Wycheproof
Skill AktivWycheproof provides test vectors for validating cryptographic implementations. Use when testing crypto code for known attacks and edge cases.
To equip developers and security auditors with a robust set of test vectors to ensure the correctness and security of cryptographic implementations.
Funktionen
- Provides test vectors for numerous cryptographic algorithms
- Details on test file structure and attributes
- Implementation guides for various languages (Python, JavaScript)
- Guidance on CI integration and updating test vectors
- Explanations of common cryptographic vulnerabilities
Anwendungsfälle
- Validating AES-GCM, ECDSA, ECDH, RSA, and other cryptographic implementations
- Testing crypto code for known attacks and edge cases
- Setting up CI/CD pipelines for cryptographic libraries
- Auditing third-party cryptographic code for correctness
Nicht-Ziele
- Finding new, unknown bugs (use fuzzing instead)
- Testing for timing side-channels (use constant-time testing tools)
- Testing custom or experimental cryptographic algorithms
Workflow
- Setup: Add Wycheproof as submodule or fetch test vectors
- Parse Test Vectors: Load JSON file and filter by parameters
- Write Harness: Test valid and invalid cases
- CI Integration: Auto-update test vectors
Trust
- warning:Issues AttentionIn the last 90 days, 13 issues were opened and 4 were closed, indicating maintainers respond slowly to open issues.
Installation
Zuerst Marketplace hinzufügen
/plugin marketplace add trailofbits/skills/plugin install testing-handbook-skills@trailofbitsQualitätspunktzahl
Vertrauenssignale
Ähnliche Erweiterungen
Context Mode Ops
100Verwalten Sie GitHub-Issues, PRs, Releases und Marketing mit parallelen Subagenten-Armeen im Context-Mode. Orchestriert 10-20 dynamische Agenten pro Aufgabe. Verwenden Sie dies bei der Triage von Issues, der Überprüfung von PRs, der Veröffentlichung von Versionen, dem Schreiben von LinkedIn-Posts, der Ankündigung von Releases, der Behebung von Fehlern, dem Mergen von Beiträgen, der Validierung von ENV-Variablen, dem Testen von Adaptern oder dem Synchronisieren von Branches.
Senior Backend Engineer
100Designs and implements backend systems including REST APIs, microservices, database architectures, authentication flows, and security hardening. Use when the user asks to "design REST APIs", "optimize database queries", "implement authentication", "build microservices", "review backend code", "set up GraphQL", "handle database migrations", or "load test APIs". Covers Node.js/Express/Fastify development, PostgreSQL optimization, API security, and backend architecture patterns.
Openclaw Testing
100Choose, run, rerun, or debug OpenClaw tests, CI checks, Docker E2E lanes, release validation, and the cheapest safe verification path.
Crabbox
100Use Crabbox for OpenClaw remote validation across Linux, macOS, Windows, and WSL2. Default to Blacksmith Testbox for broad Linux proof; includes direct Blacksmith and owned AWS/Hetzner fallback notes when Crabbox fails.
Plugin Test Runner
100Runs automated tests to validate plugin integrity across 14 categories. Use before creating PRs, after making changes to skills or templates, or to verify plugin health.
Perform Csv Assessment
99Perform a Computer Systems Validation (CSV) assessment following GAMP 5 methodology. Covers user requirements, risk assessment, IQ/OQ/PQ planning, traceability matrix creation, and validation summary reporting. Use when a new computerized system is being introduced in a GxP environment, when an existing validated system is undergoing significant change, when periodic revalidation is required, or when a regulatory inspection demands a validation gap analysis.