[Cryptography] What faults would you inject to test crypto mechanisms/protocols?

[Peter Gutmann]

Dmitry Belyavsky <beldmit at gmail.com> writes:

> What check is to catch the Apple "gotofail" bug?

There's no specific check to catch it, or more specifically you don't need to
code in a special-case check for it, since it would be caught by any of:

>     Wrong certificate/key
>     Handshake message corruption
>     Bad signature - wrong hash value
>     Bad signature - data corrupted

all of which will lead to a sig-check failure for various reasons.

Peter.