{"id":16688038,"url":"https://github.com/simlay/symmetric-key-exercise","last_synced_at":"2025-10-09T07:35:27.550Z","repository":{"id":160258963,"uuid":"635169780","full_name":"simlay/symmetric-key-exercise","owner":"simlay","description":"An exercise for company foobar doing symmetric key encryption","archived":false,"fork":false,"pushed_at":"2024-07-09T15:18:55.000Z","size":157,"stargazers_count":0,"open_issues_count":4,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-13T17:27:24.424Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simlay.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-05-02T05:43:40.000Z","updated_at":"2023-05-02T05:45:05.000Z","dependencies_parsed_at":null,"dependency_job_id":"38fe6589-50d2-41c6-9307-79176d76daea","html_url":"https://github.com/simlay/symmetric-key-exercise","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/simlay/symmetric-key-exercise","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simlay%2Fsymmetric-key-exercise","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simlay%2Fsymmetric-key-exercise/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simlay%2Fsymmetric-key-exercise/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simlay%2Fsymmetric-key-exercise/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simlay","download_url":"https://codeload.github.com/simlay/symmetric-key-exercise/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simlay%2Fsymmetric-key-exercise/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279000955,"owners_count":26082973,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-12T15:26:35.259Z","updated_at":"2025-10-09T07:35:27.521Z","avatar_url":"https://github.com/simlay.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Prompt (slightly modified)\n\nThe following test can be implemented in any programming language. You will\nhave 5 business days to complete, but it's not expected that you spend more\nthan 3 hours on it.\n\nThe assessment involves writing 2 basic programs using a shared library and a\nsymmetrical key.  Both programs will implement a command-line-interface (CLI).\nProgram 1 will take a message and the key (or passphrase) as input, using the\nkey it will encrypt the message and output a success message.  Program 2 will\ntake key as input and output the decrypted message on success and error message\non fail (i.e. wrong key).  The cryptography logic will be contained in the\nshared library to be used by both programs.  Company foobar encourages\ncreativity in solving problems.  Therefore, it is up to the candidate on how\nthe ciphertext is delivered to Program 2.  Code should be pushed to a public\ngit repo (GitHub, GitLab, BitBucket, etc) early in the development so company\nfoobar engineers can review commits.\n\nThe command line clients should provide the following:\n\n```\n$ \u003cprogram1name\u003e -k \u003ckey\u003e -m \u003cmessage\u003e  # Initiate encryption for program 1\n$ \u003cprogram2name\u003e -k \u003ckey\u003e               # Decrypt the message and output the plaintext\n```\n\nNotes:\n- You can use external packages/libraries.\n- Cryptography algorithms to be used are at the candidate's discretion.\n- Bonus for programs written in C/C++ or Go.\n- Bonus for implementing CMAKE.\n- Bonus for creating stories with weights during development.\n\n# Implementation Notes\n\n[![codecov](https://codecov.io/gh/simlay/symmetric-key-exercise/branch/main/graph/badge.svg?token=B8BF0N27WS)](https://codecov.io/gh/simlay/symmetric-key-exercise)\n\nThe prompt for this leaves a few details up to the candidate of this exercise\nand so the candidate (Sebastian Imlay) has made a few executive decisions with\npros and cons of each.\n\nAdditional Project goals (some for self education):\n\n- [X] Do not roll your own cryptography.\n- [X] Project will be done in Rust\n- [X] Cryptography dependencies are implemented in Rust\n- [X] Cryptography [dependencies are\n**reputable**](https://github.com/RustCrypto/AEADs/tree/master/chacha20poly1305).\nThe RustCrypto group is responsible for [rustsec.org](https://rustsec.org/).