Another issue where opinions might be very helpful is the question whether some tests should be split into more files. Currently, algorithms for symmetric encryption have just one test file, that mixes tests for encryption and decryption. In other cases (e.g. RSA encryption) test vectors that require indistinguishable behavior during decryption are mixed with test vectors for other purposes. Maybe it would be preferable to split the test files for different purposes (e.g. one for encryption and and one for decryption). It might even make sense to add separate tests for invalid/insecure or otherwise strange parameter selections.

As a consumer, I find it helpful if things are split if there's a genuine reason to support one but not the other (e.g., different files for different EC curves), or if the tests are for different things (e.g., different files for signing vs. verification). But other than that, big files are fine.

Makes sense. I think I'm already trying to go in this direction. The upper limit for the file size is about 1 MB, simply because some tools stop displaying or formatting them properly when the files are larger than this limit.