miguelmota

// Returns an array of dates between the two dates
function getDates (startDate, endDate) {
  const dates = []
  let currentDate = startDate
  const addDays = function (days) {
    const date = new Date(this.valueOf())
    date.setDate(date.getDate() + days)
    return date
  }
  while (currentDate <= endDate) {

tarcieri

It might seem like a silly exercise, but I was looking at the "NIST approved" algorithms in NaCl (i.e. AES, HMAC) and wondering if I could build an authenticated encryption system with them. djb lists AES-GCM as a "todo" secretbox primitive so unfortunately NaCl does not presently expose any AES-based authenticated encryption, only aes128ctr.

This is what I came up with using the algorithms available in NaCl:

A quick rundown:

Encrypt-then-MAC with AES-CTR (128-bit for now, 256-bit later!) encryption and HMAC SHA-512256 (i.e. SHA-512, truncated to 256-bits by NaCl via crypto_auth_hmacsha512256) authentication. MAC comparisons are performed using a NaCl supplied verifier function which is (hopefully!) constant time.

mbostock

license: gpl-3.0

fnichol

Why?

There is a long standing issue in Ruby where the net/http library by default does not check the validity of an SSL certificate during a TLS handshake. Rather than deal with the underlying problem (a missing certificate authority, a self-signed certificate, etc.) one tends to see bad hacks everywhere. This can lead to problems down the road.

From what I can see the OpenSSL library that Rails Installer delivers has no certificate authorities defined. So, let's go fetch some from the curl website. And since this is for ruby, why don't we download and install the file with a ruby script?

Installation

The Ruby Way! (Fun)