[patch] Add tests for NIST CAVP hash tests

Werner Koch wk at gnupg.org
Mon Jun 8 19:30:02 CEST 2009

On Mon,  8 Jun 2009 13:00, bradh at frogmouth.net said:

> The attached patch adds a test generator (in python) that uses the NIST CAVP 
> Secure Hash Standard (SHA1, SHA2) test cases. The tests are 2.7M (zipped) and 

Hmmm, did you missed that we have a full CAVS test suite in Libgcrypt?
Libgcrypt 1.4.4 actually passed the entire test suite (hash, cipher
pubkey random).  If you look at the NIST database you will find an entry
for Libgcrypt.

The driver script tests/cavs_test.sh has instructions on how to run the
test.  As input you need the REQ files and it will generate and zip the
RSP files.  The interface between the script and libgcrypt is
tests/fipsdrv.c . 

A script to generate the input data and another one to check
the response might be useful, however we can also use a fixed set of
files and put them on ftp.gnupg.org.  I can check whether the set I use
can be made public.  What is missing is the code to check the response.

BTW, I'd like to avoid yet another script language because we already
have AWK (which is POSIX) and Perl.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gcrypt-devel mailing list