RFC: std.uuid

[Piotr Szturmaj]

Johannes Pfau wrote:
> I've finished the port of boost.uuid to D and I'd hope to get some initial
> feedback.

Very nice. I will need UUIDs in one of my D projects :)

> This module also depends on Piotr Szturmaj's crypto library to generate
> level 3&5 UUIDS. The code for this is written, but wouldn't be included in
> phobos until official SHA1 and MD5 implementations are in phobos. Swapping
> the MD5/SHA1 implementations against a different implementation should be
> very easy.

I want to contribute it to Phobos. I will be working on a project which 
will make extensive use of cryptography. So if I'm about to write D 
crypto code anyway, I thought it might be better to contribute it to std 
(if everyone would like it).

There are couple of issues though:

* there is a pull request with SHA1 implementation using SSSE3. But it 
is only SHA1. My implementation contains all SHA flavors up to SHA-512 
without SHA-0 (which is broken). I think we should combine these 
implementations to get the best of both.

* comments about side-channel vurnelability. I think each crypto 
primitive should have a note in the docs if its vurnelable or not. That 
should be enough IMHO. It is impractical to make it safe on all 
platforms - no single general purpose crypto library is 100% safe 
against side channel attacks.

* it is not finished yet. Currently there are no ciphers, only hashes.

* after reading some posts in "Early std.crypto" thread I don't know if 
it is still welcome to Phobos. I need a "green light" first.

> Some things I'd especially like feedback for:
> * I'd really like to get suggestions for type/function names. Should the
> UUID struct be UUID/uuid/Uuid ?

UUID is the standard name. It is a shortcut similar to "UTF" which in 
Phobos is uppercase.

> * the names nameMD5UUID/nameSHAUUID look especially ugly. ideas?

uuidMD5 / uuidSHA1 ?