[tahoe-dev] protecting against bugs in our own crypto code

Jack Lloyd lloyd at randombit.net
Wed May 7 11:22:50 PDT 2008


On Wed, May 07, 2008 at 11:05:47AM -0600, zooko wrote:

> This sounds exactly right.  We should have test vectors in Tahoe
> showing what a correctly encrypted SSK file looks like, and the Tahoe
> unit tests should decrypt it and verify its plaintext.

Ideally, I think you would want two sets of tests: one fixed and
presumably correct set of inputs that are fed into the decoder, along
with a set that are created + decoded with each test. The fixed inputs
detects any errors in the decoding process, and the second set tests
encoding. Otherwise you could miss, for instance, that your AES
encryption routines were miscompiled while decryption worked fine
(don't laugh! I've seen it happen).

</qa soapbox>

I readily admit I do not always practice what I preach. And I'm sure
if I cared that much I could send you patches, but, alas, I am lazy. :)
What's that quote... "I love work, I could watch it all day"?

-Jack


More information about the tahoe-dev mailing list