yuck the first example has issues I just realized, how about this way:


def message_authentic?(ciphertext, key, presented_mac)
computed_mac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, 
OpenSSL::Digest::SHA256.new("mac" + key).to_s, ciphertext)
a = [true]
if computed_mac.length == presented_mac.length then
computer_mac.length.times do |i|
a += [computed_mac[i] == presented_mac[i]]
end
mac_verifies = a.inject(:==)
end

-- 
Posted via http://www.ruby-forum.com/.