Thread overview
Cryptography
Aug 05, 2013
Larry
Aug 05, 2013
Dicebot
Aug 05, 2013
Walter Bright
Aug 05, 2013
Larry
Aug 05, 2013
Nick B
Aug 05, 2013
Kapps
Aug 06, 2013
Larry
August 05, 2013
Hello,

I would like to know how we can trust this source concerning scrypt :

http://code.dlang.org/packages/scrypt-d

And second : will there be any official package in D ?

The same goes for bcrypt and sha2 cryptographic algo.

Thanks,

Larry
August 05, 2013
On Monday, 5 August 2013 at 16:52:39 UTC, Larry wrote:
> Hello,
>
> I would like to know how we can trust this source concerning scrypt :
>
> http://code.dlang.org/packages/scrypt-d

By reading its source code if that is important.
August 05, 2013
On 8/5/2013 9:52 AM, Larry wrote:
> Hello,
>
> I would like to know how we can trust this source concerning scrypt :
>
> http://code.dlang.org/packages/scrypt-d
>
> And second : will there be any official package in D ?
>
> The same goes for bcrypt and sha2 cryptographic algo.


https://github.com/D-Programming-Deimos/openssl
August 05, 2013
Thanks,

But,

1) By trusted, I meant : that one with good background used and thinks is good (i am not skilled enough to tell) -> no memory leaks, no big f*****g breach.

Well if it is cryptographically strong or not. Again, I cannot judge of it. But thanks to remind people to read before asking.

2) I might have missed it but Openssl doesn't enable people to crypt passwords, it enables us to secure the communication layer, does it?

Thanks,

Larry
August 05, 2013
On Monday, 5 August 2013 at 16:52:39 UTC, Larry wrote:
> Hello,
>
> I would like to know how we can trust this source concerning scrypt :
>
> http://code.dlang.org/packages/scrypt-d
>
> And second : will there be any official package in D ?
>
> The same goes for bcrypt and sha2 cryptographic algo.
>
> Thanks,
>
> Larry

Looks to me like it's just a wrapper around a C library, so it's not really whether you can trust that source as it is whether you can trust the C library.
August 05, 2013
On Monday, 5 August 2013 at 18:11:55 UTC, Larry wrote:

>
> Well if it is cryptographically strong or not. Again, I cannot judge of it. But thanks to remind people to read before asking.
>

if you want something secure you could check out Blowfish by Bruce Schneier.
http://www.schneier.com/paper-blowfish-fse.html

Here is a link to some of his other algorithms:

http://www.schneier.com/cryptography.html
August 06, 2013
Thanks to you guys,

i could grab my copy.

i will use the D implementation.

Many thanks, your help is very valuable.

Larry