Blind Entropy calculation

[hortocam]

Not entirely my area, but this seems a bit off based on the walkthrough you posted in the documentation.

# calculate the blind permutations - (based purely on length and alphabet)
my $alphabet_count = 12; # all passwords have at least one case of letters
if($self->{_CONFIG}->{case_transform} =~ m/^(ALTERNATE)|(CAPITALISE)|(INVERT)|(RANDOM)$/sx){
    $alphabet_count += 12; # these configs guarantee a mix of cases
}

Shouldn't $alphabet_count = 26 for one case and 52 for mixed case?

I've fixed it locally but will probably fiddle with a few more things before submitting another pull request. Let me know your thoughts.

Using the same example script from before, I get a seen entropy of 44 and I think that should be higher so I am trying to work them out using your guide and verify the code is doing the same.

[bbusschots]

You're absolutely right - it should indeed be 26 and then += 26 for the mixed-case passwords.

I have no idea where 12 came from - the mind boggles!

Given that you found the bug, I'd prefer for you to get the credit by submitting a pull request, but I'm also happy to fix it on my end if you'd prefer. If you're still double-checking the entropy code it probably makes sense to submit the pull request when you're done - you may find another gremlin or two lurking in there.

[bbusschots]

I've fixed the typo myself and committed the code.

[hortocam]

Thanks I will grab an update. I got distracted by another project.

Sent from my iPhone

On Nov 2, 2014, at 10:59 AM, Bart Busscots notifications@github.com<mailto:notifications@github.com> wrote:

I've fixed the typo myself and committed the code.

— Reply to this email directly or view it on GitHubhttps://github.com/bbusschots/xkpasswd.pm/issues/3#issuecomment-61411935.