Solar Designer

It could help us to know the use cases people are now trying to use libxcrypt on FreeBSD for. What was yours, @jhgit?

@eleius Given the timing of your comment, I guess it's related to Arch Linux's decision to switch to yescrypt - https://archlinux.org/news/changes-to-default-password-hashing-algorithm-and-umask-settings/ - where among other things they wrote "Although the...

> I think ideally the related JtR work (or/and similar in hashcat) would be completed first, so that people (and even more importantly distros' defaults) would not be switching from...

This also fixes #29

@vt-alt You might want to review my edits of the `gost-yescrypt` description here.

Before merging this, would anyone please comment on the concerns I brought up in https://github.com/besser82/libxcrypt/issues/24#issuecomment-674139907

> If we made the configure script detect LTO and force `--disable-obsolete-api` when it did, do you think that would be sufficient to "ensure that build wouldn't be inadvertently usable...

If I recall correctly, code in this repo unfortunately lacks yescrypt hash string encoding, because it wasn't yet finalized back when @defuse worked on this project. It only implements the...

@Chick3nman Yes, that's the idea, and that's the concern/drawback. I think IV is meant to be cryptographically random, yet it also isn't meant to be the only thing protecting the...

@Dmc020 asked me to take a look at this issue, so here I am. > even with the correct password, hashcat fails to decipher it. Can you share the correct...