Using the MySQL encrypt function in Ruby

Sun, 14 Feb 2010 17:48:00 -0000

If you’re dealing with a legacy MySQL database schema where your users’ passwords are encrypted using MySQL’s encrypt function within your schema and you want to create new records like that using Ruby rather than calling the MySQL function, you can easily do that with Ruby. Ruby supplies a crypt function that does just what the MySQL encrypt function provides. Both implementations use the UNIX C function crypt(3) so you can replace the use of one with another.

The function expects a salt value of two characters. If none is provided, a random string will be used. Take a look at this simple example:

  #!/usr/bin/env ruby -wKU

  def mysql_encrypt(pw)
    
    # compute a random salt value
    # (will end up to be a Base64 encoded string 
    # of random characters)
    salt = [Array.new(2){rand(256).chr}.join].pack("m").chomp
    return pw.crypt(salt)
  end

  encrypted_password = mysql_encrypt("test")

  puts "Encrypted password could be " + encrypted_password

  # we take the first two characters of the already
  # encrypted password as salt value
  # for the re-encryption so we end up with the same value
  
  compared_password = "test".crypt(encrypted_password[0,2])

  puts "The re-encrypted 'test' string is now " + compared_password

Creating hashed passwords using crypt(3) cannot be regarded as secure though. Take a look at the Wikipedia entry on crypt. If you’re implementing any kind of user authentication from scratch, consider using other means of hashing passwords.

www.weisserth.net : Tag rails, everything about Rails

Using the MySQL encrypt function in Ruby