Programming question: This is Python code that produces a DER-encoded ECC signature.
Is there anything that can help avoid making mistakes when doing something like this? Are there validators or other tools one might use to produce binary data like this? What would you do?
what does chatgpt say?
I just tried:
When dealing with low-level binary encoding/decoding like this, it's essential to be precise and follow the standards precisely. One useful tool is to use pre-existing libraries or functions to perform the encoding/decoding to ensure compliance with the standards.
In Python, the cryptography library has functions for encoding/decoding ECDSA signatures in DER format, which could simplify the code and reduce the risk of mistakes.
Additionally, there are validation tools like https://lapo.it/asn1js/ that can check if the DER encoding follows the ASN.1 specification.
To avoid mistakes, it's crucial to have a good understanding of the specification and follow it strictly. Writing tests that validate the encoding/decoding against known values or testing with external libraries could also help catch mistakes.
I would try to find a standard / vetted C or C++ library and use that through python... I would always try to stay as far away as possible from implementing any cryptography related functions myself.
Have you tried property based testing with tools like hypothesis?
Someone has recommended me this, it's a very interesting tool:
