gonzalo-bulnes / dice Goto Github PK
View Code? Open in Web Editor NEW๐ฒ Lookup dice-generated passphrases from EFF's long wordlist.
License: GNU General Public License v3.0
๐ฒ Lookup dice-generated passphrases from EFF's long wordlist.
License: GNU General Public License v3.0
Dice is about passwords (passphrases).
What kind of security implications does that have?
What should we take into consideration when writing it?
What should we consider when using it?
I started thinking more seriously about this when considering what problem would be addressed by making sure that:
[Users] can take the list that ships with the application and verify it is the same as the one provided by EFF themselves. (source)
And after some relfection I think that dice
does not deserve the security scrutiny that one could think of at first, or rather, that probably:
Nobody should use
dice
unless they understand its code.
If you find that a bit disapoining, so do I! But before getting to why I think that, I believe the implications are that:
The main
function needs some refactoring (for example: #4).
But refactoring requires being able to run some tests to ensure that the code behaviour hasn't changed.
I like to use dependency injection, and replacing STDIN
, STDOUT
by variables to test the output of my command line programs (example code, test).
I'm not sure how to achieve that in Rust yet, and would appreciate any suggestion!
The program welcome message and instructions make extensive use of the println!
macro, because they run across multiple lines, and long lines are difficult to read in the code as well.
A raw string litteral could be used instead, that would:
println!
: )Note: I'd like to add some tests around this to make the refactoring easier, but I'll be more than happy to accept a contribution based on manual testing if I haven't added them when you pick it up!
Edit: If you are looking to make your first (or second, or third!) open-source contribution, welcome! You can read the original comments in chronological order for context, or jump to the issue re-definition below! ๐
As it is currently, that long piece of data (7776 numbers -dice throws- and 7776 words) is bloating the dice/wordlist/mod.rs
file.
Github does a pretty good job, only skipping syntactic coloration for those lines, but otherwise editing the file isn't pleasant. Also, the data is unlikely to change while the logic certainly will.
I made an attempt to move the throws
and words
definitions to a different file, but Rust didn't like the variable assignments outside a function. I then tried encapsulating them in two functions, but got a bit lots with the ownership details as that implied extra borrowing...
I certainly need to understand better the ownership model, but I'm also sure there must be a pattern for this use case. Do you know of one? Please let me know! ๐
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.