://github.com/c2sp/wycheproof","last_synced_at":"2025-05-14T01:03:11.863Z","repository":{"id":41844482,"uuid":"73226302","full_name":"C2SP/wycheproof","owner":"C2SP","description":"Project Wycheproof tests crypto libraries against known attacks.","archived":false,"fork":false,"pushed_at":"2025-03-25T12:45:51.000Z","size":47287,"stargazers_count":2818,"open_issues_count":40,"forks_count":299,"subscribers_count":173,"default_branch":"master","last_synced_at":"2025-04-03T14:02:06.599Z","etag":null,"topics":["crypto","cryptography"],"latest_commit_sha":null,"homepage":"","language":"Starlark","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/C2SP.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-11-08T20:56:25.000Z","updated_at":"2025-04-02T20:55:38.000Z","dependencies_parsed_at":"2022-08-11T19:10:42.224Z","dependency_job_id":"b5cc63a0-b8b0-432c-9460-ff5647ea7ce6","html_url":"https://github.com/C2SP/wycheproof","commit_stats":null,"previous_names":["c2sp/wycheproof","google/wycheproof"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/C2SP%2Fwycheproof","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/C2SP%2Fwycheproof/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/C2SP%2Fwycheproof/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/C2SP%2Fwycheproof/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/C2SP","download_url":"https://codeload.github.com/C2SP/wycheproof/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248268066,"owners_count":21075507,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["crypto","cryptography"],"created_at":"2024-09-24T20:23:37.025Z","updated_at":"2025-04-10T18:10:12.043Z","avatar_url":"https://github.com/C2SP.png","language":"Starlark","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Project Wycheproof\n\n*Project Wycheproof is named after\n[Mount Wycheproof](https://en.wikipedia.org/wiki/Mount_Wycheproof), the smallest\nmountain in the world. The main motivation for the project is to have a goal\nthat is achievable. The smaller the mountain the more likely it is to be able to\nclimb it.*\n\n\u003e [!NOTE]\n\u003e Hello RWC 2024 attendees and others! Wycheproof recently moved to community\n\u003e maintenance thanks to the shared efforts of Google and C2SP.\n\u003e We are still working to update the README and documentation,\n\u003e but we welcome your feedback and look forward to your contributions!\n\n### Contributing\n\nIf you want to contribute, please read [CONTRIBUTING](CONTRIBUTING.md) and send\nus pull requests. You can also report bugs or request new tests.\n\n## Introduction\n\nProject Wycheproof contains test vectors that can be used to test crypto\nlibraries against known attacks.\n\nUnfortunately, in cryptography, subtle mistakes can have catastrophic\nconsequences, and we found that libraries fall into such implementation\npitfalls much too often and for much too long. Good implementation guidelines,\nhowever, are hard to come by: understanding how to implement cryptography\nsecurely requires digesting decades' worth of academic literature. We recognize\nthat software engineers fix and prevent bugs with unit testing, and we found\nthat cryptographic loopholes can be resolved by the same means.\n\nThese observations have prompted us to develop Project Wycheproof, a collection\nof test vectors that detect known weaknesses or check for expected behaviors of\nsome cryptographic algorithm. Project Wycheproof provides test vectors for most\ncryptographic algorithms, including RSA, elliptic curve crypto and\nauthenticated encryption. Our cryptographers have systematically surveyed the\nliterature and implemented most known attacks. We have over 80 test cases which\nhave uncovered more than [40 bugs](doc/bugs.md). For example, we found that we\ncould recover the private key of widely-used DSA and ECDHC implementations.\n\nWhile we are committed to develop vectors for as many attacks as possible,\nProject Wycheproof is by no means complete. Passing the test vectors does not\nimply that the library is secure, it just means that it is not vulnerable to the\nattacks that Project Wycheproof's vectors test for. Cryptographers are also\nconstantly discovering new attacks. Nevertheless, with Project Wycheproof\ndevelopers and users now can check their libraries against a large number of\nknown attacks, without having to spend years reading academic papers or become\ncryptographers themselves.\n\nFor more information on the goals and strategies of Project Wycheproof, please\ncheck out our [documentation](doc/).\n\n### Coverage\n\nProject Wycheproof has test vectors for the most popular crypto algorithms,\nincluding\n\n- AES-EAX\n- AES-GCM\n- ChaCha20-Poly1305\n- [DH](doc/dh.md)\n- DHIES\n- [DSA](doc/dsa.md)\n- [ECDH](doc/ecdh.md)\n- ECDSA\n- EdDSA\n- ECIES\n- HKDF\n- HMAC\n- [RSA](doc/rsa.md)\n- X25519, X448\n\nThe test vectors detect whether a library is vulnerable to many attacks,\nincluding\n\n*   Invalid curve attacks\n*   Biased nonces in digital signature schemes\n*   Of course, all Bleichenbacher’s attacks\n*   And many more -- we have over 80 test cases\n\n### Test Harnesses\n\nHistorically Wycheproof also included test harnesses (e.g. for Java and\nJavascript cryptography implementations) that tested a variety of attacks\ndirectly against implementations. Since transitioning to community support\nthese harnesses have [been removed][harness-rm] (but still exist in `git`\nhistory for interested parties at [cd27d64]). Our current focus is on\nimplementation-agnostic test vectors.\n\n[harness-rm]: https://github.com/C2SP/wycheproof/commit/d9b8297cc998fd1a11e64cdd585a671e8923f48b\n[cd27d64]: https://github.com/C2SP/wycheproof/tree/cd27d6419bedd83cbd24611ec54b6d4bfdb0cdca\n\n### Hall of Bugs\n\nHere are some of the notable vulnerabilities that are uncovered by\nProject Wycheproof's vectors, or test runners:\n\n*   OpenJDK's SHA1withDSA leaks private keys \u003e 1024 bits\n    *   Test: testBiasSha1WithDSA in [DsaTest][dsa-test].\n    *   This bug is the same as [CVE-2003-0971][cve-2003-0971] (\"GnuPG generated\n        ElGamal signatures that leaked the private key\").\n\n*   Bouncy Castle's ECDHC leaks private keys\n    *   Test: testModifiedPublic and testWrongOrderEcdhc in\n        [EcdhTest][ecdh-test].\n\n[dsa-test]: https://github.com/C2SP/wycheproof/blob/cd27d6419bedd83cbd24611ec54b6d4bfdb0cdca/java/com/google/security/wycheproof/testcases/DsaTest.java\n[cve-2003-0971]: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0971\n[ecdh-test]: https://github.com/C2SP/wycheproof/blob/cd27d6419bedd83cbd24611ec54b6d4bfdb0cdca/java/com/google/security/wycheproof/testcases/EcdhTest.java\n\n### Credit\n\nProject Wycheproof was originally created and maintained by:\n\n*   Daniel Bleichenbacher\n*   Thai Duong\n*   Emilia Kasper\n*   Quan Nguyen\n*   Charles Lee\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fc2sp%2Fwycheproof","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fc2sp%2Fwycheproof","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fc2sp%2Fwycheproof/lists"}