Piotr Szturmaj wrote: > Johannes Pfau wrote: >> I've finished the port of boost.uuid to D and I'd hope to get some >> initial feedback. > > Very nice. I will need UUIDs in one of my D projects :) > >> This module also depends on Piotr Szturmaj's crypto library to generate >> level 3&5 UUIDS. The code for this is written, but wouldn't be included >> in phobos until official SHA1 and MD5 implementations are in phobos. >> Swapping the MD5/SHA1 implementations against a different implementation >> should be very easy. > > I want to contribute it to Phobos. I will be working on a project which > will make extensive use of cryptography. So if I'm about to write D > crypto code anyway, I thought it might be better to contribute it to std > (if everyone would like it). > > There are couple of issues though: > > * there is a pull request with SHA1 implementation using SSSE3. But it > is only SHA1. My implementation contains all SHA flavors up to SHA-512 > without SHA-0 (which is broken). I think we should combine these > implementations to get the best of both. > > * comments about side-channel vurnelability. I think each crypto > primitive should have a note in the docs if its vurnelable or not. That > should be enough IMHO. It is impractical to make it safe on all > platforms - no single general purpose crypto library is 100% safe > against side channel attacks. > > * it is not finished yet. Currently there are no ciphers, only hashes. > > * after reading some posts in "Early std.crypto" thread I don't know if > it is still welcome to Phobos. I need a "green light" first. I read this discussion as well. But std.uuid really benefits from having sha and md5 at compile time, so using a C library as proposed in that thread would be bad for std.uuid. I hope you'll get your crypto code into phobos ;-)
Related question to the SHA/MD5 hash functions: could those be pure? > >> Some things I'd especially like feedback for: >> * I'd really like to get suggestions for type/function names. Should the >> UUID struct be UUID/uuid/Uuid ? > > UUID is the standard name. It is a shortcut similar to "UTF" which in > Phobos is uppercase. OK >> * the names nameMD5UUID/nameSHAUUID look especially ugly. ideas? > > uuidMD5 / uuidSHA1 ? that's definitely better. I think I'll use that.
