Our great sponsors
-
pbrt-v3
Source code for pbrt, the renderer described in the third edition of "Physically Based Rendering: From Theory To Implementation", by Matt Pharr, Wenzel Jakob, and Greg Humphreys.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Making a “complete” one is a never-ending rabbit hole you can spend a lifetime on and is a very active area of research covering more advanced geometry, probability, optics, machine learning etc etc. A great introduction to that is https://pbrt.org
I would say a toy (or personal-use-only) password manager is a relatively simple project. If we are to forget about the GUI parts, you need to determine serialization of your password database (bincode + serde should be enough) and how to encrypt it. For the latter you need only two algorithms: a password hash for deriving encryption key from password and optional salt (the latter is usually randomly generated and stored as a "key file"), and an AEAD algorithm for encrypting and decrypting serialized database. There are certain pitfalls with encryption (e.g. you should not reuse nonce with the same key, especially with modes like GCM) and with properly erasing sensitive data from memory, as well as preventing it from leaking to things like swap, but learning about those is part of the learning experience.
I would say a toy (or personal-use-only) password manager is a relatively simple project. If we are to forget about the GUI parts, you need to determine serialization of your password database (bincode + serde should be enough) and how to encrypt it. For the latter you need only two algorithms: a password hash for deriving encryption key from password and optional salt (the latter is usually randomly generated and stored as a "key file"), and an AEAD algorithm for encrypting and decrypting serialized database. There are certain pitfalls with encryption (e.g. you should not reuse nonce with the same key, especially with modes like GCM) and with properly erasing sensitive data from memory, as well as preventing it from leaking to things like swap, but learning about those is part of the learning experience.
Related posts
- RVM Ruby 2.6.0 — built with custom openssl version on Ubuntu 22.04
- Badkeys tool can detect xz backdoor RSA keys
- A Practical Approach to Quantum-Resistant JWTs
- OpenPubkey: Protocol for leveraging OpenID to bind identities to public keys
- Randar: A Minecraft exploit that uses LLL lattice reduction to crack server RNG