What these lines of code do?

M

MohsinHijazee

# What this is doing? I mean Digest.new('sha1') returns what?
digest = OpenSSL::Digest::Digest.new('sha1')

# Is it so that we say HMAC.digest to use the SHA1 algorithm?
hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)

# What the chomp method does?
signature = Base64.encode64(hmac).chomp

Asking these questions as they are not documented in the Ruby
documentation.

Regards,
Mohsin
 
J

Jano Svitok

# What this is doing? I mean Digest.new('sha1') returns what?
digest = OpenSSL::Digest::Digest.new('sha1')

# Is it so that we say HMAC.digest to use the SHA1 algorithm?
hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)

# What the chomp method does?
signature = Base64.encode64(hmac).chomp

Asking these questions as they are not documented in the Ruby
documentation.

Regards,
Mohsin

http://ruby-doc.org/stdlib/libdoc/openssl/rdoc/index.html
http://ruby-doc.org/core/classes/String.html
 
Y

yermej


There really isn't any useful documentation at that URL. You can see
the source of some methods, but there's still no explanation of terms
or how everything fits together. There are also some important classes
missing (SSLContext, Certificate).

http://en.wikipedia.org/wiki/Cryptographic_hash_function might be your
best bet for the two OpenSSL questions. Once you know what the various
terms mean, you can apply that knowledge to any crypto library.

You can also find some info in the docs at openssl.org, but they
aren't Ruby specific and won't help much if you don't have at least
some knowledge of the terms involved. I've found the O'Reilly book
'Network Security with OpenSSL' to be pretty helpful, but it isn't
Ruby specific either. There are also some simple examples packaged
with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
fitting the pieces together.
 
M

MohsinHijazee

There really isn't any useful documentation at that URL. You can see
the source of some methods, but there's still no explanation of terms
or how everything fits together. There are also some important classes
missing (SSLContext, Certificate).

http://en.wikipedia.org/wiki/Cryptographic_hash_functionmight be your
best bet for the two OpenSSL questions. Once you know what the various
terms mean, you can apply that knowledge to any crypto library.

You can also find some info in the docs at openssl.org, but they
aren't Ruby specific and won't help much if you don't have at least
some knowledge of the terms involved. I've found the O'Reilly book
'Network Security with OpenSSL' to be pretty helpful, but it isn't
Ruby specific either. There are also some simple examples packaged
with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
fitting the pieces together.
Actually, I understand the terms involved. But the problem is that
functions are not documented properly. The HMAC.digest should take two
arguments, one should be the key and the second should be the message
to be encrypted whereas its taking three arguments. In an IRB session,
even the version with two arguments complains that its being provided
with too many arguments. Anyone to clarify on this?

Regards,
Mohsin
 
M

MohsinHijazee

There really isn't any useful documentation at that URL. You can see
the source of some methods, but there's still no explanation of terms
or how everything fits together. There are also some important classes
missing (SSLContext, Certificate).

http://en.wikipedia.org/wiki/Cryptographic_hash_functionmight be your
best bet for the two OpenSSL questions. Once you know what the various
terms mean, you can apply that knowledge to any crypto library.

You can also find some info in the docs at openssl.org, but they
aren't Ruby specific and won't help much if you don't have at least
some knowledge of the terms involved. I've found the O'Reilly book
'Network Security with OpenSSL' to be pretty helpful, but it isn't
Ruby specific either. There are also some simple examples packaged
with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
fitting the pieces together.
Actually, I understand the terms involved. But the problem is that
functions are not documented properly. The HMAC.digest should take two
arguments, one should be the key and the second should be the message
to be encrypted whereas its taking three arguments. In an IRB session,
even the version with two arguments complains that its being provided
with too many arguments. Anyone to clarify on this?

Regards,
Mohsin
 
M

MohsinHijazee

There really isn't any useful documentation at that URL. You can see
the source of some methods, but there's still no explanation of terms
or how everything fits together. There are also some important classes
missing (SSLContext, Certificate).

http://en.wikipedia.org/wiki/Cryptographic_hash_functionmight be your
best bet for the two OpenSSL questions. Once you know what the various
terms mean, you can apply that knowledge to any crypto library.

You can also find some info in the docs at openssl.org, but they
aren't Ruby specific and won't help much if you don't have at least
some knowledge of the terms involved. I've found the O'Reilly book
'Network Security with OpenSSL' to be pretty helpful, but it isn't
Ruby specific either. There are also some simple examples packaged
with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
fitting the pieces together.
Actually, I understand the terms involved. But the problem is that
functions are not documented properly. The HMAC.digest should take two
arguments, one should be the key and the second should be the message
to be encrypted whereas its taking three arguments. In an IRB session,
even the version with two arguments complains that its being provided
with too many arguments. Anyone to clarify on this?

Regards,
Mohsin
 
C

Clifford Heath

MohsinHijazee said:
# What this is doing? I mean Digest.new('sha1') returns what?
digest = OpenSSL::Digest::Digest.new('sha1')

# Is it so that we say HMAC.digest to use the SHA1 algorithm?
hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)

# What the chomp method does?
signature = Base64.encode64(hmac).chomp

Asking these questions as they are not documented in the Ruby
documentation.


You should probably refer to the OpenSSL documentation, see
http://www.openssl.org
 
Y

yermej

Actually, I understand the terms involved. But the problem is that
functions are not documented properly. The HMAC.digest should take two
arguments, one should be the key and the second should be the message
to be encrypted whereas its taking three arguments. In an IRB session,
even the version with two arguments complains that its being provided
with too many arguments. Anyone to clarify on this?

Yes, it's true that the documentation is lacking. Can you post the
code and error message you get when trying to use HMAC.digest in irb?
OpenSSL::HMAC.method:)digest).arity
=> 3

and it will take three arguments, but I don't know how to use the
method so I can't be of much help. In the Ruby source, the three
arguments are named digest, key, and data.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top