A generic interface for cryptographic operations, platform independent quality RNG, property tests and known-answer tests (KATs) for common algorithms, and a basic benchmark infrastructure.



Using crypto-api for testing is absurdly simple and particularly useful if you are implementing one of the algorithms for which NIST CAVP provides known answer tests (KATs). For example:

    import Test.SHA
    import Test.HMAC
    import Test.Crypto
    import Data.CryptoHash.SHA512
    import Data.CryptoHash.SHA384

    main = do
        t1 <- makeSHA512Tests (undefined :: SHA512)
        t2 <- makeSHA384Tests (undefined :: SHA384)        
        runTests (concat [t1,t2])

        h1 <- makeSHA512HMACTests (undefined :: SHA512)
        h2 <- makeSHA384HMACTests (undefined :: SHA384)
        runTests $ concat [h1,h2]

And the run:

    [tommd@Mavlo Test]$ ghc --make sha.hs
    [1 of 1] Compiling Main             ( sha.hs, sha.o )
    Linking sha ...
    [tommd@Mavlo Test]$ ./sha | grep True | wc -l
    [tommd@Mavlo Test]$ ./sha | grep False | wc -l


Benchmarks for RNGs, block ciphers, and hashes are included. Omitting the boiler plate instances and imports:

main = do
        [ benchmarkHash (undefined :: SHA512) "CryptoHash-SHA512"
        , benchmarkHash (undefined :: SHA512Digest) "SHA-SHA512"

Yields an (abbreviated) output of (names are Package-Algorithm/ByteString Type):

benchmarking CryptoHash-SHA512/lazy
mean: 3.177017 ms, lb 3.165977 ms, ub 3.190173 ms, ci 0.950
benchmarking CryptoHash-SHA512/strict
mean: 3.122165 ms, lb 3.112740 ms, ub 3.137940 ms, ci 0.950
benchmarking SHA-SHA512/lazy
mean: 56.43109 ms, lb 56.37325 ms, ub 56.51372 ms, ci 0.950
benchmarking SHA-SHA512/strict
mean: 56.07654 ms, lb 56.02566 ms, ub 56.14383 ms, ci 0.950