Disclaimer: This post was written with the help of AI
As October draws to a close, so does Hacktoberfest, an annual celebration of open source and the community that fuels it. This year, I embarked on my Hacktoberfest journey with enthusiasm and a goal to make meaningful contributions to the projects I love. What made this year's experience even more special was the unwavering support of my company, Sitecore, which not only allows but actively encourages its team members to participate in events like Hacktoberfest. With their support, I found myself on a coding spree, churning out pull requests like they were hotcakes. While the average contributor may stop at two PRs, I, on the other hand, have submitted over a dozen pull requests, most of which delve into the fascinating world of cryptographic algorithms. So, grab your favorite drink, settle into a comfortable spot, and join me as I reflect on the exciting adventure that was Hacktoberfest 2023.
Setting Goals and Finding Inspirations
As September was ending and October was around the corner it meant only one thing. HACKTOBERFEST. It's October 1 and my excitement levels shot through the roof. The prospect of earning those coveted level 4 stickers and swag items was like the ultimate quest for a loot goblin like me. But my journey held deeper aspirations. I yearned to contribute to open source in a meaningful way, and that desire led me to a repository that had been a guiding light in my programming adventures: "The Algorithms".
This repository, like many others, housed a collection of implementations for various algorithms. What set it apart, though, was its noble purpose. It sought not only to provide code snippets but also to educate and illuminate the intricate workings of algorithms. From the humble linear search to the cryptic world of encryption algorithms, this repository meticulously explained each concept step by step.
The goal was clear: I wanted to give back to a project that had enriched my understanding of algorithms and fostered my growth as a developer. And, let's be honest, the siren call of those elusive level 4 stickers and swag was just too tempting for a loot goblin like me to resist!
Diving into the Cryptic World: My First PR
With my goals set and my determination steeled, I embarked on my Hacktoberfest journey, eager to make my first contribution. The first algorithm that caught my attention was the enigmatic yet tantalizingly and silly-named Blowfish.
Blowfish, a symmetric-key block cipher, had always intrigued me. Its complex design and applications in cryptography made it a captivating choice for my debut contribution. As I delved into the implementation, I found myself immersed in the intricacies of key generation and the encryption process, particularly the rounds.
The key generation process starts with the creation of the subkeys. It utilizes an array known as the P array, consisting of 18 keys initialized with the digits of PI. Each of these 32-bit keys serves as the basis for the subsequent subkeys. These subkeys are generated by XORing the P array entries with 32-bit chunks of the input key. This step adds a layer of security to the encryption process and ensures that the key used in Blowfish is unique to each message.
The second aspect of key generation involves the initialization of the S-boxes. Blowfish employs a series of S-boxes that substitute and permute data during the encryption and decryption processes. These S-boxes are initialized with predefined values and undergo changes based on the input key. This initialization is crucial to the algorithm's security and contributes to the strength of the encryption.
Understanding these intricacies and translating them into code was an enlightening experience. It required careful attention to bitwise operations, data transformation, and mathematical operations. Each step in key generation felt like deciphering a complex puzzle, akin to cracking a code.
The encryption process, on the other hand, was a journey through multiple rounds of data manipulation. Blowfish encrypts data by breaking it into fixed-size blocks and processing each block through a series of rounds, with each round applying a combination of substitution, permutation, and XOR operations. These rounds are the heart of Blowfish's security.
But, as often happens in the world of coding, things didn't go entirely smoothly. I had rigorously tested my implementation, meticulously checking each bitwise operation and even comparing the encryption and decryption processes to an online Blowfish implementation. Everything seemed fine, and I submitted my Pull Request with confidence.
Then, all hell broke loose. While the first test passed, everything else crashed and burned. The code that had seemed so solid suddenly revealed its flaws. It was as if I had unwittingly opened Pandora's box of bugs.
Little did I know, this issue was not a one-time challenge; it was ready to rear its ugly head many PRs later. But I didn't back down. I refactored the test code and made the necessary fixes to ensure that my implementation was robust. This unexpected challenge became a valuable lesson in the world of open source, one that would serve me well when the issue resurfaced down the line.
Unveiling the Crypto Directory: The World of Paddings
My journey through Hacktoberfest was already a thrilling adventure, but it took an unexpected turn when I decided to dive headfirst into the realm of cryptographic paddings. It all began with a simple yet intriguing question: What happens when the message is smaller than expected in cryptographic operations? As the question lingered, I found myself delving deeper into the fascinating world of paddings.
