Re: What these lines of code do?

< ^ > P N |<>|^_>< --- | ~ ...Help
On Jan 23, 8:02 pm, yermej <yer... / gmail.com> wrote:
> On Jan 23, 8:40 am, Jano Svitok <jan.svi... / gmail.com> wrote:
>
>
>
> > On Jan 23, 2008 3:05 PM, MohsinHijazee <mohsinhija... / gmail.com> wrote:
>
> > > # What this is doing? I mean Digest.new('sha1') returns what?
> > >   digest = OpenSSL::Digest::Digest.new('sha1')
>
> > > # Is it so that we say HMAC.digest to use the SHA1 algorithm?
> > >   hmac = OpenSSL::HMAC.digest(digest, SECRET_KEY, uri)
>
> > > # What the chomp method does?
> > >   signature = Base64.encode64(hmac).chomp
>
> > > Asking these questions as they are not documented in the Ruby
> > > documentation.
>
> > > Regards,
> > > Mohsin
>
> >http://ruby-doc.org/stdlib/libdoc/openssl/rdoc/index.html
>
> There really isn't any useful documentation at that URL. You can see
> the source of some methods, but there's still no explanation of terms
> or how everything fits together. There are also some important classes
> missing (SSLContext, Certificate).
>
> http://en.wikipedia.org/wiki/Cryptographic_hash_functionmight be your
> best bet for the two OpenSSL questions. Once you know what the various
> terms mean, you can apply that knowledge to any crypto library.
>
> You can also find some info in the docs at openssl.org, but they
> aren't Ruby specific and won't help much if you don't have at least
> some knowledge of the terms involved. I've found the O'Reilly book
> 'Network Security with OpenSSL' to be pretty helpful, but it isn't
> Ruby specific either. There are also some simple examples packaged
> with the Ruby source in ruby-1.8.6/sample/openssl that are helpful in
> fitting the pieces together.
Actually, I understand the terms involved. But the problem is that
functions are not documented properly. The HMAC.digest should take two
arguments, one should be the key and the second should be the message
to be encrypted whereas its taking three arguments. In an IRB session,
even the version with two arguments complains that its being provided
with too many arguments. Anyone to clarify on this?

Regards,
Mohsin