www.digitalmars.com         C & C++   DMDScript  

digitalmars.D - Cryptography

reply "Larry" <deco33 hotmail.fr> writes:
Hello,

I would like to know how we can trust this source concerning 
scrypt :

http://code.dlang.org/packages/scrypt-d

And second : will there be any official package in D ?

The same goes for bcrypt and sha2 cryptographic algo.

Thanks,

Larry
Aug 05 2013
next sibling parent "Dicebot" <public dicebot.lv> writes:
On Monday, 5 August 2013 at 16:52:39 UTC, Larry wrote:
 Hello,

 I would like to know how we can trust this source concerning 
 scrypt :

 http://code.dlang.org/packages/scrypt-d

By reading its source code if that is important.
Aug 05 2013
prev sibling next sibling parent Walter Bright <newshound2 digitalmars.com> writes:
On 8/5/2013 9:52 AM, Larry wrote:
 Hello,

 I would like to know how we can trust this source concerning scrypt :

 http://code.dlang.org/packages/scrypt-d

 And second : will there be any official package in D ?

 The same goes for bcrypt and sha2 cryptographic algo.

https://github.com/D-Programming-Deimos/openssl
Aug 05 2013
prev sibling next sibling parent "Larry" <deco33 hotmail.fr> writes:
Thanks,

But,

1) By trusted, I meant : that one with good background used and 
thinks is good (i am not skilled enough to tell) -> no memory 
leaks, no big f*****g breach.

Well if it is cryptographically strong or not. Again, I cannot 
judge of it. But thanks to remind people to read before asking.

2) I might have missed it but Openssl doesn't enable people to 
crypt passwords, it enables us to secure the communication layer, 
does it?

Thanks,

Larry
Aug 05 2013
prev sibling next sibling parent "Kapps" <opantm2+spam gmail.com> writes:
On Monday, 5 August 2013 at 16:52:39 UTC, Larry wrote:
 Hello,

 I would like to know how we can trust this source concerning 
 scrypt :

 http://code.dlang.org/packages/scrypt-d

 And second : will there be any official package in D ?

 The same goes for bcrypt and sha2 cryptographic algo.

 Thanks,

 Larry

Looks to me like it's just a wrapper around a C library, so it's not really whether you can trust that source as it is whether you can trust the C library.
Aug 05 2013
prev sibling next sibling parent "Nick B" <nick.barbalich gmail.com> writes:
On Monday, 5 August 2013 at 18:11:55 UTC, Larry wrote:

 Well if it is cryptographically strong or not. Again, I cannot 
 judge of it. But thanks to remind people to read before asking.

if you want something secure you could check out Blowfish by Bruce Schneier. http://www.schneier.com/paper-blowfish-fse.html Here is a link to some of his other algorithms: http://www.schneier.com/cryptography.html
Aug 05 2013
prev sibling parent "Larry" <deco33 hotmail.fr> writes:
Thanks to you guys,

i could grab my copy.

i will use the D implementation.

Many thanks, your help is very valuable.

Larry
Aug 06 2013