(Why) is a toy password manager a too complex summer project?

This page summarizes the projects mentioned and recommended in the original post on /r/rust
Cryptography

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • pbrt-v3

    Source code for pbrt, the renderer described in the third edition of "Physically Based Rendering: From Theory To Implementation", by Matt Pharr, Wenzel Jakob, and Greg Humphreys.

    • Making a “complete” one is a never-ending rabbit hole you can spend a lifetime on and is a very active area of research covering more advanced geometry, probability, optics, machine learning etc etc. A great introduction to that is https://pbrt.org

  • password-hashes

    Password hashing functions / KDFs

    • I would say a toy (or personal-use-only) password manager is a relatively simple project. If we are to forget about the GUI parts, you need to determine serialization of your password database (bincode + serde should be enough) and how to encrypt it. For the latter you need only two algorithms: a password hash for deriving encryption key from password and optional salt (the latter is usually randomly generated and stored as a "key file"), and an AEAD algorithm for encrypting and decrypting serialized database. There are certain pitfalls with encryption (e.g. you should not reuse nonce with the same key, especially with modes like GCM) and with properly erasing sensitive data from memory, as well as preventing it from leaking to things like swap, but learning about those is part of the learning experience.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • RustCrypto

    Authenticated Encryption with Associated Data Algorithms: high-level encryption ciphers

    • I would say a toy (or personal-use-only) password manager is a relatively simple project. If we are to forget about the GUI parts, you need to determine serialization of your password database (bincode + serde should be enough) and how to encrypt it. For the latter you need only two algorithms: a password hash for deriving encryption key from password and optional salt (the latter is usually randomly generated and stored as a "key file"), and an AEAD algorithm for encrypting and decrypting serialized database. There are certain pitfalls with encryption (e.g. you should not reuse nonce with the same key, especially with modes like GCM) and with properly erasing sensitive data from memory, as well as preventing it from leaking to things like swap, but learning about those is part of the learning experience.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts