Hello,
i had a problem with str.crypt - i got every time the same result. The problem is, that this method only use the first 8 characters of the string:
irb(main):022:0> "1234567".crypt('aa')
=> "aaOK9MRbwVNmQ"
irb(main):023:0> "12345678".crypt('aa')
=> "aaNN3X.PL2piw"
irb(main):024:0> "123456789".crypt('aa')
=> "aaNN3X.PL2piw"
If it is a feature not a bug, it should not be an undocumented feature 
. ruby-doc.org doesn't told me about this behaviour.
Have a nice day,
Patrick
String.crypt is a wrapper around Unix standard C function crypt, used to encrypt passwords. From man crypt,
By taking the lowest 7 bits of each of the first eight characters of the key, a 56-bit key
is obtained. This 56-bit key is used to encrypt repeatedly a constant string (usually a
string consisting of all zeros). The returned value points to the encrypted password, a
series of 13 printable ASCII characters (the first two characters represent the salt
itself). The return value points to static data whose content is overwritten by each
call.
There goes your explanation. But that should be documented, I agree with you. My opinion is that you should use crypt if you plan to interface somehow with Unix password database. If you want one way cryptography, try MD5:
require ‘digest/md5’
digest = Digest::MD5.hexdigest(“Hello World\n”)
puts digest
Cheers,
Vince
----- Original Message -----
From: Patrick Plattes
Date: Tuesday, December 5, 2006 2:09 pm
Subject: String#crypt first 8 characters
To: ruby-talk@ruby-lang.org (ruby-talk ML)
irb(main):022:0> “1234567”.crypt(‘aa’)
=> “aaOK9MRbwVNmQ”
irb(main):023:0> “12345678”.crypt(‘aa’)
=> “aaNN3X.PL2piw”
irb(main):024:0> “123456789”.crypt(‘aa’)
=> “aaNN3X.PL2piw”If it is a feature not a bug, it should not be an undocumented
feature
. ruby-doc.org doesn’t told me about this behaviour.
On Dec 5, 8:08 am, Patrick Plattes
...
i had a problem with str.crypt - i got every time the same result. The
problem is, that this method only use the first 8 characters of the string:
...
A little googling on 'C standard library crypt' led me to :
http://bama.ua.edu/cgi-bin/man-cgi?crypt_unix+5
It turns out the default crypt functionality only uses the first 8
chars, silently ignoring the rest.
Suggest looking into a "real" cryptographic lib. Googling for 'ruby
crypt' gave up:
http://crypt.rubyforge.org/
cheers
Hello,
i had a problem with str.crypt - i got every time the same result. The
problem is, that this method only use the first 8 characters of the string:
There are workarounds, but I think that's dependent on the OS.
For instance, the *BSD variants usually allow to use the notation
$n$salt in the salt part of the crypt to choose another algorythm (n=1
-> MD5, n=2 -> Blowfish, n=3 ->NT-Hash, at least on FreeBSD) :
"abcdefghijklmnop".crypt("$1$8aezq78a")
=> "$1$8aezq78a$reWMwf7b8UtEUWK0LM7pZ/"
"abcdefghijklmnopr".crypt("$1$8aezq78a")
=> "$1$8aezq78a$frgoGqHZ6bRujQt7qQeSP."
It seems to give the same results on some Linuxes and FreeBSD, but I
don't know exactly how portable it is.
Fred
Le 05 décembre à 14:08, Patrick Plattes a écrit :
--
So you want the world to stop Stop in and watch your body fully drop
From the time you were a Psycho, groupie, cocaine, crazy
So you want to see the show You really don't have to be a ho
From the time you were a... (System of a Down, Psycho)
Thanks for all the ideas and suggestions. I understand how crypt works and now I use an other method.
Patrick