[acqq]

I guess the real question is why don't we, would-be "hackers" do our own tests of our own keys (and of our communication partners) at least for such obvious problems?

Why should we wait for somebody else to run a few obvious algorithms on our own keys?

Anybody knows what to use and has a good recipe?

The goal should be, don't trust the program which generated the keys, extract them and run the independent tests. I guess a lot of people would gladly use some time for that.