Forum: JRuby String#crypt behaving differently that in MRI

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
henning mueller (Guest)
on 2013-09-19 13:45
(Received via mailing list)

I tried getting a Rails project working on JRuby 1.7.4 and a test
regarding password hashes failed. Passwords hashes are created by:

password.crypt('$6$' + salt)

On MRI (2.0.0-p247), this returns a proper sha512-crypt hash. In JRuby a
significantly shorter hash with two characters salt is returned:

=> "$6GFbj3O6XCj2"

Is this expected behaviour? For me this looks like nothing, the crypt(3)
function of glibc even supports. Do I have to use an external gem to
generate sha512-crypt hashes?

Thanks in advance!
09a41a085f93af8644a7e2e35ba987af?d=identicon&s=25 Charles N. (headius)
on 2013-09-19 18:21
(Received via mailing list)
Can you put this in the form of a bug report on Github with some code
to reproduce the effect?

We certainly don't use the libc crypt but we should produce the same
result as MRI.

An alternative that you (or we) could potentially use would be to FFI
bind the actual crypt function. I've done a prototype here:

There's also a Ruby DES library here:

In any case, we should do the right thing when you use built-in
libraries, so file an issue please.

- Charlie
Thomas E Enebo (Guest)
on 2013-09-19 18:36
(Received via mailing list)
Hmmm, my 2.0pl247 does not do this:

% jruby -e 'p "foobar".crypt(%q($6$2mlKb.sZpswpnZlt))'
% mri19 -e 'p "foobar".crypt(%q($6$2mlKb.sZpswpnZlt))'
% mri20 -e 'p "foobar".crypt(%q($6$2mlKb.sZpswpnZlt))'

Could this be some gem which is monkey-patching this method?

This output has been what I have expected from crypt for the last 25+
(2char salt prepended to front), but I agree this version of crypt is
getting outdated and probably should be a much more robust one-way hash

Thomas E Enebo (Guest)
on 2013-09-19 18:38
(Received via mailing list)
Perhaps this is just a difference as Charlie mentioned that glibc#crypt
different on different OSes now (I am running on MacOS)?  If so then we
will for sure need to use FFI to hook into this...

henning mueller (Guest)
on 2013-09-22 13:18
(Received via mailing list)

Am 19.09.2013 18:18, schrieb Charles Oliver Nutter:
> Can you put this in the form of a bug report on Github with some code
> to reproduce the effect?

I filed a bug report on GitHub:

Thanks for your efforts!
This topic is locked and can not be replied to.