Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 14 Nov 2017 19:04:32 +0100
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-dev@...ts.openwall.com
Subject: Why would crypt_all() need/want to generate additional candidate
 passwords?

Hi,

I just read the formats.h comment for the crypt_all function:


/* Computes the ciphertexts for given salt and plaintexts.
[...]
  * The count passed to cmp_all() must be equal to crypt_all()'s return 
value.
  * If an implementation does not use the salt parameter or if salt is NULL
  * (as it may be during self-test and benchmark), the return value must 
always
  * match *count the way it is after the crypt_all() call.
  * The count is passed by reference and must be updated by crypt_all() 
if it
  * computes other than the requested count (such as if it generates 
additional
  * candidate passwords on its own).  The updated count is used for c/s rate
  * calculation.  The return value is thus in the 0 to updated *count 
range. */


Why would crypt_all() generate additional candidate passwords on its own?
Are there any sample formats which make use of this weird feature?


Frank

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