\n- [X] Ideally [cryptography dependencies are\naudited](https://github.com/RustCrypto/AEADs/tree/master/chacha20poly1305#security-notes).\n- [X] Select a balance of usability and security. See subjection.\n- [X] Reasonable tests and code coverage tools.\n\nThis project uses the [Chchat20 and\nPoly1305 protols](https://datatracker.ietf.org/doc/html/rfc8439) for encryption and\ndecryption.\n\nThis choice was due to a few factors:\n* An informational RFC authored by google\n* The Rust crate is maintained by the RustCrypto github organization.\n* The Rust crate has [had a security\naudit](https://github.com/RustCrypto/AEADs/tree/master/chacha20poly1305#security-notes).\n* Fancy name.\n\n## Nonce trade-offs\n\nA brief bit of research on [AEAD\nAlgorithms](https://en.wikipedia.org/wiki/Authenticated_encryption) yields the\nquestion what to do about replay attacks for this prompt.\n\nA common thing to do with things here is to use a\n[nonce](https://en.wikipedia.org/wiki/Cryptographic_nonce). This results in an\nencrypted message to be unique. This is important for network transmitted\nencrypted messages as those could be replayed.\n\nThis exercise supports:\n* Null nonces (cli argument `--no-nonce`) - encryption uses an array\n(`Vec\u003cu8\u003e`) of all zeros to encrypt/decrypt. Usage of a null nonce is\n**strongly** are not recommended as this is disregarding any bits of entropy.\n* Generated nonces (cli argument `--generate-nonce`) - encryption displays the\nnonce needed to decrypt in the `--nonce` argument. While I have done a\nrudimentary amount of statistics on nonce generation, **This nonce generation\nwas not done by a Cryptograher**.\n* Specified nonces (cli argument `--nonce`) up to 24 ASCII characters long.\nThis can be used for encryption and decryption and might be the most flexible\nway to use this application.\n\n# Usage (via cargo):\n\n## Encryption:\n```sh\n$ cargo run --bin encrypt -- --key my-key-is-cool --message \"what is this message\" --generate-nonce\n    Finished dev [unoptimized + debuginfo] target(s) in 0.03s\n     Running `target/debug/encrypt --key my-key-is-cool --message 'what is this message' --generate-nonce`\nThe nonce for this message was generated and it is: diobotcxodeklyzcocykpooa\n```\n\n## Decryption:\n```sh\n$ cargo run --bin decrypt -- --key my-key-is-cool --nonce diobotcxodeklyzcocykpooa\n    Finished dev [unoptimized + debuginfo] target(s) in 0.03s\n     Running `target/debug/decrypt --key my-key-is-cool --nonce diobotcxodeklyzcocykpooa`\nwhat is this message\n```\n\n## Help\n```sh\n$ cargo run --bin encrypt -- --help\n    Finished dev [unoptimized + debuginfo] target(s) in 0.03s\n     Running `target/debug/encrypt --help`\nUsage: encrypt [OPTIONS] --message \u003cMESSAGE\u003e --key \u003cKEY\u003e --no-nonce --generate-nonce --nonce \u003cNONCE\u003e\n\nOptions:\n  -m, --message \u003cMESSAGE\u003e\n          The message to be encrypted\n  -k, --key \u003cKEY\u003e\n          This is an encryption key. It must be less than 32 characters long\n  -e, --encrypted-file \u003cENCRYPTED_FILE\u003e\n          This is the file which an message is encrypted/decrypted to/from [default: data.dat]\n      --no-nonce\n          **NOT RECOMMENDED:** This is a helper option to enable the nonce be all zeros. This results in the encrypted message be the same on every encryption and subject to a replay attacks\n  -g, --generate-nonce\n          This is a flag to enable a newly generated nonce on encryption. This will error when used on decryption\n  -n, --nonce \u003cNONCE\u003e\n          This is the string representation of a nonce as ascii characters up to 24 characters in length. This is required for decryption unless using the unrecommended --no-nonce feature\n  -h, --help\n          Print help\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimlay%2Fsymmetric-key-exercise","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimlay%2Fsymmetric-key-exercise","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimlay%2Fsymmetric-key-exercise/lists"}