Note, this only checks Phobos's RNG's and digests, and only by type. This
works on a blacklist basis - it blindly accepts any Phobos-compatible RNG
digest it does not know about. This is only supplied as a convenience. It
is always your own responsibility to select an appropriate algorithm for your
And yes, unfortunately, this does currently rule out all RNG's and digests currently in Phobos (as of v2.065). They are all known to be fairly weak for password-hashing purposes, even SHA1 which despite being heavily used has known security flaws.
For random number generators, you should use a CPRNG (cryptographically secure pseudorandom number generator): http://en.wikipedia.org/wiki/Cryptographically_secure_pseudo-random_number_generator
For digests, you should use one of the SHA-2 algorithms (for example, SHA512) or, better yet, an established "key stretching" algorithm ( http://en.wikipedia.org/wiki/Key_stretching#History ), intended for password hashing. These contain deliberate inefficiencies that cannot be optimized away even with massive parallelization (such as a GPU cluster). These are NOT too inefficient to use for even high-traffic authentication, but they do thwart the parallelized brute force attacks that algorithms used for streaming data encryption, such as SHA, are increasingly susceptible to. https://crackstation.net/hashing-security.htm
bool isKnownWeak(T)(); bool isKnownWeak(T)( T digest );