This exploration led to a significant milestone in my Hacktoberfest journey: the introduction of an entirely new section within "TheAlgorithms", the Crypto directory. Within this directory, I set out to implement various paddings, each with its unique set of rules and applications.
The Crypto directory became a canvas for my journey through padding techniques. I delved into the intricacies of several padding schemes, aiming to provide a comprehensive resource for those seeking to understand and implement secure cryptographic padding. The paddings I tackled included:
PKCS7 Padding: The PKCS7 (Public Key Cryptography Standards #7) padding is a widely used method that involves adding bytes to the end of a message to ensure it meets a specified block size. In this scheme, the value of each added byte is equal to the number of bytes added, ensuring that the recipient can determine how much padding needs to be removed when the message is decrypted.
ISO 10125-2 Padding: ISO 10125-2 padding is part of a family of ISO standards for cryptographic techniques. This padding scheme involves appending a 0x80 byte to the end of the message, followed by zero bytes until the block size is reached. It's a flexible padding method that enhances security.
ISO-7816-4 Padding: ISO-7816-4 is a standard for integrated circuit cards (smart cards) and includes padding methods for cryptographic operations on these cards. The padding ensures that the data length is a multiple of the block size.
TBC Padding (Trailing Bit Complement): TBC padding is a unique scheme that involves appending a single bit, typically '1', followed by zero bits to the end of the message. It provides a simple yet effective way to pad messages for encryption.
X9.32 Padding: X9.32 padding is often used in financial and banking applications. It involves adding zero bytes to the end of the message until the block size is reached. The number of added bytes depends on the original message size.
These padding schemes were as diverse as the cryptographic applications they served. Implementing each of them required a deep understanding of their specifications and the mathematical operations involved. It was a journey through bit manipulation, binary representation, and the intricacies of cryptographic standards.
As I added these paddings to the Crypto directory, I couldn't help but think back to my initial curiosity. The question of what happens when a message is smaller than expected had opened a door to a world of knowledge, and it had a profound impact on my understanding of cryptography and my journey through Hacktoberfest.
Furthermore, my work in the Crypto directory provided a practical lesson in the importance of security. I realized that these padding schemes could be corrupted by attackers. To address this, I implemented a function that detects malformed or tampered paddings, safeguarding the integrity of cryptographic operations.
The Enigmatic MD2 Algorithm: A Cryptographic Indigestion
As I delved deeper into the Crypto directory, I stumbled upon the enigmatic MD2 (Message-Digest Algorithm 2). MD2 is a widely used cryptographic hash function, known for its simplicity and efficiency, making it suitable for various applications such as checksums, digital signatures, and data integrity verification.
The MD2 algorithm processes data in 16-byte blocks and produces a 128-bit hash value. Its straightforward design, though, concealed a devilish challenge that would soon resurface.
As I began the implementation of MD2, I envisioned a smooth journey, building on my experience with cryptographic algorithms. However, a sinister twist awaited. The tests I had meticulously designed to ensure the correctness of the MD2 implementation started acting erratically. They were supposed to provide consistent and reliable results, but instead, they seemed to have taken a chaotic turn.
Two whole days of hair-pulling, anger-inducing, and even computer-smashing investigation followed. I was determined to uncover the root of the issue that had haunted my MD2 implementation. The answer turned out to be as unexpected as it was frustrating.
The culprit was revealed: the testing framework, NUnit, that we had relied on for years. NUnit, like any capable testing framework, employs parallelization to expedite test execution. It creates a single instance of the test class and then manipulates the data inside. This approach works well for most scenarios, but not for MD2.
In my implementation of MD2, there was the STable array, a crucial component of the MD2 algorithm. Since STable was an array, it wasn't being refreshed by individual threads, leading to what one could humorously call "MD2 indigestion."
The solution to this conundrum was as surprising as the problem itself. To ensure the reliability and consistency of the MD2 tests, I had to add the NonParallelizable decorator. This simple addition prevented the parallel execution of the MD2 tests, allowing the STable array to remain unaltered throughout each test, ensuring that MD2 had no more indigestion.
The MD2 saga served as a reminder that even in the world of cryptography and coding, unexpected villains can emerge. But with determination and a touch of humor, even the most cryptic challenges can be conquered.
A Palette-Cleanser: Jaccard's Whimsical World
Amidst the intricate and sometimes maddening world of cryptographic algorithms, I yearned for a breath of fresh air. That's when I stumbled upon the whimsical realm of Jaccard Similarity and Jaccard Distance.
