#!/usr/bin/env sed -re s|^|\x20\x20\x20\x20| -e s|^\x20{4}\x23\x23{(.*)$|<details><summary>\1</summary>\n| -e s|^\x20{4}\x23\x23}$|\n</details>| -e s|^\x20{4}\x23\x23\x20?|| -e s|\x0c|\x20|
# Yannakakis.py by Paul Khuong
#
# To the extent possible under law, the person who associated CC0 with
# Yannakakis.py has waived all copyright and related or neighboring rights
# to Yannakakis.py.
| # Pac-man orientation: v < > ∧ | |
| # . . . | |
| # .V. | |
| # . . . | |
| grid = [ | |
| [1, 1, 1, 1, 1], |
| # examples.py | |
| def example1(a: int): | |
| return a + 1 | |
| print(example1(2)) | |
| print(example1("hello")) | |
| def example2(a: int): | |
| return a * 3 |
It might seem like a silly exercise, but I was looking at the "NIST approved" algorithms in NaCl (i.e. AES, HMAC) and wondering if I could build an authenticated encryption system with them. djb lists AES-GCM as a "todo" secretbox primitive so unfortunately NaCl does not presently expose any AES-based authenticated encryption, only aes128ctr.
This is what I came up with using the algorithms available in NaCl:
A quick rundown:
Encrypt-then-MAC with AES-CTR (128-bit for now, 256-bit later!) encryption and HMAC SHA-512256 (i.e. SHA-512, truncated to 256-bits by NaCl via crypto_auth_hmacsha512256) authentication. MAC comparisons are performed using a NaCl supplied verifier function which is (hopefully!) constant time.
| # A demonstration of the CurveCP handshake protocol. This protocol has many | |
| # favorable security properties described at http://curvecp.org. | |
| # | |
| # In addition to its security advantages, it has the following favorable properties: | |
| # * Needs only 2 messages (1 from client, 1 from server) before application | |
| # messages can be exchanged (3 before the server can send application messages) | |
| # * Does not require the server to keep protocol state between handshake messages. | |
| # | |
| # An overview of the protocol: | |
| # |
| #!/usr/bin/ruby | |
| =begin | |
| Planter v1.3 | |
| Brett Terpstra 2013 | |
| ruby script to create a directory structure from indented data. | |
| Three ways to use it: | |
| - Pipe indented (tabs or 2 spaces) text to the script | |
| - e.g. `cat "mytemplate" | planter.rb | |
| - Create template.tpl files in ~/.planter and call them by their base name |
| NAME=project | |
| VERSION=0.0.1 | |
| DIRS=etc lib bin sbin share | |
| INSTALL_DIRS=`find $(DIRS) -type d 2>/dev/null` | |
| INSTALL_FILES=`find $(DIRS) -type f 2>/dev/null` | |
| DOC_FILES=*.md *.txt | |
| PKG_DIR=pkg | |
| PKG_NAME=$(NAME)-$(VERSION) |
| [alias] | |
| co = checkout | |
| tagsbydate = for-each-ref --sort=-taggerdate --format='%(refname:short)' refs/tags | |
| previoustag = !sh -c 'git tagsbydate --count 2 | cut -f2 | sed -n 2p' | |
| lg = log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit -- | |
| markdownlog = log --color --pretty=format:'* %s `%Cred%h%Creset` - %C(bold blue)[%an](mailto:%ae)%Creset' --abbrev-commit --dense --no-merges --reverse | |
| releasenotes = !sh -c 'git markdownlog ...`git previoustag`' |
Assumption #1: For protocol efficiency, we will use UDP, and to avoid packet loss associated with breaking apart large UDP messages, we will attempt to limit all messages to the "minimum maximum reassembly buffer size", which is 512 bytes. Packet loss may result in a failed opportunity to engage with a particular peer, but hopefully we have lots of peers. If we really care about engaging a particular peer we can retry the handshake M times after an N second timeout.
Assumption #2: Satan is watching our packets. We don't want him to be able to be able to track public keys we are using in key exchanges through casual packet inspection. Therefore, all public keys must be sent in encrypted form. Ideally all packets in the
