I've put up an initial release of DAuth: A simple-yet-flexible salted password hash based authentication utility lib for D.

Before you get too excited, know that actual cryptographic algorithms are outside the scope of this lib. Instead, it uses any Phobos-compatible digests and random number generators.

The upside: This makes DAuth fully extensible with plug-in cryptographic algorithms. The downside: It's currently limited to what little exists in Phobos right now (or in any Phobos-compatible third-party digests/RNGs I may not know about).

Full overview, sample code and (ugly) API reference are at the project's GitHub homepage:

https://github.com/Abscissa/DAuth

(DUB project name "dauth")

Hmm... how to implement keyed hash? If the salter was a delegate, it would be possible to pass the key range in the delegate context.

On 4/12/2014 6:33 PM, Kagamin wrote:
> Hmm... how to implement keyed hash? If the salter was a delegate, it
> would be possible to pass the key range in the delegate context.

Seems I have some research to do as I don't have a strong familiarity with keyed hashing, but they do appear to be important. I'll take a closer look at them.

But in any case, maybe all the callbacks should be delegates after all. In retrospect, making them "function" was probably a premature optimization. Unless there are reasonable objections, I'll change them to delegates.

On 4/12/2014 10:07 PM, Nick Sabalausky wrote:
>
> But in any case, maybe all the callbacks should be delegates after all.
> In retrospect, making them "function" was probably a premature
> optimization. Unless there are reasonable objections, I'll change them
> to delegates.
>

Done on master. Still open to reasonable objections though.

Perhaps you could implement something similar to bcrypt or one of
the other listed techniques towards the end of this article:
https://en.wikipedia.org/wiki/Bcrypt