Jaccard Similarity is a delightful measure that allows you to compare the similarity between two sets. It calculates the size of the intersection of the sets divided by the size of the union of the sets. A Jaccard Similarity value between 0 and 1 tells you how much the sets have in common, with 0 indicating no similarity and 1 suggesting complete similarity.
Jaccard Distance, its counterpart, quantifies the dissimilarity between two sets. It's as if it measures how far apart these sets are in the space of possibilities. The Jaccard Distance is calculated as 1 minus the Jaccard Similarity. A Jaccard Distance of 0 means the sets are identical, while a value of 1 signifies they have no elements in common.
It was a refreshing departure from the complex cryptographic algorithms I had been immersed in. Jaccard's whimsical world offered a simple yet profound way to compare and contrast sets, reminding me that beauty in code can often be found in its elegant simplicity.
But every coding experience leaves its mark, and the journey through Jaccard was no exception. While the world of Jaccard may seem straightforward, it had its own share of challenges and lessons to offer. As I delved into Jaccard Similarity and Distance, I realized that even in simplicity, there's room for nuances and details that can have a significant impact on the quality and efficiency of your code.
One lesson that stood out was the value of precision. While Jaccard may seem whimsical, the subtleties of its calculations require careful attention. In my journey through Jaccard's world, I learned to appreciate the elegance of simplicity and the hidden complexities that lie beneath.
This PR was a delightful reminder that in the world of coding, even the most straightforward concepts can harbor their own mysteries, waiting to be explored and understood. It was the perfect way to cleanse the coding palette, leaving me with a sense of wonder and readiness for the adventures that lay ahead.
Lessons from the School of Strict Code
One of the most enriching aspects of my journey with TheAlgorithms was not just the knowledge of cryptography, mathematics, and bitwise madness that I acquired but the invaluable lessons I gleaned from their rigorous and demanding PR review process.
TheAlgorithms, as a repository, upheld stringent standards when it came to accepting contributions. They followed an almost excessively strict and unforgiving vetting procedure. Every contribution had to adhere to their coding style down to the warning level, and the test coverage was held to the highest standard, not just for the individual PR but for the entire project as a whole.
At times, this strict approach felt maddening. It demanded meticulous attention to detail and pushed me to meet the highest coding standards. However, this unforgiving atmosphere became a breeding ground for excellence. I discovered that these rules, although they seemed exacting, served a critical purpose—they forced me to look at my code from every angle, to weed out bugs, and even to unearth dead code.
The journey through PR discussions was itself a valuable learning experience. It taught me the art of collaboration, patience, and how to gracefully accept critique. It was here that I honed the skill of articulating my ideas and justifying my code. I learned that discussions were not battles but opportunities for collective improvement.
What I initially viewed as a challenging and sometimes even daunting process transformed into a school of resilience and excellence. The lessons I absorbed from TheAlgorithms were not just theoretical but practical. They found their way into my professional work, where I began to apply the same level of meticulousness and precision. The experience reminded me that in the world of coding, attention to detail and adherence to strict standards can make all the difference between code that merely functions and code that excels.
The journey through TheAlgorithms wasn't just about code; it was a voyage into the realm of excellence, a place where the relentless pursuit of perfection instilled lessons that will continue to shape my coding journey in the years to come.
Gratitude: The Heart of Hacktoberfest
As I look back on my Hacktoberfest journey, I'm overwhelmed with gratitude. First and foremost, my heartfelt thanks go out to the dedicated maintainers of the open-source repositories, including TheAlgorithms, who tirelessly review contributions, provide feedback, and maintain the quality and integrity of these projects. Your commitment to the open-source community is truly commendable, and your guidance has been invaluable.
I also want to express my deep appreciation for Hacktoberfest, an event that brings the global community of developers together, fostering collaboration and innovation. It's a celebration of the open-source spirit that empowers us to learn, grow, and give back to the community.
Last but not least, I am immensely grateful to my company. Not only did they allow me to participate in Hacktoberfest, but they actively encouraged and supported my involvement. Their belief in the importance of community, learning, and contributing to open source exemplifies a progressive approach to professional development.
The lessons I've learned, the challenges I've overcome, and the friendships I've made during Hacktoberfest have been nothing short of transformative. The world of open source has welcomed me with open arms, and for that, I am deeply thankful.
In the spirit of Hacktoberfest, I encourage everyone to continue embracing the open-source community, to give back, to learn, and to be part of a global movement that is changing the world, one line of code at a time.
Thank you, from the bottom of my heart, to everyone who has made this journey unforgettable.
Top comments (0)